yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
19144 commits 1 branch 0 tags 94 MiB
Commit graph

19144 commits

This branch
This branch
All branches
Author SHA1 Message Date
XiaokangQian
7069cbc8d5 generate all tls13 hrr test cases for compatible mode 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 08:06:08 +00:00
XiaokangQian
c02768a399 Replace ssl->handshake with handshake in write_cookie_ext() 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 07:50:56 +00:00
XiaokangQian
9b93c0dd8d Change cookie parameters for dtls and tls 1.3 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 07:50:56 +00:00
XiaokangQian
25c9c9023c Refine cookie len to fix compile issues 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 07:50:56 +00:00
XiaokangQian
9deb90f74e Change parameter names and code style 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 07:50:56 +00:00
XiaokangQian
5e3c947841 Fix right-shift data loss issue with MBEDTLS_PUT_UINT16_BE in cookie 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 07:50:56 +00:00
XiaokangQian
233397ef88 Update code base on comments 
Remove state MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO cause no early data
Change code styles and comments
Fix cookie write issues

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 07:50:56 +00:00
XiaokangQian
0b64eedba8 Add cookies write in client hello 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 07:50:56 +00:00
XiaokangQian
8372e18080 Add 2nd client hello 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 07:50:56 +00:00
Ronald Cron
90045241e7
Merge pull request #5659 from yuhaoth/pr/fix-wrong-check-certificate-verify 
TLS1.3: Fix incorrect check for certificate verify
 2022-03-25 08:35:41 +01:00
Jerry Yu
72d81e56b6 Add cert_sig_algs into offered list 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-24 22:13:57 +08:00
Jerry Yu
7de79850c9 Add cert_sig_algs for compat generate script 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-24 20:09:00 +08:00
Manuel Pégourié-Gonnard
5e4bf95d09
Merge pull request #5602 from superna9999/5174-md-hmac-dtls-cookies 
MD: HMAC in DTLS cookies
 2022-03-23 13:05:24 +01:00
Jerry Yu
3616533d26 tls13:remove ec check from validate certification 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 19:46:05 +08:00
Neil Armstrong
488a40eecb Rename psa_hmac to psa_hmac_key in mbedtls_ssl_cookie_ctx 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-22 10:41:38 +01:00
Neil Armstrong
c0db7623ec Also guard include of mbedtls/threading.h in ssl_cookie.h when USE_PSA_CRYPTO is set 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-22 10:38:58 +01:00
Neil Armstrong
79daea25db Handle and return translated PSA errors in ssl_cookie.c 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-21 12:05:51 +01:00
Neil Armstrong
2d5e343c75 Use inline PSA code instead of using ssl_cookie_hmac in mbedtls_ssl_cookie_write() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-21 11:39:52 +01:00
Manuel Pégourié-Gonnard
f4042f076b
Merge pull request #5573 from superna9999/5176-5177-5178-5179-tsl-record-hmac 
TLS record HMAC
 2022-03-21 11:36:44 +01:00
Manuel Pégourié-Gonnard
706f6bae27
Merge pull request #5518 from superna9999/5274-ecdsa-signing 
PK: ECDSA signing
 2022-03-21 09:57:57 +01:00
Manuel Pégourié-Gonnard
472044f21e
Merge pull request #5525 from superna9999/5161-pk-rsa-encryption 
PK: RSA encryption
 2022-03-21 09:57:38 +01:00
Ronald Cron
8d7afc642c
Merge pull request #5523 from ronald-cron-arm/one-flush-output-development 
TLS 1.3: One flush output
 2022-03-21 08:44:04 +01:00
Neil Armstrong
62e6ea2c22 Avoid spurious write to *olen in PSA version of rsa_encrypt_wrap() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 15:39:49 +01:00
Neil Armstrong
c23d2e3ef1 Wrap unused declaration in #if/#endif when USE_PSA is set in x509_csr_check() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 15:31:59 +01:00
Neil Armstrong
17a0655c8d Add documentation to find_ecdsa_private_key() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 15:27:38 +01:00
Neil Armstrong
05132ed490 md_alg is used in ecdsa_sign_wrap(), cleanup code 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 15:14:57 +01:00
