yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
25892 commits 1 branch 0 tags 94 MiB
Commit graph

287 commits

Author SHA1 Message Date
Valerio Setti
dbd01cb677 tls13: fix guards for PSA error translating function 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-04 09:18:52 +02:00
Manuel Pégourié-Gonnard
56b159a12a
Merge pull request #7627 from mprse/ffdh_tls13_v2 
Make use of FFDH keys in TLS 1.3 v.2
 2023-07-03 10:12:33 +02:00
Andrzej Kurek
a6033ac431 Add missing guards in tls 1.3 
Error translation is only used with these
defines on.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-13 05:46:47 -04:00
Andrzej Kurek
1e4a030b00 Fix wrong array size calculation in error translation code 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-13 05:46:47 -04:00
Andrzej Kurek
0064484a70 Optimize error translation code size 
Introducing an intermediate function
saves code size that's otherwise taken by excessive,
repeated arguments in each place that
was translating errors.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-13 05:46:46 -04:00
Przemek Stekiel
75a5a9c205 Code cleanup 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-13 09:57:23 +02:00
Przemek Stekiel
ff9fcbcace ssl_client2, ssl_server2: code optimization + guards adaptation 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:53:40 +02:00
Przemek Stekiel
da4fba64b8 Further code optimizations 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:31:09 +02:00
Przemek Stekiel
29c219c285 Combine mbedtls_ssl_tls13_generate_and_write_ecdh/ffdh_key_exchange functions 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:31:09 +02:00
Przemek Stekiel
e7db09bede Move FFDH helper functions and macros to more suitable locations 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:31:08 +02:00
Przemek Stekiel
63706628d0 Adapt guards for FFDH 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:31:08 +02:00
Przemek Stekiel
947ff56c45 Replace deprecated functions 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:31:08 +02:00
Przemek Stekiel
c89f3ea9f2 Add support for FFDH in TLS 1.3 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:31:08 +02:00
Manuel Pégourié-Gonnard
02b10d8266 Add missing include 
Fix build failures with config full

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard
2d6d993662 Use MD<->PSA functions from MD light 
As usual, just a search-and-replace plus:

1. Removing things from hash_info.[ch]
2. Adding new auto-enable MD_LIGHT in build-info.h
3. Including md_psa.h where needed

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-06 10:33:54 +02:00
Xiaokang Qian
7343738695 Wrap lines which exceed 80 chars in ssl_tls13_generic.c 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-04-10 08:27:51 +00:00
Ronald Cron
eff5673e09 Improve and align variable names for supported versions data 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-04-06 10:26:18 +02:00
Ronald Cron
47dce630f4 tls13: Add function to search for a supported_versions extension 
Move in a dedicated function the search for the
supported_versions extension in a list of
extensions, to be able to use it on server side
as well.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-04-06 10:26:17 +02:00
Valerio Setti
080a22ba75 ssl_tls13: use PSA_WANT_ALG_ECDH as symbol for marking ECDH capability 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-22 10:48:34 +01:00
Valerio Setti
0c8ec3983e ssl_tls: fix proper guards for accelerated ECDH 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-22 10:48:34 +01:00
Valerio Setti
90df310d89 ssl_tls13: fix guards for accel ECDH 
These changes fix all failures found in test_suite_ssl

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-22 10:48:34 +01:00
Jan Bruckner
1a38e54436 Changes from 2nd review 
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2023-03-15 14:15:11 +01:00
Jan Bruckner
a0589e75a0 Changes from review 
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2023-03-15 11:04:45 +01:00
Jan Bruckner
151f64283f Add parsing for Record Size Limit extension in TLS 1.3 
Fixes #7007

Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2023-03-14 08:41:25 +01:00
Andrzej Kurek
8a045ce5e6 Unify PSA to Mbed TLS error translation 
Move all error translation utilities to psa_util.c.
Introduce macros and functions to avoid having
a local copy of the error translating function in
each place.
Identify overlapping errors and introduce a
generic function.
Provide a single macro for all error translations
(unless one file needs a couple of different ones).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-03 05:23:44 -05:00
Manuel Pégourié-Gonnard
da7979bb91 Restore debug message removed by mistake 
Also while at it, fix debug level for existing DEBUG_RET: errors should
always be level 1.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard
43cc127d3a Fix code style 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard
b8b07aa24a Handle errors from functions that now return int 
A few functions were changed from returning void to returning int three
commits ago. Make sure their callers check the return values.

