mbedtls

Author	SHA1	Message	Date
Przemek Stekiel	68a01a6720	Fix session tickets related build flags in fuzz_server and ssl_server2 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-10 13:30:43 +02:00
Paul Elliott	2c282c9bd0	Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.	2022-09-23 15:48:33 +01:00
Jerry Yu	7a51305478	Add multi-session tickets test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-19 14:26:07 +08:00
Manuel Pégourié-Gonnard	e896705c1a	Take advantage of legacy_or_psa.h being public Opportunities for using the macros were spotted using: git grep -E -n -A2 'MBEDTLS_(MD\|SHA)[0-9]+_C' \| egrep 'PSA_WANT_ALG_(MD\|SHA)' then manually filtering the results. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-16 12:03:52 +02:00
Andrzej Kurek	0bc834b27f	Enable signature algorithms in ssl programs with PSA based hashes Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-12 05:37:46 -04:00
Ronald Cron	e00d6d6b55	Merge pull request #6135 from yuhaoth/pr/tls13-finalize-external-psk-negotiation TLS 1.3: SRV: Finalize external PSK negotiation	2022-08-31 17:21:57 +02:00
Jerry Yu	c5a23a0f12	fix various issues - code style - variable initialize - update comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-08-25 11:09:35 +08:00
Andrzej Kurek	8c95ac4500	Add missing dependencies / alternatives A number of places lacked the necessary dependencies on one of the used features: MD, key exchange with certificate, entropy, or ETM. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-08-22 17:46:50 -04:00
Jerry Yu	5d01c05d93	fix various issues - wrong typo in comments - replace psk null check with key_exchange_mode check - set psk NULL when error return in export hs psk Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-08-21 12:55:01 +08:00
Jerry Yu	2b7a51ba8f	Add psk_or_ephemeral mode and tests psk_or_ephemeral exists in theory. This change is for improving test coverage. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-08-21 12:51:53 +08:00
Jan Bruckner	25fdc2addb	Fix minor typos Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2022-07-26 10:52:46 +02:00
Ronald Cron	0e39ece23f	Merge pull request #5916 from yuhaoth/pr/tls13-refactor-get-sig-alg-from-pk Refactor signature algorithm chooser	2022-07-04 09:10:08 +02:00
Jerry Yu	202919c23d	refine supported sig alg print Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:18:29 +08:00
Jerry Yu	64f410c246	Add tls13 sig alg parameters Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:09 +08:00
Glenn Strauss	bd10c4e2af	Test accessors to config DN hints for cert request Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-06-29 02:54:28 -04:00
XiaokangQian	d5d5b60c07	Add comprehensive test cases for TLS1.3 server side Change-Id: I544cb12b3ffe5edd7d59fa54342ca7db5b5c8a2a Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-31 02:51:26 +00:00
Manuel Pégourié-Gonnard	9bc53a2e84	Merge pull request #5806 from josesimoes/fix-3031 Remove prompt to exit in all programs	2022-05-12 10:50:31 +02:00
Shaun Case	8b0ecbccf4	Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell. Signed-off-by: Shaun Case <warmsocks@gmail.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-05-11 21:25:51 +01:00
josesimoes	23419560c9	Remove prompt to exit in all programs Signed-off-by: José Simões <jose.simoes@eclo.solutions>	2022-05-06 17:11:22 +01:00
Przemek Stekiel	cb20d202d2	Further code optimization - key_opaque_set_alg_usage(): set alg/usage in loop - key_opaque_set_alg_usage(): add key paramteter to set default alg/usage if it is not specified by command line parameters - unify default alg/usage for client and server - optimize opaque code on client and server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-06 09:34:30 +02:00
Przemek Stekiel	296bfba924	ssl_server2: add key_opaque_algs2 usage info Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 11:08:34 +02:00
Przemek Stekiel	488efa05b6	Fix compiler warnings: initialize local variables: psa_alg, psa_alg2, psa_usage Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	134eb8b6e2	Fix style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	092128324f	ssl_client2/ss_server2: optimize code for opaque key Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	e5e9ba920f	ssl_server2: refactor opaque code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	b58c47a666	ssl_server2: use key opaque algs given from command line Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	344c561292	ssl_server2: Add support for key_opaque_algs2 command line paramtere Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	77fc9ab1ba	Fix typos and code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	4ca0d72c3b	ssl server: add key_opaque_algs command line option Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Manuel Pégourié-Gonnard	068a13d909	Merge pull request #5771 from superna9999/5761-rsa-decrypt-rework-pk-wrap-as-opaque RSA decrypt 0: Rework `mbedtls_pk_wrap_as_opaque()`	2022-05-02 09:06:49 +02:00
