mbedtls

Author	SHA1	Message	Date
Jerry Yu	d450fd25ae	change max_early_data_size source Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:31 +08:00
Jerry Yu	525990fb62	set init value for max_early_data_size in session Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:28 +08:00
Jerry Yu	db6fda71e5	improve early data comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:51 +08:00
Jerry Yu	10795a0c3b	replace ticket permission set Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:48 +08:00
Jerry Yu	c2b1bc4fb6	replace early data permission check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:46 +08:00
Jerry Yu	ea96ac3da9	fix various issues - get ticket_flags with function. - improve output message and check it. - improve `ssl_server2` help message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:37 +08:00
Jerry Yu	3db60dfe5e	rename nst early data write function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:16:56 +08:00
Jerry Yu	fceddb310e	Add early data permission check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:14:54 +08:00
Jerry Yu	01da35e2c8	add early data extension of NST Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:14:52 +08:00
Jerry Yu	42020fb186	revert output message which used by testing Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-05 17:35:53 +08:00
Jerry Yu	ebb1b1d48f	fix ci test failure "skip parse certificate verify" can not be changed. It is used in `Authentication: client badcert, server none` test. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-05 11:02:15 +08:00
Jerry Yu	b55f9eb5c5	fix various issues - remove unnecessary statements - improve macro name - improve output message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-05 10:27:17 +08:00
Yanray Wang	fb0f47b1f8	tls13: srv: check tls version in ClientHello with min_tls_version When server is configured as TLS 1.3 only and receives ClientHello from a TLS 1.2 only client, it's expected to abort the handshake instead of downgrading protocol to TLS 1.2 and continuing handshake. This commit adds a check to make sure server min_tls_version always larger than received version in ClientHello. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-12-04 17:50:36 +08:00
Jerry Yu	7bb40a3650	send unexpected alert when not received eoed or app during reading early data Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-04 10:04:15 +08:00
Jerry Yu	fbf039932a	Send decode error alert when EOED parsing fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-04 10:00:37 +08:00
Jerry Yu	3be850782c	fix various issues - improve comments - rename function and macros name - remove unnecessary comments - remove extra empty lines - remove unnecessary condition Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-04 09:58:54 +08:00
Jerry Yu	0af63dc263	improve comments and output message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 17:18:04 +08:00
Jerry Yu	ee4d729555	print received early application data Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:53:50 +08:00
Jerry Yu	e96551276a	switch inbound transform to handshake Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:53:50 +08:00
Jerry Yu	75c9ab76b5	implement parser of eoed Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:53:50 +08:00
Jerry Yu	b4ed4602f2	implement coordinate of eoed Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:34:00 +08:00
Jerry Yu	d5c3496ce2	Add dummy framework of eoed state Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:32:31 +08:00
Jerry Yu	59d420f17b	empty process_end_of_early_data Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:30:34 +08:00
Jerry Yu	9b72e39701	re-introduce process_wait_flight2 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:27:08 +08:00
Jerry Yu	e32fac3d23	remove wait_flight2 state Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:25:16 +08:00
Jerry Yu	d33f7a8c72	improve document Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-29 15:09:21 +08:00
Jerry Yu	87b5ed4e5b	Add server side end-of-early-data handler Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-22 16:48:39 +08:00
Jerry Yu	7d8c3fe12c	Add wait flight2 state. The state is come from RFC8446 section A.2 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-22 16:48:39 +08:00
Jerry Yu	4e9b70e03a	Add early transform computation when accepted Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-22 16:48:39 +08:00
Jerry Yu	60e997205d	replace check string The output has been changed Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:59:25 +08:00
Jerry Yu	713ce1f889	various improvement - improve change log entry - improve comments - remove unnecessary statement - change type of client_age Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:59:25 +08:00
Jerry Yu	d84c14f80c	improve code style Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:59:24 +08:00
Jerry Yu	9cb953a402	improve document Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:59:24 +08:00
Jerry Yu	8e0174ac05	Add maximum ticket lifetime check Also add comments for age cast Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:59:24 +08:00
Jerry Yu	cf9135100e	fix various issues - fix CI failure due to wrong usage of ticket_lifetime - Improve document and comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:19 +08:00
Jerry Yu	25ba4d40ef	rename `ticket_creation` to `ticket_creation_time` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:19 +08:00
Jerry Yu	46c7926f74	Add maximum ticket lifetime check Also add comments for age cast Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:19 +08:00
