mbedtls

Author	SHA1	Message	Date
Gilles Peskine	0c9f058504	Merge pull request #5213 from tom-cosgrove-arm/pr_4950 Fix GCM calculation with very long IV	2021-11-22 22:22:37 +01:00
XiaokangQian	4b82ca1b70	Refine test code and test scripts Change client test code to support rsa pss signatures Add test cases for rsa pss signature in ssl-opt.sh Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-22 05:50:12 +00:00
XiaokangQian	82d34ccf47	Add signature scheme rsa pss Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-22 05:50:12 +00:00
Manuel Pégourié-Gonnard	146247de71	Merge pull request #5172 from bensze01/invalid_nonce_error PSA: Indicate in the error returned when we know that an AEAD nonce length is invalid, not just unsupported	2021-11-18 09:41:12 +01:00
Ronald Cron	ac00659480	Merge pull request #5121 from yuhaoth/pr/add-wrapup-and-hello-test TLS1.3 MVP: Add finialize states and simplest test	2021-11-18 09:11:53 +01:00
Bence Szépkúti	6d48e20d4b	Indicate nonce sizes invalid for ChaCha20-Poly1305 Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2021-11-17 18:06:11 +01:00
Bence Szépkúti	357b78e42c	Indicate if we know that a nonce length is invalid This restores the behaviour found in the previously released versions and development_2.x. Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2021-11-17 18:06:04 +01:00
Manuel Pégourié-Gonnard	5a57a51ea5	Merge pull request #5180 from daverodgman/key_derivation_output_key_error_code Improve PSA error return code for psa_key_derivation_output_key	2021-11-17 13:09:37 +01:00
Jerry Yu	a6e6c27bd3	Grouplize tls1_3 special functions Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-11-17 17:54:13 +08:00
Jerry Yu	cfe64f0b24	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-11-17 16:03:06 +08:00
Jerry Yu	378254d3e3	Implement handshake wrapup Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-11-17 16:03:06 +08:00
XiaokangQian	3ce4d51c11	Move set_outbound_transform to finalize server finished. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-17 02:11:36 +00:00
Dave Rodgman	d69da6c3c3	Improve PSA error return code psa_key_derivation_output_key: prioritize BAD_STATE over NOT_PERMITTED If psa_key_derivation_output_key() is called on an operation which hasn't been set up or which has been aborted, return PSA_ERROR_BAD_STATE. Only return PSA_ERROR_NOT_PERMITTED if the operation state is ok for psa_key_derivation_input_bytes() or psa_key_derivation_output_bytes() but not ok to output a key. Ideally psa_key_derivation_output_key() would return PSA_ERROR_NOT_PERMITTED only when psa_key_derivation_output_bytes() is possible, but this is clumsier to implement. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2021-11-16 16:03:31 +00:00
XiaokangQian	a3087e881e	Fix finished message decryption fail issue Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-16 02:38:45 +00:00
XiaokangQian	9ec8fcfddd	Improve failure messag for calculating verify data Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 08:24:08 +00:00
XiaokangQian	dce82245ac	Fix the compile issue about prepare message Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 06:01:26 +00:00
XiaokangQian	0fa6643eb5	Align coding stles and remove useless code Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
XiaokangQian	35dc625e37	Move the location of functions Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
XiaokangQian	8773aa0da9	Align coding styles in generic for client finish Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
XiaokangQian	cc90c94413	Rebase and change code Solve conflicts. Rename functions Align coding style Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
XiaokangQian	e1655e4db8	Change naming styles and fix ci failure Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
XiaokangQian	c00ba81310	Remove MBEDTLS_SSL_NEW_SESSION_TICKET in TLS1.3 MVP Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
XiaokangQian	eab1023dbf	Fix some compiling errors for name mismatch Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
XiaokangQian	74af2a827e	TLS1.3: Add client finish processing in client side Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
