Ronald Cron
4a8c9e2cff
tls13: Add definition of mbedtls_ssl_{write,read}_early_data
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-11-23 14:29:37 +01:00
Ronald Cron
1d1d53622f
Merge pull request #6490 from xkqian/tls13_parse_early_data_indication_ee
...
The internal CI merge job ran successfully.
2022-11-23 12:31:25 +01:00
Xiaokang Qian
b157e915ad
Move the early data status set afeter all of the extensions parse
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-23 08:12:26 +00:00
Xiaokang Qian
e861ba01d4
Remove the duplicate early_data_status check
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-23 03:21:02 +00:00
Xiaokang Qian
ca09afc60a
Remove useless function and parse early data in ee
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-23 02:16:49 +00:00
Xiaokang Qian
8bee89994d
Add parse function for early data in encrypted extentions
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-22 09:40:07 +00:00
Jerry Yu
a8d3c5048f
Rename new session ticket name for TLS 1.3
...
NewSessionTicket is different with TLS 1.2.
It should not share same state.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-19 20:12:35 +08:00
Xiaokang Qian
0cc4320e16
Add EARLY_DATA guard to the early data extension in session ticket
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-16 08:43:50 +00:00
Xiaokang Qian
2cd5ce0c6b
Fix various issues cause rebase to latest code
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-15 10:33:53 +00:00
Xiaokang Qian
fe3483f9a1
Update early data doument and config dependencies
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-14 03:16:22 +00:00
Xiaokang Qian
ae07cd995a
Change ticket_flag base on review
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-14 03:16:22 +00:00
Xiaokang Qian
2d87a9eeb5
Pend one alert in case wrong EXT_EARLY_DATA length
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-14 03:16:22 +00:00
Xiaokang Qian
a042b8406d
Address some format issues
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-14 03:16:19 +00:00
Xiaokang Qian
f447e8a8d3
Address comments base on reviews
...
Improve early data indication check
Update test case to gnutls server
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-14 03:15:36 +00:00
Xiaokang Qian
a341225fd0
Change function name ssl_tls13_early_data_has_valid_ticket
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-14 03:15:05 +00:00
Xiaokang Qian
01323a46c6
Add session ticket related check when send early data
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-14 03:15:05 +00:00
Xiaokang Qian
ecc2948f21
Fix format issues
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-14 03:15:05 +00:00
Xiaokang Qian
76332816c7
Define the EARLY_DATA_STATUS
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-14 03:15:05 +00:00
Xiaokang Qian
b781a2323c
Move ssl_tls13_has_configured_ticket() back to tls13 client
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-14 03:13:51 +00:00
Xiaokang Qian
0e97d4d16d
Add early data indication to client side
...
Add fields to mbedtls_ssl_context
Add write early data indication function
Add check whether write early data indication
Add early data option to ssl_client2
Add test cases for early data
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-14 03:13:50 +00:00
Jerry Yu
97be6a913e
fix various issues
...
- typo error
- replace `ssl->hanshake` with handshake
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-09 22:43:31 +08:00
Jerry Yu
7de2ff0310
Refactor extension list print
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-08 23:51:39 +08:00
Jerry Yu
79aa721ade
Rename ext print function and macro
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-08 23:51:39 +08:00
Jerry Yu
50e00e3ac6
Refactor server hello
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-06 11:54:22 +08:00
Jerry Yu
edab637b51
Refactor new session ticket
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-06 11:54:22 +08:00
Jerry Yu
6d0e78ba22
Refactor certificate request
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-06 11:54:22 +08:00
Jerry Yu
9eba750916
Refactor encrypted extensions
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-06 11:54:22 +08:00
Jerry Yu
4b8f2f7266
Refactor sent extension message output
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-06 11:54:21 +08:00
Jerry Yu
c4bf5d658e
fix various issues
...
- Signature of
- mbedtls_tls13_set_hs_sent_ext_mask
- check_received_extension and issues
- Also fix comment issue.
- improve readablity.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-31 16:41:42 +08:00
Jerry Yu
0c354a211b
introduce sent/recv extensions field
...
And remove `extensions_present`
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-31 16:41:42 +08:00
Jerry Yu
9872eb2d69
change return type for unexpected extension
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-31 16:41:42 +08:00
Jerry Yu
43ff252688
Remove unnecessary checks.
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-31 16:41:42 +08:00
Jerry Yu
6ba9f1c959
Add extension check for NewSessionTicket
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-31 16:41:42 +08:00
Jerry Yu
2c5363e58b
Add extension check for ServerHello and HRR
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-31 16:41:42 +08:00
Jerry Yu
c55a6af9eb
Add extensions check for CertificateRequest
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-31 16:41:42 +08:00
Jerry Yu
cbd082f396
Add extension check for EncryptedExtensions
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-31 16:41:42 +08:00
Ronald Cron
a709a0f2c6
tls13: Declare PSK ephemeral key exchange mode first
...
In the PSK exchange modes extension declare first
PSK ephemeral if we support both PSK ephemeral
and PSK. This is aligned with our implementation
giving precedence to PSK ephemeral over pure PSK
and improve compatibility with GnuTLS.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-25 19:05:26 +02:00
Ronald Cron
083da8eb53
tls13: client: Improve coding style
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:42:04 +02:00
Ronald Cron
766c0cdb1f
tls13: Add missing kex guards
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:42:04 +02:00
Ronald Cron
41a443a68d
tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK.*ENABLED
...
Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED
instead of MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED to guard
code specific to one of the TLS 1.3 key exchange mode with
PSK.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:42:04 +02:00
Ronald Cron
928cbd34e7
tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
...
Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
instead of MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED to guard
code specific to the TLS 1.3 ephemeral key exchange mode.
Use it also for the dependencies of TLS 1.3 only tests
relying on ephemeral key exchange mode, but for
tests in tls13-kex-modes.sh where the change is done
later using all
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_.*ENABLED macros.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:42:04 +02:00
Ronald Cron
d29e13eb1b
tls: Use the same function in TLS 1.2 and 1.3 to check PSK conf
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-21 14:34:20 +02:00
Andrzej Kurek
c19fb08dd3
Add missing ECDH dependency in tls 1.3 client
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Jerry Yu
c79742303d
Remove unnecessary empty line and fix format issue
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-11 21:22:33 +08:00
Jerry Yu
4f77ecf409
disable session resumption when ticket expired
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-10 22:10:08 +08:00
Jerry Yu
6916e70521
fix various issues
...
- adjust guards. Remove duplicate guards and adjust format.
- Return success at function end. Not `ret`
- change input len
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-10 21:33:51 +08:00
Jerry Yu
a99cbfa2d3
fix various issues
...
- rename function and variable
- change signature of `ssl_tls13_has_configured_psk`
- remove unnecessary statements
- remove unnecessary local variables
- wrong variable initial value
- improve output message
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-08 14:35:47 +08:00
Jerry Yu
21f9095fa8
Revert "move ciphersuite validation to set_session"
...
This reverts commit 19ae6f62c7
.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-08 14:35:34 +08:00
Jerry Yu
4a698341c9
Re-org selected_identity parser
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-07 10:11:05 +08:00
Jerry Yu
6183cc7470
Re-org binders writer
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-07 10:11:05 +08:00