599 commits

Author	SHA1	Message	Date
Gilles Peskine	8fd3254cfc	Merge pull request #6374 from mprse/enc_types ... Test TLS 1.2 builds with each encryption type	2022-10-12 12:45:50 +02:00
Jerry Yu	c79742303d	Remove unnecessary empty line and fix format issue ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-11 21:22:33 +08:00
Przemek Stekiel	d61a4d3d1a	Fix missing guard and double-space ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-11 09:40:40 +02:00
Jerry Yu	6916e70521	fix various issues ... - adjust guards. Remove duplicate guards and adjust format. - Return success at function end. Not `ret` - change input len Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-10 21:33:51 +08:00
Przemek Stekiel	68a01a6720	Fix session tickets related build flags in fuzz_server and ssl_server2 ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-10 13:30:43 +02:00
Jerry Yu	03b8f9d299	Adjust guards for dummy_tickets ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-08 14:56:38 +08:00
Jerry Yu	25ab654781	Add dummy ticket support ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-07 10:11:05 +08:00
Manuel Pégourié-Gonnard	e3358e14b2	Merge pull request #6051 from mprse/permissions_2b_v2 ... Permissions 2b: TLS 1.3 sigalg selection	2022-09-28 09:50:04 +02:00
Paul Elliott	2c282c9bd0	Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets ... TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.	2022-09-23 15:48:33 +01:00
Ronald Cron	50969e3af5	ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 15:57:57 +02:00
Jerry Yu	7a51305478	Add multi-session tickets test ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-19 14:26:07 +08:00
Manuel Pégourié-Gonnard	e896705c1a	Take advantage of legacy_or_psa.h being public ... Opportunities for using the macros were spotted using: git grep -E -n -A2 'MBEDTLS_(MD|SHA)[0-9]+_C' | egrep 'PSA_WANT_ALG_(MD|SHA)' then manually filtering the results. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-16 12:03:52 +02:00
Andrzej Kurek	0bc834b27f	Enable signature algorithms in ssl programs with PSA based hashes ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-12 05:37:46 -04:00
Ronald Cron	e00d6d6b55	Merge pull request #6135 from yuhaoth/pr/tls13-finalize-external-psk-negotiation ... TLS 1.3: SRV: Finalize external PSK negotiation	2022-08-31 17:21:57 +02:00
Jerry Yu	c5a23a0f12	fix various issues ... - code style - variable initialize - update comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-08-25 11:09:35 +08:00
Andrzej Kurek	8c95ac4500	Add missing dependencies / alternatives ... A number of places lacked the necessary dependencies on one of the used features: MD, key exchange with certificate, entropy, or ETM. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-08-22 17:46:50 -04:00
Jerry Yu	5d01c05d93	fix various issues ... - wrong typo in comments - replace psk null check with key_exchange_mode check - set psk NULL when error return in export hs psk Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-08-21 12:55:01 +08:00
Jerry Yu	2b7a51ba8f	Add psk_or_ephemeral mode and tests ... psk_or_ephemeral exists in theory. This change is for improving test coverage. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-08-21 12:51:53 +08:00
Jan Bruckner	25fdc2addb	Fix minor typos ... Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2022-07-26 10:52:46 +02:00
Ronald Cron	0e39ece23f	Merge pull request #5916 from yuhaoth/pr/tls13-refactor-get-sig-alg-from-pk ... Refactor signature algorithm chooser	2022-07-04 09:10:08 +02:00
Jerry Yu	202919c23d	refine supported sig alg print ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:18:29 +08:00
Jerry Yu	64f410c246	Add tls13 sig alg parameters ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:09 +08:00
Glenn Strauss	bd10c4e2af	Test accessors to config DN hints for cert request ... Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-06-29 02:54:28 -04:00
XiaokangQian	d5d5b60c07	Add comprehensive test cases for TLS1.3 server side ... Change-Id: I544cb12b3ffe5edd7d59fa54342ca7db5b5c8a2a Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-31 02:51:26 +00:00
Manuel Pégourié-Gonnard	9bc53a2e84	Merge pull request #5806 from josesimoes/fix-3031 ... Remove prompt to exit in all programs	2022-05-12 10:50:31 +02:00
Shaun Case	8b0ecbccf4	Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell. ... Signed-off-by: Shaun Case <warmsocks@gmail.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-05-11 21:25:51 +01:00