Ronald Cron	bb41a88f2e	Merge pull request #5120 from yuhaoth/pr/fix-memory-leak-and-version-header TLS1.3 :fix memory leak and version header	2021-11-12 13:49:26 +01:00
Ronald Cron	28777db226	Merge pull request #4952 from xkqian/add_server_finished Add server finished	2021-11-12 12:30:10 +01:00
XiaokangQian	a4c99f2c2d	Remove useless blank line Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-11 06:46:35 +00:00
XiaokangQian	c13f935c05	Align code styles of indent and so on Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-11 06:13:22 +00:00
XiaokangQian	3306284776	Change code base on comments Remove client certificate verify in tests. Change the layout of structure to fix abi_api check issues. Add comments of Finished. Align with the coding styles. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-11 03:37:45 +00:00
Tom Cosgrove	0eedd36557	Serialise builds of the .a files on Windows This is a workaround for an issue with mkstemp() in older MinGW releases that causes simultaneous creation of .a files in the same directory to fail. Fixes #5146 Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2021-11-10 11:15:46 +00:00
Manuel Pégourié-Gonnard	087f04783d	Merge pull request #5076 from mstarzyk-mobica/psa_ccm_no_tag PSA CCM*-no-tag	2021-11-10 10:18:55 +01:00
XiaokangQian	d0aa3e9307	Inprove code base on review comments Change debug messag for server finished. Change name of generate_application_keys. Remove the client vertificate tests from ssl-opt.sh. Add test strings for server finished in ssl-opt.sh. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 06:17:40 +00:00
XiaokangQian	57b2aff8a8	Align the union size Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 03:12:11 +00:00
XiaokangQian	aaa0e197a8	Change the alignment and names of functions and a macro Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 03:07:04 +00:00
XiaokangQian	c5c39d5800	Change code for styles and comments .etc Remove useless code in union. Rename functions and parameters. Move definitions into othe files. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	44c38f7e36	Chande debug message in finished and rename finalize functions Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	b51f8841c4	Change comments for export_keys callback Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	ac0385c08f	Change code based on comments Move set_state function into client Add back export_key callback function in generate application keys Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	8903bd97b0	Change some naming style issues and remove useless code Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	1aef02ee20	Fix initialized issues and remove useless code Fix the variable not inialized issue, remove the client certificate related code, remove early data related code. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	61bdbbc18b	Add cleanup in functions for secure reason Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	f26f6ade0c	Rebase and solve conflicts Remove the double definition and change name Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	f13c56032f	Revert some changes about tls13 and macros There is one PR #4988 to change it in the future Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	7c91705e21	Remove support for MBEDTLS_SSL_EXPORT_KEYS Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	46c6fc74f1	Fix compile issue about MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	a763498490	Change code based on commetns Focus on the code style, naming rule,etc. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	4cab0240c7	Change coding style Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	aa5f5c1f5d	TLS1.3: Add server finish processing in client side Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:22 +00:00
Ronald Cron	91fe315c69	Merge pull request #5134 from xffbai/add-hostname-ext TLS1.3 Add hostname extension	2021-11-09 12:28:14 +01:00
Xiaofei Bai	f36e1677b1	Fix alignment Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-09 09:28:25 +00:00
