mbedtls

Author	SHA1	Message	Date
Benson Liou	6d0a093582	use mbedtls_ssl_session_init() to init session variable Use mbedtls_ssl_session_init() to init variable just like session-family APIs described Signed-off-by: Benson Liou <benson.liou@sony.com>	2023-12-27 22:03:24 +08:00
Xiaokang Qian	a9581d2d5f	Fix CI failure of uninitialized fp Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-11 01:50:34 +00:00
Xiaokang Qian	aedfc0932b	Revert to `ae952174a7` and addressing some comments Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-08 10:43:24 +00:00
Xiaokang Qian	963468035d	Add the test framework of early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-07 09:19:43 +00:00
Xiaokang Qian	daddfb520d	Open the file once read in the file path Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-07 08:14:30 +00:00
Xiaokang Qian	35c026c09e	Read early data file Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-07 06:10:34 +00:00
Xiaokang Qian	2a8035b495	Add read early data code Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-07 03:54:40 +00:00
Xiaokang Qian	57db590586	Rework to revert the early_data enabled flag We have two options for early data. early_data to indicate early data enable or not. early_data_file to provide path file to read early data from Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-07 03:29:22 +00:00
Xiaokang Qian	ae952174a7	Enable early data depend on whether the early data file exist Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-06 10:27:27 +00:00
Xiaokang Qian	611c717c02	Sync the early_data option with internal parameters in ssl_client2 Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-06 09:24:58 +00:00
Xiaokang Qian	f8fe11d14d	Remove the generic file read functions and simply the early data read Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-06 07:40:50 +00:00
Xiaokang Qian	eaebedb30b	Refine the detect code to enable early data or not Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-06 02:55:16 +00:00
Xiaokang Qian	b1db72923e	Rename the generic read functions to ssl_read_file_text Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-06 02:33:38 +00:00
Xiaokang Qian	6c678d7543	Improve the comments of early data input Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-06 02:20:51 +00:00
Xiaokang Qian	70fbdcf904	Change early data flag to input file Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-05 05:50:08 +00:00
Yanray Wang	d5ed36ff24	early data: rename configuration function Rename mbedtls_ssl_tls13_conf_early_data as mbedtls_ssl_conf_early_data since in the future this may not be specific to TLS 1.3. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-07 11:49:24 +08:00
Dave Rodgman	16799db69a	update headers Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-02 19:47:20 +00:00
Paul Elliott	afc6a992c5	Merge pull request #8381 from gilles-peskine-arm/20231017-misc-cleanup Cleanups in test code	2023-10-30 18:08:01 +00:00
Gilles Peskine	a0e810de4b	Convey that it's ok for mbedtls_ssl_session_save to fail mbedtls_ssl_session_save() always outputs the output length, even on error. Here, we're only calling it to get the needed output length, so it's ok to ignore the return value. Convey this to linters. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-17 16:04:27 +02:00
Gilles Peskine	f745e5b8de	Merge remote-tracking branch 'development' into HEAD	2023-08-23 20:35:32 +02:00
Valerio Setti	acd32c005f	programs: add helper functions for supported EC curves - get full list, or - get TLS ID from name Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 09:13:57 +02:00
Przemek Stekiel	45255e4c71	Adapt names (curves -> groups) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-05 09:26:26 +02:00
Manuel Pégourié-Gonnard	39a0a76fcc	SSL programs: improve command-line error reporting Every now and then, I see of these programs failing with a super-long usage message that gives no clue as to what went wrong. (Recently it happened with a test case in ssl-opt.sh with a fairly long command line that was entirely correct, except some options were not valid in this config - the test should have been skipped but wasn't due to some other bug. It took me longer to figure out than it should have, and could have if the program had simply reported which param was not recognized.) Also, have an explicit "help" command, separate "help_ciphersuites", and have default usage message that's not multiple screens long. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-27 09:28:24 +02:00