Neil Armstrong
cb753a6945 Use mbedtls_eckey_info directly in ecdsa_sign_wrap() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 15:14:48 +01:00
Manuel Pégourié-Gonnard
e5b53193e0
Merge pull request #5636 from mprse/tls_ecdh_2b 
TLS ECDH 2b: client-side static ECDH (1.2)
 2022-03-18 11:36:53 +01:00
Neil Armstrong
0ab7a232b5 Add non-PSA and PSA variant of test_XXXX_constant_flow all.sh tests 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 11:10:09 +01:00
Neil Armstrong
8f92bf3a26 Only make PSA HMAC key exportable when NULL or CBC & not EtM in build_transforms() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 11:10:09 +01:00
Neil Armstrong
29c0c040fc Only make PSA HMAC key exportable when NULL or CBC & not EtM in ssl_tls12_populate_transform() 
This requires moving the HMAC init after CIPHER init.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 11:10:09 +01:00
Neil Armstrong
9ebb9ff60c Reduce HMAC buffer usage in PSA version of mbedtls_ct_hmac() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 11:09:58 +01:00
Neil Armstrong
72c2f76c43 Assume MAC key length is always exactly the output size in PSA version of mbedtls_ct_hmac() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 11:09:36 +01:00
Neil Armstrong
36cc13b340 Use PSA defines for buffers in PSA version of mbedtls_ct_hmac() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 11:09:20 +01:00
Neil Armstrong
ae57cfd3e7 Use psa_ssl_status_to_mbedtls in PSA version of mbedtls_ct_hmac() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 10:00:10 +01:00
Neil Armstrong
28d9c631b8 Fix comments in PSA version of mbedtls_ct_hmac() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 10:00:10 +01:00
Manuel Pégourié-Gonnard
8d4bc5eeb9
Merge pull request #5481 from gabor-mezei-arm/5401_implement_hkdf_extract_based_on_psa_hmac 
HKDF 1a: Implement Extract in TLS 1.3 based on PSA HMAC
 2022-03-17 11:55:48 +01:00
Manuel Pégourié-Gonnard
15c0e39fff
Merge pull request #5519 from superna9999/5150-pk-rsa-decryption 
PK: RSA decryption
 2022-03-17 11:02:13 +01:00
Manuel Pégourié-Gonnard
7c92fe966a
Merge pull request #5614 from gabor-mezei-arm/5203_tls_cipher_tickets_use_psa_for_protection 
TLS Cipher 2a: tickets: use PSA for protection
 2022-03-17 09:50:09 +01:00
Manuel Pégourié-Gonnard
560ef5975c
Merge pull request #5613 from mprse/tls_ecdh_2a 
TLS ECDH 2a: server-side ECDHE-ECDSA and ECDHE-RSA (1.2)
 2022-03-17 09:29:41 +01:00
Przemek Stekiel
068a6b4013 ssl_check_server_ecdh_params():Adapt build flags 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-17 07:54:09 +01:00
Gabor Mezei
88f3b2e502
Update old style test function parameter handling 
Use data_t type for hex string parameters.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-03-16 16:53:23 +01:00
Neil Armstrong
da1d80db19 Use mbedtls_rsa_info directly in rsa_encrypt_wrap() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-16 15:36:32 +01:00
Neil Armstrong
7b1dc85919 Simplify padding check and get rid of psa_sig_md in rsa_encrypt_wrap() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-16 15:36:06 +01:00
Neil Armstrong
6b03a3de5c Use mbedtls_rsa_info directly in rsa_decrypt_wrap() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-16 15:31:07 +01:00
Neil Armstrong
8e80504b46 Simplify padding check and get rid of psa_sig_md in rsa_decrypt_wrap() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-16 15:30:31 +01:00
Gabor Mezei
103e08aab9
Fix return value handling 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-03-16 13:45:41 +01:00
Przemek Stekiel
561a42392a ssl_parse_signature_algorithm(): refactor PSA CRYPTO code 
- use mbedtls_ecp_point_write_binary() instead mbedtls_mpi_write_binary().
- add check for ECDH curve type in server's certificate

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-16 13:16:24 +01:00
Gabor Mezei
5b8b890a61
Check PSA functions' return value before converting 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-03-16 12:56:58 +01:00
Gabor Mezei
36c9f51ef2
Use size_t instead of int to silence compiler warnings 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-03-16 12:55:32 +01:00