Commit graph

21354 commits

Author SHA1 Message Date
Jerry Yu
a99cbfa2d3 fix various issues
- rename function and variable
- change signature of `ssl_tls13_has_configured_psk`
- remove unnecessary statements
- remove unnecessary local variables
- wrong variable initial value
- improve output message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-08 14:35:47 +08:00
Jerry Yu
40afab61a8 Add ciphersuite check in set_session
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-08 14:35:43 +08:00
Jerry Yu
21f9095fa8 Revert "move ciphersuite validation to set_session"
This reverts commit 19ae6f62c7.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-08 14:35:34 +08:00
Jerry Yu
379b91a393 add ticket age check
Remove ticket if it is expired.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-08 10:21:15 +08:00
Jerry Yu
4a698341c9 Re-org selected_identity parser
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-07 10:11:05 +08:00
Jerry Yu
6183cc7470 Re-org binders writer
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-07 10:11:05 +08:00
Jerry Yu
f75364bee1 Re-organize identities writer
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-07 10:11:05 +08:00
Jerry Yu
8b41e893a2 fix various issues
- Re-order code and comments
  - move comment above `write_identities`
  - move `write_binder` above `write_identities`.
- Add has_{psk,identity} into {ticket,psk}_get_{psk,identity}
- rename `*_session_tickets_*` to `_ticket_`

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-07 10:11:05 +08:00
Jerry Yu
19ae6f62c7 move ciphersuite validation to set_session
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-07 10:11:05 +08:00
Jerry Yu
25ab654781 Add dummy ticket support
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-07 10:11:05 +08:00
Jerry Yu
b300e3c5be add selected_identity parser
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-07 10:11:05 +08:00
Jerry Yu
1a0a0f4416 Add binders writer
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-07 10:11:05 +08:00
Jerry Yu
f7c125917c Add identites writer
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-07 10:11:05 +08:00
Jerry Yu
0c6105bc9e empty pre_shared_key functions
To easy review

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-07 10:11:05 +08:00
Jerry Yu
8897c07075 Add server only guards for psk callback
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-07 10:11:05 +08:00
Gilles Peskine
80ca44f33c
Merge pull request #6325 from gabor-mezei-arm/6308_missing_initialization_in_test
Add initialization for structures in test
2022-10-05 11:09:35 +02:00
Gilles Peskine
845de0898e
Merge pull request #6083 from tom-cosgrove-arm/issue-6015-montgomery-multiplication
Montgomery multiplication from bignum prototype
2022-09-30 10:35:21 +02:00
Tom Cosgrove
6da3a3b15f Fix doc regarding aliasing of modulus input to mbedtls_mpi_core_montmul()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-09-29 17:20:18 +01:00
Tom Cosgrove
4386ead662 Correct the aliasing requirements in doc for mbedtls_mpi_core_montmul(), and test them
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-09-29 14:40:21 +01:00
Ronald Cron
77c691f099
Merge pull request #6194 from xkqian/tls13_add_psk_client_cases
TLS 1.3: Add PSK client cases
2022-09-28 17:08:06 +02:00
Xiaokang Qian
a70bd9108a Fix the description of psk client cases
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-28 07:50:13 +00:00
Manuel Pégourié-Gonnard
e3358e14b2
Merge pull request #6051 from mprse/permissions_2b_v2
Permissions 2b: TLS 1.3 sigalg selection
2022-09-28 09:50:04 +02:00
Manuel Pégourié-Gonnard
f3f9e450b6
Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2
Ad-hoc KDF for EC J-PAKE in TLS 1.2
2022-09-28 09:47:32 +02:00
Xiaokang Qian
ca343ae280 Improve message logs and test cases description in psk
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-28 02:07:54 +00:00
Ronald Cron
cba39a386f Add change log
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-27 19:10:39 +02:00
Gabor Mezei
0bb138241b
Add initialization for structures
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-09-27 18:48:44 +02:00
Xiaokang Qian
9c172042b6 Change cases description base on comments
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-27 11:41:50 +00:00
Xiaokang Qian
e12d30d751 Move psk related cases into tls13-kex-modes.sh
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-27 11:34:14 +00:00
Andrzej Kurek
f13925c022 Add a changelog entry for ECJPAKE to PMS KDF
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-27 05:16:10 -04:00
Ronald Cron
c27a9074c4 tls13: server: Add comment when trying another sig alg
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-27 10:07:55 +02:00
Xiaokang Qian
cb6e96305f Change kex mode string name
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-27 08:02:41 +00:00
Ronald Cron
b72dac4ed7 Fix PSA identifier of RSA_PKCS1V15 signing algorithms
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-27 09:25:47 +02:00
Andrzej Kurek
e09aff8f5a Add information about ECJPAKE_TO_PMS output size expectations
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-26 10:59:31 -04:00
Andrzej Kurek
3539f2c90b Improve readability in ecjpake tests
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-26 10:56:02 -04:00
Andrzej Kurek
b510cd2c50 Fix a copy-paste error - wrong macro used
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-26 10:50:22 -04:00
Andrzej Kurek
5603efd525 Improve readability and formatting
Also use a sizeof instead of a constant for zeroization, as
requested in review.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-26 10:49:16 -04:00
Andrzej Kurek
96b9f23853 Adjust ECJPAKE_TO_PMS macro value
This way the low 8 bits of the identifier indicate that this algorithm is used
with SHA-256.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-26 10:30:46 -04:00
Xiaokang Qian
954d5769ef PSK: change descriptions base on comments
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-26 08:40:10 +00:00
Xiaokang Qian
5beec4b339 Refine ssl_get_kex_mode_str() for easy automatic generation
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-26 08:23:45 +00:00
Xiaokang Qian
ac8195f4f7 Fix wrongly kex mode fallback issue in psk cases
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-26 06:31:58 +00:00
Gilles Peskine
5596c74a98
Merge pull request #6140 from Zaya-dyno/validation_remove_change_auth_enc
Validation remove change auth enc
2022-09-23 17:04:31 +02:00
Gilles Peskine
12a1e85caa
Merge pull request #6138 from Zaya-dyno/validation_remove_change_key_agree
Validation remove change key agree
2022-09-23 17:04:20 +02:00
Gilles Peskine
f70f4ead7f
Merge pull request #6248 from gilles-peskine-arm/all-sh-force-3.2
Fix all.sh --force
2022-09-23 17:04:00 +02:00
Gilles Peskine
8c2d236117
Merge pull request #6188 from N3xed/fix/windows-different-drives-build-error
Copy files instead of hard-linking on Windows
2022-09-23 17:03:50 +02:00
Gilles Peskine
87953f228f
Merge pull request #6091 from Zaya-dyno/validation_remove_change_pk
Validation remove change pk
2022-09-23 17:03:30 +02:00
Paul Elliott
2c282c9bd0
Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets
TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.
2022-09-23 15:48:33 +01:00
Gabor Mezei
f29c2a5313
Add initialization for structures
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-09-23 15:25:27 +02:00
Xiaokang Qian
210727f3b1 Skip some psk cases cause wrong fallback to ephemeral
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 07:25:40 +00:00
Jerry Yu
ba627bfd0d improve document about session tickets
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-23 09:58:22 +08:00
Xiaokang Qian
dea2cbe199 Fix various test issues in psk m->m cases
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00