This commits was basically a matter of declaring newly-int-returning
functions MBEDTLS_CHECK_RETURN_CRITICAL and then fixing the resulting
warnings. A few functions had to be made int in the process; they were
applied the same process as well.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard
d7a7a23308 Use reset_checksum in reset_transcript_for_hrr 
This function was manually resetting just the hash that would be used;
it's simpler to just call the function that resets all hashes. This also
avoids calling low-level code from TLS 1.3.

While at it, remove the guards about SHA-256 || SHA-384 that were around
update_checksum, as they are redundant: update_checksum already has
appropriate guards (and TLS 1.3 already depends on one of those tow
hashes being present anyway).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-02-21 15:39:12 +01:00
Xiaokang Qian
6b980011e5 Replace session_negotiate->ciphersuite with handshake->ciphersuite_info->id 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-02-08 05:47:48 +00:00
Xiaokang Qian
7094f66879 Remove useless duplicted mbedtls_ssl_tls13_ticket_get_psk 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-02-08 05:44:00 +00:00
Xiaokang Qian
d05ac5dfce Add extern apis mbedtls_ticket_get_psk. 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-02-08 05:43:59 +00:00
Gilles Peskine
449bd8303e Switch to the new code style 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-01-11 14:50:10 +01:00
Manuel Pégourié-Gonnard
28d4d43416
Merge pull request #6863 from valeriosetti/issue6830 
Remove uses of mbedtls_ecp_curve_info in TLS (with USE_PSA)
 2023-01-10 10:01:17 +01:00
Valerio Setti
40d9ca907b tls: remove useless legacy function 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-04 16:08:04 +01:00
Jerry Yu
141bbe7bee tls13: Adjust include files 
- remove duplicate and unused included
- Adjust the order to system, mbedtls global, local.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-12-09 09:51:20 +08:00
Xiaokang Qian
2cd5ce0c6b Fix various issues cause rebase to latest code 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-15 10:33:53 +00:00
Xiaokang Qian
ecc2948f21 Fix format issues 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:15:05 +00:00
Xiaokang Qian
911c0cc4f0 Fix format issues in comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:13:50 +00:00
Xiaokang Qian
0e97d4d16d Add early data indication to client side 
Add fields to mbedtls_ssl_context
Add write early data indication function
Add check whether write early data indication
Add early data option to ssl_client2
Add test cases for early data

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:13:50 +00:00
Jerry Yu
97be6a913e fix various issues 
- typo error
- replace `ssl->hanshake` with handshake

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-09 22:43:31 +08:00
Jerry Yu
7de2ff0310 Refactor extension list print 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-08 23:51:39 +08:00
Jerry Yu
79aa721ade Rename ext print function and macro 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-08 23:51:39 +08:00
Jerry Yu
0d5cfb7703 Refactor Certificate 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-06 11:54:22 +08:00
Jerry Yu
4b8f2f7266 Refactor sent extension message output 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-06 11:54:21 +08:00
Jerry Yu
d25cab0327 Refactor debug helpers for exts and hs message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-06 11:54:21 +08:00
Jerry Yu
df0ad658a3 tls13: Add allowed extesions constants. 
- And refactor check_received_extension

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-02 21:35:27 +08:00
Jerry Yu
7a485c1fdf Add ext id and utilities 
- Remove `MBEDTLS_SSL_EXT_*`
- Add macros and functions for translating iana identifer.
- Add internal identity for extension

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
c4bf5d658e fix various issues 
- Signature of
  - mbedtls_tls13_set_hs_sent_ext_mask
  - check_received_extension and issues
- Also fix comment issue.
- improve readablity.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
03112ae022 change input extension_type 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00