Manuel Pégourié-Gonnard	3eea9a461c	SSL programs: allow invoking without arguments All options have reasonable default so the programs don't need arguments to do something useful. It is widely accepted for programs that can work without arguments need not insist on the user passing arguments, see 'ls', 'wc', 'sort', 'more' and any number of POSIX utilities that all work without arguments. It is also the historical behaviour of those programs, and something relied one by at least a few team members. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-26 11:29:35 +02:00
Manuel Pégourié-Gonnard	0b74434e2a	SSL programs: group options processing in 1 place Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-26 11:28:00 +02:00
Przemek Stekiel	75a5a9c205	Code cleanup Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-13 09:57:23 +02:00
Przemek Stekiel	ff9fcbcace	ssl_client2, ssl_server2: code optimization + guards adaptation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:53:40 +02:00
Przemek Stekiel	da4fba64b8	Further code optimizations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	316c19ef93	Adapt guards, dependencies + optimizations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com> Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	6d7da5ee1e	Add FFDH support in client2, server2 applications Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:08 +02:00
Valerio Setti	d49cbc1493	test: fix remaining failures in test due to the ECP_LIGHT symbol Changes in test_suite_psa_crypto are to enforce the dependency on ECP_C which is mandatory for some key's derivation. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Manuel Pégourié-Gonnard	bef824d394	SSL: use MD_CAN macros Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:29:31 +01:00
Tom Cosgrove	5c8505f061	Fix typos Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-07 11:39:52 +00:00
Aditya Deshpande	644a5c0b2b	Fix bugs in example programs: change argc == 0 to argc < 2 Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>	2023-01-30 16:48:13 +00:00
Pengyu Lv	e2f1dbf5ae	update docs of ssl_client2 and improve code format Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-01-16 12:38:12 +08:00
Pengyu Lv	302feb3955	add cases to test session resumption with different ticket_flags This commit add test cases to test if the check of kex change mode in SessionTicket works well. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-01-13 11:05:56 +08:00
Gilles Peskine	449bd8303e	Switch to the new code style Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-01-11 14:50:10 +01:00
Jerry Yu	a15af37867	Change time resolution of reco_delay from second to millionseconds Per gnutls anti replay issue, it needs millionsecond time delay for improve the fail rate. From test result of #6712, this can improve the fail rate from 4% to 92%. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-01-07 13:01:42 +08:00
Valerio Setti	d75c5c4405	test: pake: fail in case the opaque key is destroyed unexpectedly Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-13 11:51:32 +01:00
Valerio Setti	785116a5be	test: pake: modify opaque key verification before destruction Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-12 11:59:25 +01:00
Valerio Setti	eb3f788b03	tls: pake: do not destroy password key in TLS Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-08 18:42:58 +01:00
Valerio Setti	d5fa0bfb85	test: pake: check psa key validity before destroying it Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-07 16:02:42 +01:00
Valerio Setti	d6feb20869	test: pake: allow opaque password only when USE_PSA is enabled Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-02 14:28:49 +01:00
Valerio Setti	661b9bca75	test: psa_pake: add specific log message for the opaque password Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-29 17:28:17 +01:00
Valerio Setti	77e8315f5b	fix formatting and typos Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-29 17:28:04 +01:00
Valerio Setti	d572a82df9	tls: psa_pake: add test for opaque password Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-29 11:30:56 +01:00
Xiaokang Qian	2cd5ce0c6b	Fix various issues cause rebase to latest code Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-15 10:33:53 +00:00
Xiaokang Qian	9a0aafbe79	Enable/disable MBEDTLS_SSL_EARLY_DATA for cases in ssl-opt.sh Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-15 02:49:46 +00:00
Xiaokang Qian	0e97d4d16d	Add early data indication to client side Add fields to mbedtls_ssl_context Add write early data indication function Add check whether write early data indication Add early data option to ssl_client2 Add test cases for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:13:50 +00:00
Gilles Peskine	fd7aa13671	Merge pull request #6436 from yanrayw/ssl_client2-add-build-version Add build version to the output of ssl_client2 and ssl_server2	2022-11-10 14:39:38 +01:00

1 2 3 4 5 ...

620 commits