yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
22416 commits 1 branch 0 tags 94 MiB
Commit graph

5531 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
ffc330fafa
Merge pull request #6264 from hannestschofenig/rfc9146_2 
CID update to RFC 9146
 2022-11-29 09:25:14 +01:00
Dave Rodgman
bf9b23abf8
Merge pull request #6648 from gilles-peskine-arm/psa-ecb-null-0 
Fix NULL+0 undefined behavior in PSA crypto ECB
 2022-11-25 17:07:46 +00:00
Bence Szépkúti
6e85673e8d
Merge pull request #3431 from naynajain/development-pkcs7 
PKCS7 Parser - RFC 2315
 2022-11-25 15:55:46 +01:00
Gilles Peskine
5a34b36bbd Remove more now-redundant definitions of inline 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-25 13:26:44 +01:00
Hannes Tschofenig
6b6b63f039 Added closing SECTION of doxygen markup 
Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-11-25 11:19:05 +01:00
Hannes Tschofenig
b2e6615625 Added deprecated warning in check_config.h 
Warns about the removal of the legacy DTLS Connection ID feature in a future version of Mbed TLS.

Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-11-25 11:18:57 +01:00
Hannes Tschofenig
e2c46e0413 Reference to RFC 9146 added 
Added deprecated keyword to MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT

Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-11-25 11:18:51 +01:00
Hannes Tschofenig
88e5566a9b Changed order of conditions in check_config.h 
Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-11-25 11:18:38 +01:00
Manuel Pégourié-Gonnard
91f88db019
Merge pull request #6639 from mpg/doc-driver-only-limitation 
Document another limitation of driver-only hashes
 2022-11-25 09:44:35 +01:00
Bence Szépkúti
ae79fb2c2e Merge branch 'development' into pr3431 2022-11-25 03:12:43 +01:00
Manuel Pégourié-Gonnard
fecc6b2fe4 Minor tune-up to ChangeLog & documentation 
- fix a recurring typo
- use clearer names

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-11-24 09:40:12 +01:00
Gilles Peskine
6157fee306 Unify defintions of inline for MSVC (and old armcc?) 
Having multiple definitions was cumbersome, and meant we might forget the
definition when adding an inline definition to a file that didn't have one
before (as I did when I added an inline definition in common.h).

Resolves #6649.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-23 16:15:21 +01:00
Ronald Cron
4a8c9e2cff tls13: Add definition of mbedtls_ssl_{write,read}_early_data 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-11-23 14:29:37 +01:00
Manuel Pégourié-Gonnard
ef25a99f20
Merge pull request #6533 from valeriosetti/issue5847 
Use PSA EC-JPAKE in TLS (1.2) - Part 2
 2022-11-23 13:27:30 +01:00
Ronald Cron
cb0e680779
Merge pull request #6476 from yuhaoth/pr/fix-tls13-mbedtls_ssl_is_handshake_over 
TLS 1.3: Fix tls13 mbedtls ssl is handshake over
 2022-11-23 12:12:02 +01:00
Ronald Cron
d8603a7b44
Merge pull request #6638 from ronald-cron-arm/tls13-misc 
TLS 1.3: Adjustments for the coming release
 2022-11-23 09:07:36 +01:00
Bence Szépkúti
a17d038ee1 Merge branch 'development' into pr3431 2022-11-22 15:54:52 +01:00
Gilles Peskine
4f19d86e3f
Merge pull request #6608 from mprse/ecjpake_password_fix 
Make a copy of the password key in operation object while setting j-pake password
 2022-11-22 14:52:12 +01:00
Ronald Cron
da13072c5b tls13: Make ..._RECEIVED_NEW_SESSION_TICKET experimental 
We are considering using a callback instead.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-11-22 13:21:13 +01:00
Manuel Pégourié-Gonnard
18a3856a03 Document another limitation of driver-only hashes 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-11-22 11:59:55 +01:00
Ronald Cron
c2e110f445 tls13: Disable MBEDTLS_SSL_EARLY_DATA by default 
Eventually we want it to be enabled by default
when TLS 1.3 is enabled but currently the
feature is on development thus it should not be
enabled by default.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-11-22 09:01:46 +01:00
Gilles Peskine
339406daf9
Merge pull request #6609 from gilles-peskine-arm/mpi_sint-min-ub 
Fix undefined behavior in bignum: NULL+0 and -most-negative-sint
 2022-11-21 19:51:58 +01:00
Jerry Yu
a8d3c5048f Rename new session ticket name for TLS 1.3 
NewSessionTicket is different with TLS 1.2.
It should not share same state.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:35 +08:00
Jerry Yu
5ed73ff6de Add NEW_SESSION_TICKET* into handshake over states 
All state list after HANDSHAKE_OVER as is_handshakeover