Neil Armstrong	94e371af91	Update mbedtls_pk_wrap_as_opaque() usage in SSL client2 & server2 Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-28 13:27:59 +02:00
Przemek Stekiel	cb322eac6b	Enable support for psa opaque DHE-PSK key exchange on the server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:54:33 +02:00
Przemek Stekiel	14d11b0877	Enable support for psa opaque ECDHE-PSK key exchange on the server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:53:55 +02:00
Przemek Stekiel	aeb710fec5	Enable support for psa opaque RSA-PSK key exchange on the server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:28 +02:00
Ronald Cron	38b8aa4f63	Merge pull request #5539 from xkqian/add_client_hello_to_server Add client hello into server side	2022-04-22 10:26:00 +02:00
Manuel Pégourié-Gonnard	21f82c7510	Merge pull request #5709 from superna9999/5625-pk-opaque-rsa-tls12 RSA sign 3b: TLS 1.2 integration testing	2022-04-22 10:05:43 +02:00
Gilles Peskine	afbfed9397	Merge pull request #5582 from gilles-peskine-arm/ssl-opt-auto-psk Run ssl-opt.sh in more reduced configurations	2022-04-21 12:03:53 +02:00
XiaokangQian	318dc763a6	Fix test failure issue and update code styles Change-Id: I0b08da1b083abdb19dc383e6f4b210f66659c109 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 09:43:51 +00:00
Glenn Strauss	e3af4cb72a	mbedtls_ssl_(read\|write)_version using tls_version remove use of MBEDTLS_SSL_MINOR_VERSION_* remove use of MBEDTLS_SSL_MAJOR_VERSION_* (only remaining use is in tests/suites/test_suite_ssl.data) Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00
Glenn Strauss	60bfe60d0f	mbedtls_ssl_ciphersuite_t min_tls_version,max_tls_version Store the TLS version in tls_version instead of major, minor version num Note: existing application use which accesses the struct member (using MBEDTLS_PRIVATE) is not compatible, as the struct is now smaller. Reduce size of mbedtls_ssl_ciphersuite_t members are defined using integral types instead of enums in order to pack structure and reduce memory usage by internal ciphersuite_definitions[] Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:12 -04:00
Neil Armstrong	f0b1271a42	Support RSA Opaque PK keys in ssl_server2 Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-13 10:49:25 +02:00
Gilles Peskine	99a732bf0c	Fix off-by-one in buffer_size usage The added null byte was accounted for twice, once by taking opt.buffer_size+1 when allocating the buffer and once by taking opt.buffer-1 when filling the buffer. Make opt.buffer_size the size that is actually read, it's less confusing that way. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-06 23:34:36 +02:00
Gilles Peskine	8bb96d96cd	Fix buffer size calculation Make sure that buf always has enough room for what it will contain. Before, this was not the case if the buffer was smaller than the default response, leading to memory corruption in ssl_server2. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-06 23:31:05 +02:00
Dave Rodgman	2cecd8aaad	Merge pull request #3624 from daxtens/timeless RFC: Fix builds with MBEDTLS_HAVE_TIME disabled and test	2022-03-15 16:43:19 +00:00
Andrzej Kurek	554b820747	Guard cache_timeout in ssl_server2 with MBEDTLS_HAVE_TIME Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-03-04 05:07:45 -05:00
Raoul Strackx	9ed9bc9377	programs/ssl: Fix compile errors when MBEDTLS_HAVE_TIME is not defined Signed-off-by: Raoul Strackx <raoul.strackx@fortanix.com> [dja: add some more fixes, tweak title] Signed-off-by: Daniel Axtens <dja@axtens.net>	2022-03-04 05:07:45 -05:00
Glenn Strauss	48a37f01b3	Add cert_cb use to programs/ssl/ssl_server2.c (for use by some tests/) Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-25 19:55:53 -05:00
Glenn Strauss	a941b62985	Create public macros for ssl_ticket key,name sizes Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-09 15:28:28 -05:00
Glenn Strauss	e328245618	Add test case use of mbedtls_ssl_ticket_rotate Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-09 14:33:16 -05:00
Manuel Pégourié-Gonnard	6f20595b6e	Merge pull request #5462 from gilles-peskine-arm/ssl-test-pkey-message-clarity Clarify key types message from ssl_client2 and ssl_server2	2022-02-03 11:33:03 +01:00

1 2 3 4 5 ...

591 commits