yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
17132 commits 1 branch 0 tags 94 MiB
Commit graph

17132 commits

This branch
This branch
All branches
Author SHA1 Message Date
Manuel Pégourié-Gonnard
01a78599b0
Merge pull request #4864 from hanno-arm/upstream_sig_alg_identifers 
TLS 1.3 MVP: Upstream TLS 1.3 SignatureAlgorithm identifiers and configuration API
 2021-08-19 09:12:59 +02:00
Janos Follath
08b2d27d58
Merge pull request #4872 from lhuang04/development_cmp0090 
Update CMake version for CMP0090
 2021-08-18 08:38:59 +01:00
Jerry Yu
447a3bee17 fix wrong typo and format issues 
Change-Id: I99a4c7d28c26bfcc43bc8947485d1dfafb6974dc
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-08-18 09:55:36 +08:00
lhuang04
8c51b73c86 Update CMake version for CMP0090 
Summary:
[CMP0090](https://cmake.org/cmake/help/latest/policy/CMP0090.html) was introduced in CMake version 3.15. The CMake version guard
should be greater or equal to 3.15.
My cmake version is 3.14.5, and run into the following error.

```
cmake --version
cmake version 3.14.5
```

```
CMake Error at CMakeLists.txt:338 (cmake_policy):
  Policy "CMP0090" is not known to this version of CMake.

-- Configuring incomplete, errors occurred!

Test Plan:
```
cmake
```

Signed-off-by: lhuang04 <lhuang04@fb.com>
 2021-08-17 12:50:11 -07:00
Jerry Yu
7276f13c93 fix comments for sig_algs parser 
Change-Id: I68bd691c4b67fb18ff9d55ead34f5517b1b981de
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-08-17 18:25:57 +08:00
Manuel Pégourié-Gonnard
684543a3a8
Merge pull request #4807 from hanno-arm/bio_recv_ret_0_eof 
Document that returning 0 from the recv callback means EOF
 2021-08-17 10:30:46 +02:00
Jerry Yu
7899de839c fix comments and format issues 
Change-Id: I927d97f9d788389d6abb9edbda0f7c3e2f8e9b63
CustomizedGitHooks: yes
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-08-17 13:26:59 +08:00
Jerry Yu
f7fce9200c Remove rsa_pss_rsae_sha256 from preset_sig_algs. 
To keep consistent with ssl_{clien2t,server2}.

Change-Id: I08dbe47a3d9b778ba3acad283f608fef4e63c626
CustomizedGitHooks: yes
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-08-17 13:26:53 +08:00
Archana
0dc86b5a2a
Remove dependency of builtin keys on storage 
The psa_open_key API depends on MBEDTLS_PSA_CRYPTO_STORAGE_C.
This is unnecessary for builtin keys and so is fixed.
Updated an open_fail test vector keeping with the same.

Signed-off-by: Archana <archana.madhavan@silabs.com>
 2021-08-17 02:46:00 +05:30
Manuel Pégourié-Gonnard
93a3ca6caf
Merge pull request #4413 from gilles-peskine-arm/tls_ext_cid-config 
Allow configuring MBEDTLS_TLS_EXT_CID at compile time
 2021-08-13 10:49:50 +02:00
Manuel Pégourié-Gonnard
f11724bf2e
Merge pull request #4861 from yuhaoth/pr/add-openssl-gnutls-tls1_3-check 
Add openssl/gnutls tls1.3 feature tests.
