yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
20145 commits 1 branch 0 tags 94 MiB
Commit graph

8876 commits

Author SHA1 Message Date
Gilles Peskine
e0469b5908
Merge pull request #931 from AndrzejKurek/clihlo_cookie_pxy_fix 
Add a client hello cookie_len overflow test
 2022-06-20 19:35:54 +02:00
Andrzej Kurek
755ddff25c Fix print format in a debug message 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-06-15 07:32:02 -04:00
Andrzej Kurek
cbe14ec967 Improve variable extracting operations by using MBEDTLS_GET macros 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-06-15 07:17:28 -04:00
Andrzej Kurek
b58cf0d172 Split a debug message into two - for clarity 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-06-08 11:53:59 -04:00
Andrzej Kurek
078e9bcda6 Add the mbedtls prefix to ssl_check_dtls_clihlo_cookie 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-06-08 11:47:33 -04:00
Dave Rodgman
11930699f1
Merge pull request #5827 from wernerlewis/time_utc 
Use ASN1 UTC tags for dates before 2000
 2022-06-08 13:54:19 +01:00
Paul Elliott
5f2bc754d6
Merge pull request #5792 from yuhaoth/pr/add-tls13-moving-state-tests 
Pr/add-tls13-moving-state-tests
 2022-06-08 13:39:52 +01:00
Manuel Pégourié-Gonnard
3a833271aa
Merge pull request #5727 from SiliconLabs/feature/PSEC-3207-TLS13-hashing-HMAC-to-PSA 
Feature psec-3207 move TLS13 hashing and hmac to psa
 2022-06-08 11:53:35 +02:00
pespacek
d9aaf768b5 Fixing CI complains. 
Signed-off-by: pespacek <peter.spacek@silabs.com>
 2022-06-08 09:44:11 +02:00
pespacek
b06acd734b Fixing PSA return status 
Signed-off-by: pespacek <peter.spacek@silabs.com>
 2022-06-07 13:07:21 +02:00
Ronald Cron
209cae9c42 tls13: server: Fix state update in CLIENT_CERTIFICATE 
The state should be updated only if the handler
returns in success.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-07 10:58:22 +02:00
pespacek
670913f4dc Fixing return value for ssl_tls13_write_certificate_body() 
Signed-off-by: pespacek <peter.spacek@silabs.com>
 2022-06-07 10:53:39 +02:00
Andrzej Kurek
cfb01948c8 Add cookie parsing tests to test_suite_ssl 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-06-06 15:29:15 -04:00
Andrzej Kurek
c8183cc492 Add missing sid_len in calculations of cookie sizes 
This could lead to a potential buffer overread with small
MBEDTLS_SSL_IN_CONTENT_LEN.
Change the bound calculations so that it is apparent
what lengths and sizes are used.

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-06-06 15:28:56 -04:00
Gilles Peskine
364fd8bb71 More SSL debug messages for ClientHello parsing 
In particular, be verbose when checking the ClientHello cookie in a possible
DTLS reconnection.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-06 14:25:41 -04:00
Dave Rodgman
5e03d9e601
Merge pull request #5837 from robert-shade/robert-shade/add_subdirectory_support 
Allow building as a subdir
 2022-06-06 14:11:06 +01:00
Werner Lewis
acd01e58a3 Use ASN1 UTC tags for dates before 2000 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-01 16:24:28 +01:00
Gilles Peskine
8399cccd2e
Merge pull request #5829 from paul-elliott-arm/fix_ct_uninit_memory_access 
Fix uninitialised memory access in constant time functions
 2022-06-01 11:42:51 +02:00
Gilles Peskine
09858ae664
Merge pull request #5813 from mprse/deprecate_mbedtls_cipher_setup_psa 
Deprecate mbedtls_cipher_setup_psa()
 2022-05-31 10:56:52 +02:00
Jerry Yu
0a92d6c8eb fix move state to handshake over fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-31 15:06:04 +08:00
Dave Rodgman
a3344f7bac
Merge pull request #5767 from leorosen/avoid-null-args 
Avoid potentially passing NULL arguments
 2022-05-30 11:40:21 +01:00
XiaokangQian
e7a5da597f Remove SNI related code 
Change-Id: Ic44bdb27b1bdc5c9057078dfed936fc36bddebbe
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-30 00:59:29 +00:00
XiaokangQian
aca9048b5f Change base on review 
Fix comments
Add test cases for client authentication with empty certificate

