yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
29236 commits 1 branch 0 tags 94 MiB
Commit graph

29236 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dave Rodgman
2a6593bbb6 Slightly soften force-push suggestion 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-07 11:05:47 +00:00
Dave Rodgman
c1a4d1f09a Remove comments about rebasing vs merging; link to longer RTD document 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-07 11:04:14 +00:00
Dave Rodgman
2840523ae4 Remind contributors not to force-push 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-07 10:42:41 +00:00
Manuel Pégourié-Gonnard
5c9cc0b30f
Merge pull request #8727 from ronald-cron-arm/tls13-ignore-early-data-when-rejected 
TLS 1.3: SRV: Ignore early data when rejected
 2024-02-06 13:16:03 +00:00
Ronald Cron
d0a772740e tests: early data: Complete the handshake 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 11:15:48 +01:00
Ronald Cron
33327dab85 tests: early data: Switch to mnemonics for test scenarios 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-05 18:27:04 +01:00
Ronald Cron
71c6e65d83 tls13: ssl_msg.c: Improve/add comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-05 16:54:37 +01:00
Ronald Cron
31e2d83eee tls13: srv: Improve coding 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-05 16:45:57 +01:00
Manuel Pégourié-Gonnard
32c28cebb4
Merge pull request #8715 from valeriosetti/issue7964 
Remove all internal functions from public headers
 2024-02-05 15:09:15 +00:00
Janos Follath
747bedb0b0
Merge pull request #8733 from ivq/gcm_ad_len_check 
Add back restriction on AD length of GCM
 2024-02-05 13:33:58 +00:00
Dave Rodgman
12285c5c7c Add calls to BLOCK_CIPHER_PSA_INIT / BLOCK_CIPHER_PSA_DONE 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-02 17:52:41 +00:00
Ronald Cron
ae2d81c314 tests: tls13: Run early data test only in TLS 1.3 only config 
Temporary workaround to not run the early data test
in Windows-2013 where there is an issue with
mbedtls_vsnprintf().

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Jerry Yu
f57d14bed4 Ignore early data app msg before 2nd client hello 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Jerry Yu
263dbf7167 tls13: srv: Do not allow early data indication in 2nd ClientHello 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Ronald Cron
1483dc3bde tls13: cli: Indicate early data only in first ClientHello 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Ronald Cron
2995d35ac3 tls13: srv: Deprotect and discard early data records 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Jerry Yu
4caf3ca08c tls13: srv: Add discard_early_data_record SSL field 
Add discard_early_data_record in SSL context for
the record layer to know if it has to discard
some potential early data record and how.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Jerry Yu
064dd2b870 Adjust check order 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2024-02-02 17:31:20 +01:00
Ronald Cron
b90e695e09
Merge pull request #8692 from ronald-cron-arm/read-early-data 
TLS 1.3: SRV: Implement mbedtls_ssl_read_early_data()
 2024-02-02 14:07:47 +00:00
Ronald Cron
38dbab9f8d tests: ssl: Adjust early data test 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 20:10:41 +01:00
Ronald Cron
78a38f607c tls13: srv: Do not use early_data_status 
Due to the scope reduction for
mbedtls_ssl_read_early_data(), on
server as early data state variable
we now only need a flag in the
handshake context indicating if
the server has accepted early data
or not.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 20:10:35 +01:00
Ronald Cron
3b9034544e Revert "tls13: Introduce early_data_state SSL context field" 
This reverts commit 0883b8b625.
Due to the scope reduction of mbedtls_ssl_read_early_data()
it is not necessary anymore to refine the usage
of early_data_status/state rather the opposite.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 20:03:57 +01:00
Ronald Cron
164537c4a6 tls13: early data: Improve, add comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 19:52:30 +01:00
Ronald Cron
ed7d4bfda5 tls13: srv: Simplify mbedtls_ssl_read_early_data() API 
Do not progress the handshake in the API, just
read early data if some has been detected by
a previous call to mbedtls_ssl_handshake(),
mbedtls_ssl_handshake_step(),
mbedtls_ssl_read() or mbedtls_ssl_write().