 2021-08-13 09:15:22 +02:00
Manuel Pégourié-Gonnard
4512f21473
Merge pull request #3572 from mpg/add-arm-linux-build 
Add arm-linux-gnueabi-gcc build
 2021-08-12 13:16:02 +02:00
Manuel Pégourié-Gonnard
5e344563e4
Merge pull request #4858 from hanno-arm/upstream_tls13_transforms 
Upstream TLS 1.3 record transformations structure fields
 2021-08-12 12:29:54 +02:00
Manuel Pégourié-Gonnard
2fb897ecf9
Merge pull request #4852 from hanno-arm/unify_cli_srv_hs_step 
Share preparatory code between client and server handshake steps
 2021-08-12 12:24:51 +02:00
Manuel Pégourié-Gonnard
b7745d2323
Merge pull request #4834 from hanno-arm/msg_layer_reset_helper 
Move messaging related session reset into separate helper function
 2021-08-12 12:20:33 +02:00
Manuel Pégourié-Gonnard
409c8f6e1b
Merge pull request #4851 from hanno-arm/hs_msg_without_checksum 
Add handshake message writing variant that doesn't update checksum
 2021-08-12 11:54:10 +02:00
Gilles Peskine
7dd2f504b3 Allow configuring MBEDTLS_TLS_EXT_CID at compile time 
The numerical identifier of the CID extension hasn't been settled yet
and different implementations use values from different drafts. Allow
configuring the value at compile time.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-08-12 10:31:01 +02:00
Hanno Becker
a9e4e6fd6f ssl_server2: Add usage string for TLS 1.3 key exchange modes 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:52 +01:00
Hanno Becker
cfa4d4b3f5 ssl_client2: Adjust usage string to recognized cmd line parameter 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
30319f1f88 Remove misplaced comment in TLS 1.3 ciphersuite definitions 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
5d045a8b89 Stick to 'ephemeral' instead of ECDHE for TLS 1.3 key exchanges 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
674f9480cf Fix typo: algorithmc -> algorithms 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
d4fa9bc710 Remove outdated mentioning of version-specific ciphersuite config 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
a2535931ac Add Doxygen documentation for TLS 1.3 key exchange macros 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
932064d660 Add ssl-opt.sh tests for ssl_client/server TLS 1.3 kex parameters 
Those tests are so far only checking that ssl_client2/ssl_server2
recognize the arguments, nothing more.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
2c0f697fbc Support TLS 1.3 key exchange config in ssl_client2/ssl_server2 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
71f1ed66c2 Add identifiers and API for configuration of TLS 1.3 key exchanges 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:28:45 +01:00
Hanno Becker
e2defad0bb Fix indentation of pre-existing code-block in ssl_tls.c 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:28:45 +01:00
Hanno Becker
ae336852c5 Add ssl-opt.sh run to TLS 1.3 test in all.sh 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:28:45 +01:00
Hanno Becker
e486b2d7bb Document use of mbedtls_ssl_conf_ciphersuites() for TLS 1.3 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:28:45 +01:00
Hanno Becker
8ca26923eb Add TLS 1.3 ciphersuites 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:28:45 +01:00
Hanno Becker
e043d15d75 Turn comments of 1.3 record transforms into Doxygen documentation 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:22:52 +01:00
Dave Rodgman
2aec149e13
Merge pull request #4248 from hanno-arm/tls13_populate_transform 
Fix and test compliance of TLS 1.3 record protection
 2021-08-11 16:41:51 +01:00
Jerry Yu
0402979ed3 Add openssl/gnutls tls1.3 feature tests. 
Add functions and test cases to make sure
tls1.3 is available in openssl/gnutls

Change-Id: I797d15117a8de96614f392e6bb2ed16b6d71ba69
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-08-11 18:09:49 +08:00
Hanno Becker
deb68ce2d1 Fix guard around TLS 1.3 SigAlg configuration 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 16:04:05 +01:00
Hanno Becker
9c6aa7bb9a Add default values for TLS 1.3 SigAlg configuration 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 13:55:49 +01:00
Hanno Becker
11ceadd382 Add cmdline param for TLS 1.3 sig alg config to ssl_{client,server}2 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 13:55:46 +01:00
Hanno Becker
1cd6e0021f Add experimental API for configuration of TLS 1.3 sig algs 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 13:55:43 +01:00
Mateusz Starzyk
e0f5227550 Add CCM test for calling finish without any input. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:31:57 +02:00
Hanno Becker
551265f879 Add TLS 1.3 IANA signature-algorithm values 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 13:03:48 +01:00
Mateusz Starzyk
8fb1754e1a Add short description for CCM test functions. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
f442de69eb Add tests for CCM corner cases. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
bccbf88bc3 Rename CCM test functions. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
2f1754916c Improve comment on local_output. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
a42f9537b5 Improve documentation for CCM's processed variable. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
b73c3ec1bc Restore MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED as default ret. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
62d22f9782 Use additional state in CCM to track auth data input. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
4f2dd8aada Fix errors returned by CCM functions. 
Add new error code for calling functions in wrong order.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
f337850738 Use const size buffer for local output in CCM decryption. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:59:36 +02:00
Mateusz Starzyk
c562788068 Fix local buffer allocation conditions. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:58:39 +02:00