Commit graph

19959 commits

Author SHA1 Message Date
Neil Armstrong
801abb69a5 Provide a PSA definition of mbedtls_ssl_ciphersuite_get_cipher_key_bitlen() when MBEDTLS_USE_PSA_CRYPTO is defined
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-18 13:19:29 +02:00
Manuel Pégourié-Gonnard
6ab65e28cf
Merge pull request #5842 from mprse/decrypt_tests
RSA decrypt 2: TLS 1.2 integration testing
2022-05-18 12:58:50 +02:00
Ronald Cron
9edf51d8cd
Merge pull request #5785 from gabor-mezei-arm/5460_unify_parsing_sig_alg_ext
Unify parsing of the signature algorithms extension in TLS 1.2 and TLS 1.3
CI ABI API check job failure is expected as the PR do some changes in ssl_misc.h.
@RcColes if you eventually want to request some changes, they can be done in a follow-up PR.
2022-05-17 17:01:55 +02:00
Paul Elliott
a478441517
Merge pull request #5748 from yuhaoth/pr/add-tls13-write-certificate-and-verify
TLS1.3:Add Certificate and CertificateVerify message on Server Side
2022-05-17 15:47:36 +01:00
Dave Rodgman
2a045325f9
Merge pull request #5766 from leorosen/fix-var-init
Add missing local variable initialization
2022-05-16 14:47:00 +01:00
Przemek Stekiel
8da6da3da2 ssl-opt.sh: add test of RSA Opaque keys with TLS 1.2 server for decryption
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-16 14:37:50 +02:00
Gilles Peskine
9b7e29663f
Merge pull request #4211 from ccawley2011/mingw
Fix compilation with MinGW32
2022-05-16 12:30:37 +02:00
Gilles Peskine
f46019165f
Merge pull request #5840 from bensze01/python_3.10_support
Add minimum requirements for Python 3.10 support
2022-05-16 12:29:36 +02:00
Leonid Rozenboim
a3008e7e2e Add missing local variable initialization
These issues were flagged by Coverity as instances where a local
variable may be used prior to being initialized. Please note that
none of these changes fixes any particular bug, this is just an attempt
to add more robustness.

Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com>
2022-05-13 18:08:11 +01:00
Gabor Mezei
696956da24
Typo
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-05-13 17:02:19 +02:00
Gabor Mezei
0a4298bbe9
Remove unnecessary duble conversion
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-05-13 17:02:18 +02:00
Bence Szépkúti
44f138d539 Add minimum requirements for Python 3.10 support
This is needed for min_requirements.py, since it installs the oldest
possible version of all the requirements.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2022-05-13 16:52:28 +02:00
Jerry Yu
b89125b81a Add test without server certificate
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-13 15:50:04 +08:00
Dave Rodgman
d87e46f3de
Merge pull request #3641 from okhowang/c99
Pass c99 to compiler
2022-05-12 14:01:10 +01:00
Jerry Yu
23d1a256ec fix hrr handler undefine fail
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-12 20:11:16 +08:00
Manuel Pégourié-Gonnard
1cd4f6a873
Merge pull request #5794 from mprse/cipher_dep
Fix undeclared dependencies: CIPHER
2022-05-12 13:09:04 +02:00
Manuel Pégourié-Gonnard
4014a0408e
Merge pull request #5617 from gilles-peskine-arm/chacha20-rfc7539-test-vector
PSA: ChaCha20: add RFC 7539 test vector with counter=1
2022-05-12 12:34:20 +02:00
Manuel Pégourié-Gonnard
9bc53a2e84
Merge pull request #5806 from josesimoes/fix-3031
Remove prompt to exit in all programs
2022-05-12 10:50:31 +02:00
Dave Rodgman
8b65420f42 Add comment
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-12 09:45:03 +01:00
Przemek Stekiel
da5f483ad8 all.sh: Fix order of CIPHER dependencies
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-12 10:42:20 +02:00
Przemek Stekiel
a09f835bd8 Fix CIPHER dependencies dependeny and error messages
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-12 10:42:20 +02:00
Przemek Stekiel
179d74831f all.sh: add build/test config crypto_full minus CIPHER
Dependency list:

- ['MBEDTLS_CIPHER_C']
- ['MBEDTLS_CMAC_C', 'MBEDTLS_NIST_KW_C', 'MBEDTLS_PKCS12_C', 'MBEDTLS_PKCS5_C', 'MBEDTLS_CCM_C', 'MBEDTLS_GCM_C', 'MBEDTLS_PSA_CRYPTO_C']
- ['MBEDTLS_PSA_CRYPTO_SE_C', 'MBEDTLS_PSA_CRYPTO_STORAGE_C', 'MBEDTLS_USE_PSA_CRYPTO']