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:45:07 +01:00
Ronald Cron
44d70a5f23 tls13: early data: Improve documentation 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:45:07 +01:00
Ronald Cron
2c4308958d ssl.h: Fix comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:45:07 +01:00
Ronald Cron
0883b8b625 tls13: Introduce early_data_state SSL context field 
Introduce early_data_state SSL context field to
distinguish better this internal state from
the status values defined for the
mbedtls_ssl_get_early_data_status() API.
Distinguish also between the client and
server states. Note that the client state
are going to be documented and reworked
as part of the implementation of
mbedtls_ssl_write_early_data().

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:45:04 +01:00
Ronald Cron
7d21cded3f ssl.h: Simplify guard 
MBEDTLS_SSL_EARLY_DATA implies
MBEDTLS_SSL_PROTO_TLS1_3 thus
MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_EARLY_DATA
is equivalent to MBEDTLS_SSL_EARLY_DATA.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:48 +01:00
Ronald Cron
7b6ee9482e tls13: srv: Reject early data in case of HRR 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Jerry Yu
579bd4d46b Update early data test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Jerry Yu
192e0f9b1d ssl_server2: Add read early data support 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Jerry Yu
d9ca354dbd tls13: srv: Add mbedtls_ssl_read_early_data() API 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Ronald Cron
3a04562ace Update mbedtls_ssl_read_early_data() definition 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Jerry Yu
032985c351 Add MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA error code 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Jerry Yu
6a5904db45 tls13: srv: Move early data size check placeholder 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Jerry Yu
739a1d4246 tls: Add internal function ssl_read_application_data() 
The function will be used by
mbedtls_ssl_read_early_data() as well.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Ronald Cron
5d0ae9021f tls13: srv: Refine early data status 
The main purpose is to know from the status
if early data can be received of not and
why.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Ronald Cron
149b0e7ca2 ssl.h: Fix comment 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Dave Rodgman
ba8e9addd9 Fix test dependencies 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-01 13:54:46 +00:00
Ronald Cron
11cc41265b
Merge pull request #8711 from ronald-cron-arm/tls13-ticket-and-early-data-unit-test 
Add TLS 1.3 ticket and early data unit tests
 2024-02-01 13:15:55 +00:00
Paul Elliott
cb88c4945a
Merge pull request #8754 from Redfoxymoon/development 
fix build for midipix
 2024-02-01 10:01:49 +00:00
Dave Rodgman
6823247376 Fix compile warning in tests 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-31 15:59:06 +00:00
Ronald Cron
eb84534ee3 Use TEST_EQUAL instead of TEST_ASSERT where possible 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-01-31 15:23:38 +01:00
Ronald Cron
5de9c6f295 Fix and add comments in ticket and early data test function 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-01-31 15:23:33 +01:00
Ronald Cron
095a3a5a29 Fix PSA init and done macros in TLS unit tests 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-01-31 15:02:09 +01:00
Ronald Cron
faf026c67c Explain purpose of test specific write/parse ticket functions 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-01-31 14:32:11 +01:00
Dave Rodgman
4c92845210
Merge pull request #8767 from daverodgman/sha-glibc-changelog 
SHA-256 and 512 support for old libc
 2024-01-31 13:21:52 +00:00
Paul Elliott
1ee85b4c61
Merge pull request #8766 from tom-cosgrove-arm/unify-clang-version-checking-in-all.sh 
Unify clang version checking in all.sh
 2024-01-31 12:51:34 +00:00
Manuel Pégourié-Gonnard
f1562a7217
Merge pull request #8657 from gilles-peskine-arm/pk-psa-bridge-design 
PK-PSA bridge design document
 2024-01-31 09:51:43 +00:00
Dave Rodgman
dae21d3808 Support SHA-512 hwcap detection on old libc 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-30 15:31:42 +00:00