Jerry Yu	28e7c554f4	Change the bottom of tolerance window The unit of ticket time has been changed to milliseconds. And age difference might be negative Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:19 +08:00
Jerry Yu	31b601aa15	improve comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:18 +08:00
Jerry Yu	ec6d07870d	Replace `start` with `ticket_creation` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:18 +08:00
Jerry Yu	f16efbc78d	fix various issues - Add comments for ticket test hooks - improve code style. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:18 +08:00
Jerry Yu	cebffc3446	change time unit of ticket to milliseconds Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:18 +08:00
Ronald Cron	97137f91b6	Merge pull request #7071 from yuhaoth/pr/tls13-ticket-add-max_early_data_size-field TLS 1.3 EarlyData: add `max_early_data_size` field for ticket	2023-11-20 08:04:57 +00:00
Tom Cosgrove	53199b1c0a	Merge pull request #6720 from yuhaoth/pr/tls13-early-data-receive-0_rtt-and-eoed TLS 1.3: EarlyData SRV: Write early data extension in EncryptedExtension	2023-11-07 13:59:13 +00:00
Tom Cosgrove	4122c16abd	Merge pull request #6945 from lpy4105/issue/6935/ticket_flags-kex-mode-determination TLS 1.3: SRV: Check ticket_flags on kex mode determination when resumption	2023-11-07 09:26:21 +00:00
Jerry Yu	7ef9fd8989	fix various issues - Debug message - Improve comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-07 14:31:37 +08:00
Jerry Yu	2bea94ce2e	check the ticket version unconditional Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-07 14:18:17 +08:00
Pengyu Lv	44670c6eda	Revert "TLS 1.3: SRV: Don't select ephemeral mode on resumption" This reverts commit `dadeb20383`. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-07 09:58:53 +08:00
Dave Rodgman	16799db69a	update headers Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-02 19:47:20 +00:00
Jerry Yu	82fd6c11bd	Add selected key and ciphersuite check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-01 10:32:17 +08:00
Jerry Yu	ce3b95e2c9	move ticket version check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-01 10:32:17 +08:00
Jerry Yu	454dda3e25	fix various issues - improve output message - Remove unnecessary checks - Simplify test command Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-01 10:28:43 +08:00
Pengyu Lv	dbd1e0d986	tls13: add helpers to check if psk[_ephemeral] allowed by ticket Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-10-31 10:17:17 +08:00
Pengyu Lv	29daf4a36b	tls13: server: fully check ticket_flags with available kex mode. We need to fully check if the provided session ticket could be used in the handshake, so that we wouldn't cause handshake failure in some cases. Here we bring `f8e50a9` back. Example scenario: A client proposes to a server, that supports only the psk_ephemeral key exchange mode, two tickets, the first one is allowed only for pure PSK key exchange mode and the second one is psk_ephemeral only. We need to select the second tickets instead of the first one whose ticket_flags forbid psk_ephemeral and thus cause a handshake failure. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-10-31 09:34:14 +08:00
Pengyu Lv	cfb23b8090	tls13: server: parse pre_shared_key only when some psk is selectable Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-10-30 15:26:26 +08:00
Jerry Yu	71c14f1db6	write early data indication in EE msg Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-10-27 10:52:49 +08:00
Jerry Yu	985c967a14	tls13: add more checks for server early data - check if it is enabled - check if it is psk mode - check if it is resumption - check if it is tls13 version Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-10-27 10:52:27 +08:00
Pengyu Lv	7b711710b2	Add check_ticket_flags helper function Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-10-24 17:07:14 +08:00
Pengyu Lv	ed5e4e86a5	Merge branch 'development' into issue/6935/ticket_flags-kex-mode-determination	2023-10-18 18:03:07 +08:00
Jerry Yu	b47b2990d6	fix various issues - fix wrong typo - remove redundant check - remove psk mode tests Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-10-18 15:50:35 +08:00
Jerry Yu	ab0da370a4	Add early data status update Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-10-12 15:02:01 +08:00
Jerry Yu	33bf240e53	Add max_early_data_size into copy list Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-10-12 15:00:26 +08:00
Dave Rodgman	2eab462a8c	Fix IAR warnings Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-10-05 13:30:37 +01:00
Manuel Pégourié-Gonnard	de8f56e936	Merge pull request #7884 from valeriosetti/issue7612 TLS: Clean up (EC)DH dependencies	2023-08-01 07:13:36 +00:00
Valerio Setti	c9ae862225	tls: use TLS 1.3 guards in ssl_tls13 modules Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-25 11:23:50 +02:00
Valerio Setti	ea59c43499	tls: fix a comment a rename a variable/symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-25 11:14:03 +02:00
Gilles Peskine	6aca2c9613	Merge pull request #7716 from mpg/psa-util-internal Split psa_util.h between internal and public	2023-07-10 18:33:23 +02:00
Manuel Pégourié-Gonnard	5c41ae867b	Merge pull request #7887 from ronald-cron-arm/fix-hrr-in-psk-kem tls13: server: Fix spurious HRR	2023-07-10 09:58:13 +02:00
Valerio Setti	3d237b5ff1	ssl_misc: fix guards for PSA data used in XXDH key exchanges Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-07 19:02:16 +02:00