josesimoes	23419560c9	Remove prompt to exit in all programs ... Signed-off-by: José Simões <jose.simoes@eclo.solutions>	2022-05-06 17:11:22 +01:00
Przemek Stekiel	cb20d202d2	Further code optimization ... - key_opaque_set_alg_usage(): set alg/usage in loop - key_opaque_set_alg_usage(): add key paramteter to set default alg/usage if it is not specified by command line parameters - unify default alg/usage for client and server - optimize opaque code on client and server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-06 09:34:30 +02:00
Przemek Stekiel	296bfba924	ssl_server2: add key_opaque_algs2 usage info ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 11:08:34 +02:00
Przemek Stekiel	488efa05b6	Fix compiler warnings: initialize local variables: psa_alg, psa_alg2, psa_usage ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	134eb8b6e2	Fix style ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	092128324f	ssl_client2/ss_server2: optimize code for opaque key ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	e5e9ba920f	ssl_server2: refactor opaque code ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	b58c47a666	ssl_server2: use key opaque algs given from command line ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	344c561292	ssl_server2: Add support for key_opaque_algs2 command line paramtere ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	77fc9ab1ba	Fix typos and code style ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	4ca0d72c3b	ssl server: add key_opaque_algs command line option ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Manuel Pégourié-Gonnard	068a13d909	Merge pull request #5771 from superna9999/5761-rsa-decrypt-rework-pk-wrap-as-opaque ... RSA decrypt 0: Rework `mbedtls_pk_wrap_as_opaque()`	2022-05-02 09:06:49 +02:00
Neil Armstrong	94e371af91	Update mbedtls_pk_wrap_as_opaque() usage in SSL client2 & server2 ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-28 13:27:59 +02:00
Przemek Stekiel	cb322eac6b	Enable support for psa opaque DHE-PSK key exchange on the server side ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:54:33 +02:00
Przemek Stekiel	14d11b0877	Enable support for psa opaque ECDHE-PSK key exchange on the server side ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:53:55 +02:00
Przemek Stekiel	aeb710fec5	Enable support for psa opaque RSA-PSK key exchange on the server side ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:28 +02:00
Ronald Cron	38b8aa4f63	Merge pull request #5539 from xkqian/add_client_hello_to_server ... Add client hello into server side	2022-04-22 10:26:00 +02:00
Manuel Pégourié-Gonnard	21f82c7510	Merge pull request #5709 from superna9999/5625-pk-opaque-rsa-tls12 ... RSA sign 3b: TLS 1.2 integration testing	2022-04-22 10:05:43 +02:00
Gilles Peskine	afbfed9397	Merge pull request #5582 from gilles-peskine-arm/ssl-opt-auto-psk ... Run ssl-opt.sh in more reduced configurations	2022-04-21 12:03:53 +02:00
XiaokangQian	318dc763a6	Fix test failure issue and update code styles ... Change-Id: I0b08da1b083abdb19dc383e6f4b210f66659c109 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 09:43:51 +00:00
Glenn Strauss	e3af4cb72a	mbedtls_ssl_(read|write)_version using tls_version ... remove use of MBEDTLS_SSL_MINOR_VERSION_* remove use of MBEDTLS_SSL_MAJOR_VERSION_* (only remaining use is in tests/suites/test_suite_ssl.data) Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00
Glenn Strauss	60bfe60d0f	mbedtls_ssl_ciphersuite_t min_tls_version,max_tls_version ... Store the TLS version in tls_version instead of major, minor version num Note: existing application use which accesses the struct member (using MBEDTLS_PRIVATE) is not compatible, as the struct is now smaller. Reduce size of mbedtls_ssl_ciphersuite_t members are defined using integral types instead of enums in order to pack structure and reduce memory usage by internal ciphersuite_definitions[] Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:12 -04:00
Neil Armstrong	f0b1271a42	Support RSA Opaque PK keys in ssl_server2 ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-13 10:49:25 +02:00
Gilles Peskine	99a732bf0c	Fix off-by-one in buffer_size usage ... The added null byte was accounted for twice, once by taking opt.buffer_size+1 when allocating the buffer and once by taking opt.buffer-1 when filling the buffer. Make opt.buffer_size the size that is actually read, it's less confusing that way. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-06 23:34:36 +02:00