Change-Id: Id8a741ddd997ca92e36832f26088eb0e67830ad8
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-26 00:47:11 +00:00
XiaokangQian
989f06d52d Change some comments base on review 
Change-Id: I3db2b8ca8162eb368d2f17dfeffee8b25f9edf6f
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-26 00:47:11 +00:00
XiaokangQian
63e713e8ab Fix comments 
Change-Id: Ib741f876f4d296df79565a2b8a2971918db1a77f
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-26 00:47:11 +00:00
XiaokangQian
c3017f620f Remove useless guards and refine checking 
Change-Id: I9cd3073826fc65c203e479d83bed72331ff8963d
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-26 00:47:10 +00:00
XiaokangQian
189ded2b07 Remove coordinate functions and change state machine in server side 
Change-Id: Id4abf78f493e77afc289409db691c9c61acde1d2
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-26 00:46:13 +00:00
XiaokangQian
6b916b1616 Add client certificate parse and certificate verify 
Change-Id: I638db78922a03db6f8bd70c6c5f56fb60365547d
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-26 00:40:53 +00:00
Dave Rodgman
a636d1f192
Merge pull request #5714 from daverodgman/k-stachowiak_static-runtime-option-msvc 
Enable static linking of the common runtime in MSVC
 2022-05-25 14:47:58 +01:00
Dave Rodgman
32c995afa3
Merge pull request #5724 from Biswa96/cmake-mingw 
cmake: Fix runtime library install location in mingw
 2022-05-25 13:34:43 +01:00
Paul Elliott
8fba70f66c
Merge pull request #5749 from yuhaoth/pr/add-tls13-finished-message-and-wrapup 
TLS 1.3: Add Finished Message and wrapup
 2022-05-25 12:02:06 +01:00
pespacek
3493587e05 FEATURE: mbedtls_md() in ssl_tls13_write_certificate_verify_body() 
replaced withpsa_hash_compute()
Signed-off-by: pespacek <peter.spacek@silabs.com>
 2022-05-23 13:10:48 +02:00
pespacek
a1378105cf FEATURE: use psa_hash_xxx rather than mbedtls_md_xxx for TLS 1.3. 
ssl_tls13_parse_certificate_verify()
Signed-off-by: pespacek <peter.spacek@silabs.com>
 2022-05-23 13:10:47 +02:00
Manuel Pégourié-Gonnard
69e348db85
Merge pull request #5833 from superna9999/5826-create-mbedtls-pk-can-do-psa 
Permissions 1: create `mbedtls_pk_can_do_ext()`
 2022-05-23 10:58:32 +02:00
Robert Shade
591e729b54 Allow building as a subdir 
Fixes #5688

Signed-off-by: Robert Shade <robert.shade@gmail.com>
 2022-05-21 12:55:12 -04:00
Neil Armstrong
81d391f773 Check when usage == 0 in mbedtls_pk_can_do_ext() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 09:26:16 +02:00
Neil Armstrong
b80785f1a4 Comment typo fix in mbedtls_pk_can_do_ext() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 09:25:55 +02:00
Gilles Peskine
e4d3a6a4e8
Merge pull request #5804 from superna9999/5797-remove-cipher-deps-tls 
Remove Cipher dependencies in TLS
 2022-05-19 21:02:12 +02:00
Paul Elliott
5260ce27ed Fix uninitialised memory access in constant time functions 
Fix an issue reported by Coverity whereby some constant time functions
called from the ssl decrypt code could potentially access uninitialised
memory.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-05-19 18:23:24 +01:00
Dave Rodgman
afe149d76e
Merge pull request #5846 from bootstrap-prime/development 
Fix typos in documentation and constants with typo finding tool
 2022-05-19 16:53:32 +01:00
Paul Elliott
4283a6b121
Merge pull request #5736 from gilles-peskine-arm/psa-raw_key_agreement-buffer_too_small 
Make psa_raw_key_agreement return BUFFER_TOO_SMALL
 2022-05-19 16:06:02 +01:00
Neil Armstrong
084338d336 Change mbedtls_pk_can_do_ext() usage test logic for opaque keys 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-19 16:22:40 +02:00
Jerry Yu
e3d67cb263 Improve readability 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-19 15:33:10 +08:00
Jerry Yu
fd5ea0458f add compute application transform 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-19 14:29:48 +08:00
Jerry Yu
545432310d remove zeorize from keys 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-19 11:23:25 +08:00
Jerry Yu
cc0a13fcf8 remove unnecessary empty line 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-19 10:14:24 +08:00
bootstrap-prime
6dbbf44d78
Fix typos in documentation and constants with typo finding tool 
Signed-off-by: bootstrap-prime <bootstrap.prime@gmail.com>
 2022-05-18 14:15:33 -04:00
Neil Armstrong
8395d7a37d Change guard of mbedtls_ssl_cipher_to_psa() with USE_PSA_CRYPTO || SSL_PROTO_TLS1_3 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-18 13:24:34 +02:00
Neil Armstrong
0fa8ce3498 TLS 1.3 only have AEAD ciphers, drop the PSA_ALG_IS_AEAD() check in mbedtls_ssl_tls13_get_cipher_key_info() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-18 13:19:29 +02:00
Neil Armstrong
b818e16b29 Move out common PSA code from mbedtls_ssl_tls13_generate_handshake_keys/mbedtls_ssl_tls13_generate_application_keys 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-18 13:19:29 +02:00