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:34 +08:00
Jerry Yu
0b61217c36 set new_session_ticket_* to handshake_over 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:34 +08:00
Valerio Setti
aca21b717c tls: psa_pake: enforce not empty passwords 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-11-17 18:20:50 +01:00
Przemek Stekiel
152ae07682 Change password ec j-pake operation fields to more suitable 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-17 13:24:36 +01:00
Ronald Cron
d12922a69a
Merge pull request #6486 from xkqian/tls13_add_early_data_indication 
The merge job of the internal CI ran successfully. This is good to go.
 2022-11-17 12:48:50 +01:00
Xiaokang Qian
51c5a8b561 Update ticket flag macros 
Define the ALLOW_PSK_RESUMPTION and ALLOW_PSK_EPHEMERAL_RESUMPTION
to the key exchange mode EXCHANGE_MODE_PSK and
EXCHANGE_MODE_PSK_EPHEMERAL to facilate later check.
Since they are 1( 1u<<0 ) and 4( 1u<<2 ), so define
ALLOW_EARLY_DATA to 8( 1u<<3 ).

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-16 08:32:51 +00:00
Gilles Peskine
6110a16555 Document mbedtls_mpi_uint and mbedtls_mpi_sint 
Since they're part of the public API (even if only through a few functions),
they should be documented.

I deliberately skipped documenting how to configure the size of the type.
Right now, MBEDTLS_HAVE_INT32 and MBEDTLS_HAVE_INT64 have no Doxygen
documentation, so it's ambiguous whether they're part of the public API.
Resolving this ambiguity is out of scope of my current work.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-15 22:56:17 +01:00
Przemek Stekiel
348410f709 Make a copy of the key in operation while setting pake password 
Additionally use psa_get_and_lock_key_slot_with_policy() to obtain key.
This requires making this function public. This will have to be solved while adding driver dipatch for EC-JPAKE.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-15 22:22:07 +01:00
Gilles Peskine
128895775d Document invariants of MPI objects 
Note that s must be +1 for zero.

Note that p may be NULL for zero, when n is 0.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-15 20:33:21 +01:00
Xiaokang Qian
2cd5ce0c6b Fix various issues cause rebase to latest code 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-15 10:33:53 +00:00
Xiaokang Qian
72b9b17e11 Add comments to fix mini format issue 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-15 02:51:27 +00:00
Dave Rodgman
d384b64dd2
Merge branch 'development' into rfc9146_2 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-14 17:43:15 +00:00
Xiaokang Qian
402bb1ee90 Update documents and check 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:16:22 +00:00
Xiaokang Qian
de95604f6c Update ticket_flags related macros 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:16:22 +00:00
Xiaokang Qian
fe3483f9a1 Update early data doument and config dependencies 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:16:22 +00:00
Xiaokang Qian
ae07cd995a Change ticket_flag base on review 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:16:22 +00:00
Xiaokang Qian
29ee43c0e1 Update document base on comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:16:22 +00:00
Xiaokang Qian
097771672d Update early data document and prerequisites check 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:16:22 +00:00
Xiaokang Qian
f447e8a8d3 Address comments base on reviews 
Improve early data indication check
Update test case to gnutls server

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:15:36 +00:00
Xiaokang Qian
ecc2948f21 Fix format issues 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:15:05 +00:00
Xiaokang Qian
76332816c7 Define the EARLY_DATA_STATUS 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:15:05 +00:00
Xiaokang Qian
338f727683 Move EARLY_DATA_OFF/ON guard to ssl_misc.h 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:15:03 +00:00
Xiaokang Qian
911c0cc4f0 Fix format issues in comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:13:50 +00:00
Xiaokang Qian
0e97d4d16d Add early data indication to client side 
Add fields to mbedtls_ssl_context
Add write early data indication function
Add check whether write early data indication
Add early data option to ssl_client2
Add test cases for early data

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:13:50 +00:00
Dave Rodgman
50e5616553 Fix typo in check_config.h 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-10 10:07:35 +00:00
Dave Rodgman
f58172fe43 Merge remote-tracking branch 'origin/development' into pr3431 2022-11-10 09:54:49 +00:00
Nick Child
89e82e1685 pkcs7: Add dependecy on MBEDTLS_MD_C 
Signed-off-by: Nick Child <nick.child@ibm.com>
 2022-11-09 10:36:10 -06:00