Ronald Cron	8a74f07c2a	tls13: server: Fix spurious HRR If the server during a TLS 1.3 handshake selects the PSK key exchange mode, it does not matter if it did not find in the key share extension a key share for a group it supports. Such a key share is used and necessary only in the case of the ephemeral or PSK ephemeral key exchange mode. This is a possible scenario in the case of a server that supports only the PSK key exchange mode and a client that also supports a key exchange mode with ephemeral keys. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-07-07 15:53:12 +02:00
Manuel Pégourié-Gonnard	d55d66f5ec	Fix missing includes Some files relied on psa_util.h to provide the includes they need. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-07-06 12:47:28 +02:00
Przemek Stekiel	408569f91a	Adapt function name: mbedtls_ssl_tls13_generate_and_write_dh_key_exchange Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-06 12:16:44 +02:00
Przemek Stekiel	7ac93bea8c	Adapt names: dh -> xxdh Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-05 09:26:26 +02:00
Przemek Stekiel	d5f79e7297	Adapt functions names for ffdh Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-05 09:26:26 +02:00
Manuel Pégourié-Gonnard	56b159a12a	Merge pull request #7627 from mprse/ffdh_tls13_v2 Make use of FFDH keys in TLS 1.3 v.2	2023-07-03 10:12:33 +02:00
Przemek Stekiel	8c0a95374f	Adapt remaining guards to FFDH Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-15 17:07:10 +02:00
Przemek Stekiel	29c219c285	Combine mbedtls_ssl_tls13_generate_and_write_ecdh/ffdh_key_exchange functions Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	63706628d0	Adapt guards for FFDH Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:08 +02:00
Przemek Stekiel	c89f3ea9f2	Add support for FFDH in TLS 1.3 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:08 +02:00
Manuel Pégourié-Gonnard	02b10d8266	Add missing include Fix build failures with config full Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	1f2a587cdf	Use actual function instead of static inline Large static inline functions used from several translation units in the library are bad for code size as we end up with multiple copies. Use the actual function instead. There's already a comment that says so. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	2d6d993662	Use MD<->PSA functions from MD light As usual, just a search-and-replace plus: 1. Removing things from hash_info.[ch] 2. Adding new auto-enable MD_LIGHT in build-info.h 3. Including md_psa.h where needed Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
YxC	da609130f3	fix: correct calling to time function in tls13 client&server Call `mbedtls_time` to handle the case when MBEDTLS_PLATFORM_TIME_MACRO is defined Signed-off-by: Yuxiang Cao <yuxiang.cao@fortanix.com>	2023-05-22 13:22:00 -07:00
Xiaokang Qian	49f39c1e91	Fix the wrong debug _message function to _ret Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:17 +00:00
Xiaokang Qian	09c3cccf97	Update the todo comment of record size limits Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:17 +00:00
Xiaokang Qian	8bce0e6f5e	Update group ext debug message in ssl_tls13_server.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:17 +00:00
Xiaokang Qian	9f1747bb1f	Wrap lines which exceed 80 chars in ssl_tls13_server.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:14 +00:00
Ronald Cron	dad02b2bec	tls13: srv: Fix comment Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:32:05 +02:00
Ronald Cron	e45afd760d	Use specific pointer to loop over proposed cipher suites Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:32:01 +02:00
Ronald Cron	eff5673e09	Improve and align variable names for supported versions data Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	3bd2b02486	Check for TLS 1.3 version first Check for TLS 1.3 version first when parsing the supported versions extension as it is the most likely version. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	b828c7d3de	Fix, improve and add comments Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	5af4c7f0e2	tls13: srv: Add detection to negotiate TLS 1.2 Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	8c527d0be8	tls13: srv: Parse supported versions extension early Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	2f16b4ec66	tls13: srv: Postpone cipher suite selection Postpone TLS 1.3 cipher suite selection when we are sure we negotiate the version 1.3 of the protocol. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	cada410365	tls13: srv: Postpone legacy session id copy To avoid doing it twice in case we eventually negotiate the version 1.2 of the protocol, postpone the copy of the legacy session id. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	d540d995b2	tls13: srv: Postpone client random copy To avoid doing it twice in case we eventually negotiate the version 1.2 of the protocol, postpone the copy of the client random bytes. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	6458239b36	tls13: srv: Move TLS version setting When parsing the ClientHello message, move the setting of the TLS version to TLS 1.3 after the computation of the end of the list of cipher suites. At that point we are able to compute the address and end address of the list of extensions and thus able to search and parse the supported_versions extension to select which version of the TLS protocol we are going to negotiate. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Paul Elliott	d01a3bca05	Merge tag 'v3.4.0' into mbedtls-3.4.0_mergeback Mbed TLS 3.4.0	2023-03-27 18:09:49 +01:00
Valerio Setti	080a22ba75	ssl_tls13: use PSA_WANT_ALG_ECDH as symbol for marking ECDH capability Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00

1 2 3 4 5 ...

432 commits