Ronald Cron
f735cf1f0f
ssl_tls.c: Fix ciphersuite selection regarding protocol version
...
Use the actual minimum and maximum of the minor
version to be negotiated to filter ciphersuites
to propose rather than the ones from the
configuration.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-31 09:35:33 +02:00
Ronald Cron
3cffc5ccb1
tls: Remove unnecessary checks of MBEDTLS_CIPHERSUITE_NODTLS
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-30 21:59:44 +02:00
Ronald Cron
150d579d7a
ssl_client.c: Improve coding style
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-30 21:58:50 +02:00
Ronald Cron
da41b38c42
Improve and fix comments
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-30 14:10:03 +02:00
Ronald Cron
8ecd9937a9
ssl_client.c: Fix state change for DTLS 1.2
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 18:58:31 +02:00
Ronald Cron
fbd9f99f10
ssl_tls.c: Move some client specific functions to ssl_client.c
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 18:58:31 +02:00
Ronald Cron
5f4e91253f
ssl_client.c: Add DTLS ClientHello message sending specifics
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 18:58:31 +02:00
Ronald Cron
4079abc7d1
ssl_client.c: Adapt extensions writing to the TLS 1.2 case
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 18:58:31 +02:00
Ronald Cron
11e1857f5e
ssl_client.c: Fix key share code guards
...
In TLS 1.3 key sharing is not restricted to key
exchange with certificate authentication. It
happens in the PSK and ephemeral key exchange
mode as well where there is no certificate
authentication.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 18:58:31 +02:00
Ronald Cron
df823bf39b
ssl_client.c: Re-order partially extension writing
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 18:57:54 +02:00
Ronald Cron
42c1cbf1de
ssl_client.c: Adapt compression methods comment to TLS 1.2 case
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 18:56:58 +02:00
Ronald Cron
d491c2d779
ssl_client.c: Adapt ciphersuite writing to TLS 1.2 case
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 17:17:57 +02:00
Ronald Cron
a874aa818a
ssl_client.c: Add DTLS 1.2 cookie support
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 17:17:57 +02:00
Ronald Cron
021b1785ef
ssl_client.c: Adapt session id generation to the TLS 1.2 case
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 17:17:57 +02:00
Ronald Cron
58b803818d
ssl_client.c: Adapt TLS random generation and writing to TLS 1.2 case
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 17:17:50 +02:00
Ronald Cron
1614eb668c
ssl_client.c: Adapt TLS version writing to TLS 1.2 case
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 17:00:29 +02:00
Ronald Cron
86a477f5ee
ssl_client.c: Adapt initial version selection to TLS 1.2 case
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 17:00:29 +02:00
Ronald Cron
5456a7f89c
ssl_client.c: Expand ssl_write_client_hello_body doc with TLS 1.2 case
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 17:00:29 +02:00
Ronald Cron
71c2332860
ssl_client.c: Rename TLS 1.3 ClientHello writing functions
...
Rename TLS 1.3 ClientHello writing functions
aiming to support TLS 1.2 as well.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 17:00:29 +02:00
Ronald Cron
3d580bf4bd
Move TLS 1.3 client hello writing to new TLS 1.2 and 1.3 client file
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 17:00:29 +02:00