Xiaofei Bai	6f435f07d2	Fix compile error Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-09 04:08:32 +00:00
Xiaofei Bai	58afdba887	Fix typo and remove wrapper Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-09 03:10:05 +00:00
Jerry Yu	a1a568c2f6	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-11-09 10:17:21 +08:00
Ronald Cron	260f5d9413	Merge pull request #4953 from yuhaoth/pr/add-tls13-read-certificate-verfify TLS1.3: CertificateVerify:add tls13 read certificate verfify	2021-11-08 09:36:35 +01:00
Jerry Yu	1ca80f7ca5	fix comment issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-11-08 10:45:16 +08:00
Gilles Peskine	c756b5f9fa	Merge pull request #5126 from haampie/fix/DT_NEEDED_for_shared_libraries DT_NEEDED for shared builds in makefile	2021-11-05 12:04:29 +01:00
Xiaofei Bai	15a56813a2	TLS1.3 Add hostname extention Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-05 10:52:12 +00:00
Manuel Pégourié-Gonnard	8a232d231a	Merge pull request #4966 from gilles-peskine-arm/missing-psa-macros Add missing PSA macros	2021-11-05 10:08:58 +01:00
Jerry Yu	5398c10b89	Add return value check for cerificate verify Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-11-05 13:32:38 +08:00
Harmen Stoppels	fcb4fb71e3	Reorder linker flags Signed-off-by: Harmen Stoppels <harmenstoppels@gmail.com>	2021-11-04 17:34:27 +01:00
Harmen Stoppels	70842950fd	Restore the whitespace Signed-off-by: Harmen Stoppels <harmenstoppels@gmail.com>	2021-11-04 13:09:02 +01:00
Gilles Peskine	f4ecf305fe	Fix copypasta in #endif comment Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-11-03 18:27:22 +01:00
Gabor Mezei	642eeb2879	Fix documentation and comments Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-03 16:13:32 +01:00
Gilles Peskine	f7b4137e69	Untangle PSA_ALG_IS_HASH_AND_SIGN and PSA_ALG_IS_SIGN_HASH The current definition of PSA_ALG_IS_HASH_AND_SIGN includes PSA_ALG_RSA_PKCS1V15_SIGN_RAW and PSA_ALG_ECDSA_ANY, which don't strictly follow the hash-and-sign paradigm: the algorithm does not encode a hash algorithm that is applied prior to the signature step. The definition in fact encompasses what can be used with psa_sign_hash/psa_verify_hash, so it's the correct definition for PSA_ALG_IS_SIGN_HASH. Therefore this commit moves definition of PSA_ALG_IS_HASH_AND_SIGN to PSA_ALG_IS_SIGN_HASH, and replace the definition of PSA_ALG_IS_HASH_AND_SIGN by a correct one (based on PSA_ALG_IS_SIGN_HASH, excluding the algorithms where the pre-signature step isn't to apply the hash encoded in the algorithm). In the definition of PSA_ALG_SIGN_GET_HASH, keep the condition for a nonzero output to be PSA_ALG_IS_HASH_AND_SIGN. Everywhere else in the code base (definition of PSA_ALG_IS_SIGN_MESSAGE, and every use of PSA_ALG_IS_HASH_AND_SIGN outside of crypto_values.h), we meant PSA_ALG_IS_SIGN_HASH where we wrote PSA_ALG_IS_HASH_AND_SIGN, so do a global replacement. ``` git grep -l IS_HASH_AND_SIGN ':!include/psa/crypto_values.h' \| xargs perl -i -pe 's/ALG_IS_HASH_AND_SIGN/ALG_IS_SIGN_HASH/g' ``` Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-11-03 15:48:15 +01:00
Gilles Peskine	e7be73d579	Use the new macro PSA_HASH_BLOCK_LENGTH Replace an equivalent internal function. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-11-03 15:47:03 +01:00
Mateusz Starzyk	e6d3edaf32	Add missing PSA_ALG_IS_SIGN_HASH macro. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-11-03 15:47:03 +01:00
Harmen Stoppels	01ef723bba	DT_NEEDED for shared builds in makefile The makefile build specifies -L. -lmbedx509 -lmbedcrypto flags first, and only then object files referencing symbols from those libraries. In this order the linker will not add the linked libraries to the DT_NEEDED section because they are not referenced yet (at least that happens for me on ubuntu 20.04 with the default gnu compiler tools). By first specifying the object files and then the linked libraries, we do end up with libmbedx509 and libmbedcrypto in the DT_NEEDED sections. This way running dlopen(...) on libmedtls.so just works. Note that the CMake build does this by default. Signed-off-by: Harmen Stoppels <harmenstoppels@gmail.com>	2021-11-03 01:06:11 +01:00