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-12 10:42:20 +02:00
Przemek Stekiel
10f3a601b4 all.sh: add build/test config full minus CIPHER
Dependency list:
- ['MBEDTLS_CIPHER_C']
- ['MBEDTLS_CMAC_C', 'MBEDTLS_NIST_KW_C', 'MBEDTLS_PKCS12_C', 'MBEDTLS_PKCS5_C', 'MBEDTLS_CCM_C', 'MBEDTLS_GCM_C', 'MBEDTLS_PSA_CRYPTO_C', 'MBEDTLS_SSL_TLS_C', 'MBEDTLS_SSL_TICKET_C']
- ['MBEDTLS_PSA_CRYPTO_SE_C', 'MBEDTLS_PSA_CRYPTO_STORAGE_C', 'MBEDTLS_SSL_PROTO_TLS1_3', 'MBEDTLS_SSL_CLI_C', 'MBEDTLS_SSL_SRV_C', 'MBEDTLS_SSL_DTLS_ANTI_REPLAY', 'MBEDTLS_SSL_DTLS_CONNECTION_ID', 'MBEDTLS_USE_PSA_CRYPTO']

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-12 10:42:20 +02:00
Przemek Stekiel
ea805b4f20 mbedtls_config.h, check_config.h: fix CIPHER dependencies
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-12 10:42:20 +02:00
Dave Rodgman
58f591526e
Merge pull request #5732 from daverodgman/warmsocks_spellingfixes
Fixed spelling and typographical errors found by CodeSpell
2022-05-12 09:26:29 +01:00
Manuel Pégourié-Gonnard
34f6ac7c22
Merge pull request #5812 from adeaarm/development
Fix key_id and owner_id accessor macros
2022-05-12 10:25:02 +02:00
Dave Rodgman
c9c6e8d189 Improve comments
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-12 09:22:50 +01:00
Jerry Yu
5a26f3000d Refactor cert exchange states
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-12 14:44:59 +08:00
Jerry Yu
c450566b85 Update client auth tests
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-12 14:44:59 +08:00
Jerry Yu
f1c3c4e77c fix various issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-12 14:44:59 +08:00
Jerry Yu
c8bdbf72d3 test:add state check for certificate and verify
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-12 14:44:59 +08:00
Jerry Yu
c6e6dbf2e7 fix various issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-12 14:44:59 +08:00
Jerry Yu
4ff9e14356 Add server certificate verfiy
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-12 14:44:14 +08:00
Jerry Yu
1bff711a36 tls13:server:add server certificate writing
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-12 14:44:14 +08:00
Jerry Yu
83da34eb59 tls13:server:add dummy write certificate
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-12 14:44:14 +08:00
Dave Rodgman
3009a97e00 Minor spelling / grammar improvements
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-11 21:25:54 +01:00
Dave Rodgman
65a141a7b0 Fix minor grammatical error
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-11 21:25:54 +01:00
Andrzej Kurek
5c65c5781f Fix additional misspellings found by codespell
Remaining hits seem to be hex data, certificates,
and other miscellaneous exceptions.
List generated by running codespell -w -L 
keypair,Keypair,KeyPair,keyPair,ciph,nd

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-05-11 21:25:54 +01:00
Dave Rodgman
e27e96dd5d Revert spelling fixes to ChangeLog
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-11 21:25:54 +01:00
Shaun Case
8b0ecbccf4 Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell.
Signed-off-by: Shaun Case <warmsocks@gmail.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-11 21:25:51 +01:00
Dave Rodgman
85fba901ff Add comment
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-11 19:55:52 +01:00
Dave Rodgman
faef649dec Fix Ubuntu compile error in udp_proxy.c
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-11 19:55:45 +01:00
Dave Rodgman
f5f1cfc572 Additional CMake flag for controlling C standard
Disable compiler-specific extensions (e.g. use --std=c11 instead
of --std=gnu11).

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-11 16:26:18 +00:00
okhowang(王沛文)
df865c349a Pass c99 to compiler in CMakeLists.txt
Fixes #3631

Signed-off-by: okhowang(王沛文) <okhowang@tencent.com>
2022-05-11 16:26:11 +00:00
Gabor Mezei
86acf05b1e
Update signiture algorithm handling
Rename local variables and to simplify things use static_assert to
determine if the default signiture algorithms are not fit into the
SSL handshake structure.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-05-11 14:29:19 +02:00
Gabor Mezei
53a3b14823
Update documntation
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-05-11 14:29:19 +02:00
Gabor Mezei
c1051b62aa
Remove MBEDTLS_SSL_SIG_ALG_SET macro
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-05-11 14:29:19 +02:00
Gabor Mezei
3631cf693a
Rename signiture algorithm macros to better suite with TLS 1.2
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-05-11 14:29:19 +02:00
Gabor Mezei
24c7c2be08
Unify MBEDTLS_TLS_SIG_NONE macro definition for TLS 1.2 and 1.3
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-05-11 14:29:18 +02:00
Gabor Mezei
a3d016ce41
Rename and rewrite mbedtls_ssl_sig_hash_set_find function
Rename `mbedtls_ssl_sig_hash_set_find` function to a suitable name
and rewrite to operate TLS signature algorithm identifiers.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-05-11 14:29:18 +02:00