XiaokangQian
cc90c94413
Rebase and change code
...
Solve conflicts.
Rename functions
Align coding style
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-15 03:37:11 +00:00
XiaokangQian
c00ba81310
Remove MBEDTLS_SSL_NEW_SESSION_TICKET in TLS1.3 MVP
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-15 03:37:11 +00:00
XiaokangQian
74af2a827e
TLS1.3: Add client finish processing in client side
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-15 03:37:11 +00:00
XiaokangQian
a4c99f2c2d
Remove useless blank line
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-11 06:46:35 +00:00
XiaokangQian
3306284776
Change code base on comments
...
Remove client certificate verify in tests.
Change the layout of structure to fix abi_api check issues.
Add comments of Finished.
Align with the coding styles.
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-11 03:37:45 +00:00
XiaokangQian
d0aa3e9307
Inprove code base on review comments
...
Change debug messag for server finished.
Change name of generate_application_keys.
Remove the client vertificate tests from ssl-opt.sh.
Add test strings for server finished in ssl-opt.sh.
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 06:17:40 +00:00
XiaokangQian
aaa0e197a8
Change the alignment and names of functions and a macro
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 03:07:04 +00:00
XiaokangQian
c5c39d5800
Change code for styles and comments .etc
...
Remove useless code in union.
Rename functions and parameters.
Move definitions into othe files.
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
b51f8841c4
Change comments for export_keys callback
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
ac0385c08f
Change code based on comments
...
Move set_state function into client
Add back export_key callback function in generate
application keys
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
61bdbbc18b
Add cleanup in functions for secure reason
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
f26f6ade0c
Rebase and solve conflicts
...
Remove the double definition and change name
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
f13c56032f
Revert some changes about tls13 and macros
...
There is one PR #4988 to change it in the future
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
7c91705e21
Remove support for MBEDTLS_SSL_EXPORT_KEYS
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
a763498490
Change code based on commetns
...
Focus on the code style, naming rule,etc.
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
4cab0240c7
Change coding style
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
aa5f5c1f5d
TLS1.3: Add server finish processing in client side
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:22 +00:00
Jerry Yu
ad3a113fc6
Remove MBEDTLS_SSL_EXPORT_KEYS
...
It is always on now in `development`
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:46:43 +08:00
Jerry Yu
b85277e3af
Address various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:29 +08:00
Jerry Yu
435208a949
Improve generate_handshake_keys
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:29 +08:00
Jerry Yu
c068b6671e
Rename tls13 prefix to fix coding issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
f0ac2352d6
Refactor key_schedule_stage_handshake
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
5ccfcd4ca1
Add local variable to represent handshake
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
a0650ebb9d
tls13: add handshake key schedule
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
61e35e0047
tls13: add generate handshake keys
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
6ca7c7fd6b
Remove useless variables
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-28 18:51:40 +08:00
Jerry Yu
e06f4532ef
remove useless code
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
4836952f9d
fix tls1_3 prefix issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
b65eb2f3cf
Revert "tls13: add generate handshake keys"
...
This reverts commit f02ca4158674b974ae103849c43e0c92efc40e8c.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
e3131ef7f3
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
000f976070
Rename get_handshake_transcript
...
- Remove tls13 prefix
- Remove TLS1_3 macro wrap
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
4925ef5da1
tls13: add generate handshake keys
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
89ea321d96
tls13: add key_schedule_stage_early_data
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Joe Subbiani
2194dc477a
Replace MBEDTLS_CHAR_x with MBEDTLS_BYTE_x
...
The CHAR macros casted to an unsigned char which in this project
is garunteed to be 8 bits - the same as uint8_t (which BYTE casts
to) therefore, instances of CHAR have been swapped with BYTE and
the number of macros have been cut down
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-08-19 09:56:47 +01:00
Joe Subbiani
cd84d76e9b
Add Character byte reading macros
...
These cast to an unsigned char rather than a uint8_t
like with MBEDTLS_BYTE_x
These save alot of space and will improve maintence by
replacing the appropriate code with MBEDTLS_CHAR_x
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-08-19 09:55:41 +01:00
Hanno Becker
dfba065d80
Adjust ssl_tls13_keys.c to consolidated CID/1.3 padding granularity
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
f62a730e80
Add missing semicolon in TLS 1.3 transform generation code
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
edd5bf0a95
Fix and document minimum length of record ciphertext in TLS 1.3
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
7887a77c25
Match parameter check in TLS 1.3 populate transform to 1.2 version
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
c94060c641
Add TLS 1.3 specific key to SSL transform conversion function
...
This commit adds the TLS 1.3 specific internal function
```
mbedtls_ssl_tls13_populate_transform()
```
which creates an instance of the SSL transform structure
`mbedtls_ssl_transform` representing a TLS 1.3 record protection
mechanism.
It is analogous to the existing internal helper function
```
ssl_tls12_populate_transform()
```
which creates transform structures representing record
protection mechanisms in TLS 1.2 and earlier.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:52:49 +01:00
Hanno Becker
cd817b0630
Remove misleading comment in TLS 1.3 key schedule code
...
The implementation documentation of
```
mbedtls_ssl_tls1_3_derive_early_secrets()
```
mentioned the PSK binder key, which is misleading because the
function doesn't actually calculate it.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-31 19:40:45 +01:00
Hanno Becker
28e5f1ed57
Avoid unused variable warning in TLS 1.3 PSK binder calculation
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-26 09:29:49 +01:00
Hanno Becker
b7d9bad6be
Add helper function for calculation of TLS 1.3 PSK binder
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-24 11:20:30 +01:00
Hanno Becker
ef5235bc2e
Add TLS 1.3 second level key derivations
...
This commit adds helper functions to ssl_tls13_keys.[ch]
allowing to derive the secrets specific to each stage of
a TLS 1.3 handshake (early, handshake, application) from
the corresponding master secret (early secret, handshake
secret, master secret).
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-24 08:32:24 +01:00
Chris Jones
84a773f8e6
Rename ssl_internal.h to ssl_misc.h
...
Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-03-10 12:52:37 +00:00
Chris Jones
e2191cd789
Update includes to use library/ instead of include/mbedtls/
...
Simple find and replace using `#include (<|")mbedtls/(.*)_internal.h(>|")`
and `#include $1$2_internal.h$3`.
Also re-generated visualc files by running
`scripts/generate_visualc_files.pl`.
Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-03-10 12:52:37 +00:00
Hanno Becker
531fe3054c
Comment on hardcoding of maximum HKDF key expansion of 255 Bytes
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-16 09:50:17 +01:00
Hanno Becker
61baae7c9f
Minor fixes and improvements in TLS 1.3 key schedule documentation
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-16 09:47:47 +01:00
Hanno Becker
2dfe1327e5
Fix miscalculation of maximum TLS 1.3 HKDF label length
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-10 09:23:12 +01:00
Hanno Becker
0c42fd94bb
Fix Doxygen documentation of mbedtls_ssl_tls1_3_derive_secret()
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 12:58:29 +01:00