Valerio Setti
4bb5740a7d
Revert "pem: auto add newlines to header/footer in mbedtls_pem_write_buffer()"
...
This reverts commit 180915018d
.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-19 07:48:38 +01:00
Valerio Setti
8aec84f3a7
pkwrite: minor code reshape
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 16:04:21 +01:00
Valerio Setti
ad6d016b8f
pkwrite: fix return value in pk_get_type_ext()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-30 08:10:36 +01:00
Valerio Setti
3cc486aa11
pkparse: make pk_internal.h always available
...
This is needed because now "pk_internal.h" contains defines for
PEM strings
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-30 08:09:47 +01:00
Valerio Setti
bcc004b549
pkwrite: some reshaping for Montgomery keys in mbedtls_pk_write_pubkey_der()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-29 17:16:55 +01:00
Valerio Setti
a4f70fe3fe
pkwrite: simplify management of opaque keys
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-29 15:05:47 +01:00
Valerio Setti
f9362b7324
pk_internal: small renaming for mbedtls_pk_get_group_id()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-29 08:42:27 +01:00
Valerio Setti
bcd305913f
pk: move functions to verify RFC8410 group ID to pk_internal
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 16:27:55 +01:00
Valerio Setti
d5604bacc4
pkwrite: add internal defines for proper key buffer sizes
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 14:10:43 +01:00
Valerio Setti
605f03cb76
pkwrite: reorganize code
...
This commits just moves code around. The goal is to group together
functions by guards and functionality:
- RSA, EC, Opaque
- internal VS public
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 12:46:39 +01:00
Valerio Setti
854c737db1
pk: use common header/footer macros for pkwrite and pkparse
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 08:37:57 +01:00
Valerio Setti
180915018d
pem: auto add newlines to header/footer in mbedtls_pem_write_buffer()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 08:37:06 +01:00
Dave Rodgman
2e342f6938
Merge pull request #8546 from BrianX7c/development
...
[cipher.h] Arithmetic overflow in binary left shift operation
2023-11-22 19:36:25 +00:00
Gilles Peskine
3f5e1e81b2
Merge pull request #8440 from yuhaoth/pr/fix-missing-pre_shared_key-ext-sent-mask
...
Fix missing pre shared key ext sent mask
2023-11-22 16:40:12 +00:00
Manuel Pégourié-Gonnard
d4dc354185
Merge pull request #8541 from yanrayw/issue/ssl-fix-missing-guard
...
ssl_tls: add missing macro guard
2023-11-21 14:57:47 +00:00
Ronald Cron
effdfe7409
Merge pull request #6788 from yuhaoth/pr/fix-gnutls_anti_replay_fail
...
TLS 1.3: Fix anti replay fail from GnuTLS
2023-11-21 08:38:57 +00:00
Jerry Yu
aa5dc24df9
Change if to switch case
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:25 +08:00
Jerry Yu
60e997205d
replace check string
...
The output has been changed
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:25 +08:00
Jerry Yu
713ce1f889
various improvement
...
- improve change log entry
- improve comments
- remove unnecessary statement
- change type of client_age
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:25 +08:00
Jerry Yu
4ac648ef20
improve readability
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:24 +08:00
Jerry Yu
d84c14f80c
improve code style
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:24 +08:00
Jerry Yu
b2455d2472
Guards ticket_creation_time
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:24 +08:00
Jerry Yu
9cb953a402
improve document
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:24 +08:00
Jerry Yu
04fceb782b
Add freshness check information into document
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:24 +08:00
Jerry Yu
8e0174ac05
Add maximum ticket lifetime check
...
Also add comments for age cast
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:24 +08:00
Jerry Yu
472a69260b
fix build failure
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:20 +08:00
Jerry Yu
cf9135100e
fix various issues
...
- fix CI failure due to wrong usage of ticket_lifetime
- Improve document and comments
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:19 +08:00
Jerry Yu
342a555eef
rename ticket received
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:19 +08:00
Jerry Yu
25ba4d40ef
rename ticket_creation
to ticket_creation_time
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:19 +08:00
Jerry Yu
46c7926f74
Add maximum ticket lifetime check
...
Also add comments for age cast
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:19 +08:00
Jerry Yu
034a8b77d1
Update document of ticket age tolerance
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:19 +08:00
Jerry Yu
28e7c554f4
Change the bottom of tolerance window
...
The unit of ticket time has been changed to milliseconds.
And age difference might be negative
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:19 +08:00
Jerry Yu
3ff0b1fda3
Cleanup ticket negative tests.
...
- improve comments
- case 3/4 is for server age check.
- case 5/6 is for client age check
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Jerry Yu
31b601aa15
improve comments
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Jerry Yu
8cf44953b2
guards ticket creation field
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Jerry Yu
28547c49ed
update tests
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Jerry Yu
ec6d07870d
Replace start
with ticket_creation
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Jerry Yu
702fc590ed
Add ticket_creation field
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Jerry Yu
f16efbc78d
fix various issues
...
- Add comments for ticket test hooks
- improve code style.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Jerry Yu
03511b00aa
Replace c99 fmt macro
...
For c99 compatible compilers, we use PRI64d
and others use official fix.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Jerry Yu
fe38e948b8
Add changelog entry for anti_replay_fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Jerry Yu
cebffc3446
change time unit of ticket to milliseconds
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Gilles Peskine
8b1a124126
Merge pull request #8438 from yuhaoth/pr/disable-stdout-for-config-query-call
...
Disable stdout in require_*_configs_* functions
2023-11-20 18:27:03 +00:00
Gilles Peskine
885bcfc9d0
Merge pull request #7649 from yuhaoth/pr/add-command-for-server9-bad-saltlen
...
Add command for server9-bad-saltlen
2023-11-20 14:07:19 +00:00
Gilles Peskine
473ff34d59
Merge pull request #8489 from valeriosetti/issue8482
...
Make CCM* and CCM independent
2023-11-20 14:07:14 +00:00
Gilles Peskine
6267dd59c8
Merge pull request #8463 from gilles-peskine-arm/metatest-create
...
Create a metatest program
2023-11-20 14:07:08 +00:00
Manuel Pégourié-Gonnard
a4e7953f59
Merge pull request #8527 from lpy4105/issue/6324/driver-only-cipher+aead-tls-compat
...
[G3] Driver-only cipher+aead: TLS: compat.sh
2023-11-20 09:37:06 +00:00
Ronald Cron
97137f91b6
Merge pull request #7071 from yuhaoth/pr/tls13-ticket-add-max_early_data_size-field
...
TLS 1.3 EarlyData: add `max_early_data_size` field for ticket
2023-11-20 08:04:57 +00:00
BrianX7c
5c7ab6fe86
[cipher.h] Arithmetic overflow in binary left shift operation (MBEDTLS_KEY_BITLEN_SHIFT)
...
Fixing arithmetic overflow warning (C6297), if compiled in Visual Studio
Signed-off-by: BrianX7c <151365853+BrianX7c@users.noreply.github.com>
2023-11-18 11:07:37 +01:00
Gilles Peskine
2f40cc05f0
Improve explanations of what bad thing a metatest does
...
Especially clarify the situation with respect to mutex usage.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-16 15:13:38 +01:00