Manuel Pégourié-Gonnard	0dbe1dfa1c	Merge pull request #4859 from brett-warren-arm/supported_groups Add mbedtls_ssl_conf_groups to API	2021-11-02 10:49:09 +01:00
Jerry Yu	ba9c727e94	fix memory leak issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-30 20:23:45 +08:00
Jerry Yu	47413c2c8f	fix wrong version header for tls1.3 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-30 20:23:37 +08:00
Manuel Pégourié-Gonnard	4313d3ac87	Merge pull request #5010 from gilles-peskine-arm/psa-rsa-pss_any_salt PSA: fix salt length for PSS verification	2021-10-29 16:36:36 +02:00
Brett Warren	14efd33a6c	Convert TLS1.3 functions to get_supported_groups Signed-off-by: Brett Warren <brett.warren@arm.com>	2021-10-29 15:13:48 +01:00
Brett Warren	01f3dae3f3	Refactor elliptic curve extension for NamedGroups The refactoring is needed for the group api to work properly. Code is modified to use mbedtls_get_supported_groups instead of direct access so that both deprecated and new api are useable. Signed-off-by: Brett Warren <brett.warren@arm.com>	2021-10-29 14:07:46 +01:00
Jerry Yu	6f87f2521c	Refactor ssl_tls13_parse_certificate_verify Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 20:15:03 +08:00
Jerry Yu	d0fc585b7e	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Jerry Yu	0b32c502a4	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Jerry Yu	da8cdf2fa9	Remove certificate_verify_coordinate Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Jerry Yu	982d9e5db2	Add ssl_tls13_sig_alg_is_offered To keep consistent with cipher_suite check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Jerry Yu	133690ccef	Refactor hash computation Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Jerry Yu	26c2d11802	Fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Jerry Yu	30b071cb66	tls13:Add certificate verify Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Jerry Yu	0bbb39786d	tls13: add labels add client and server cv magic words Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Brett Warren	e0edc8407b	Add mbedtls_ssl_conf_groups to API mbedtls_ssl_conf_groups allows supported groups for key sharing to be configured via their IANA NamedGroup ID. This is added in anticipation of PQC and Hybrid key sharing algorithms being integrated into Mbed TLS. mbedtls_ssl_conf_curves is deprecated in favor of mbedtls_ssl_conf_groups. handshake_init has been modified to translate and copy curves configured via conf_curves into a heap allocatied array of NamedGroup IDs. This allows the refactoring of code interacting with conf_curve related variables (such as curve_list) to use NamedGroup IDs while retaining the deprecated API. Signed-off-by: Brett Warren <brett.warren@arm.com>	2021-10-29 11:27:00 +01:00
Ronald Cron	f660c7c923	Merge pull request #4993 from xffbai/add-tls13-read-certificate TLS1.3: add tls1_3 read certificate	2021-10-29 12:25:44 +02:00
Manuel Pégourié-Gonnard	136819fe6e	Merge pull request #4959 from gilles-peskine-arm/psa-add-aria Add ARIA to the PSA API	2021-10-29 09:38:06 +02:00
Xiaofei Bai	f93cbd2674	fix some format issues Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-10-29 02:39:30 +00:00
Jerry Yu	d2674314a3	Restore certificate_request state Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 10:14:29 +08:00
Jerry Yu	b640bf6c15	fix CI build fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 10:05:32 +08:00
Jerry Yu	83bb13101a	fix format warning Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-28 22:16:33 +08:00
Jerry Yu	7aa7186022	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-28 21:41:30 +08:00
Jerry Yu	a93ac116c8	Remove certificate_request state Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-28 21:36:03 +08:00
Xiaofei Bai	ff45602c74	Add local variable verify_result Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-10-28 21:28:08 +08:00
Xiaofei Bai	10aeec0685	Fix a build error Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-10-28 21:28:08 +08:00
Xiaofei Bai	79595acf3f	Update based on review comments. Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-10-28 21:28:08 +08:00
Xiaofei Bai	947571efff	add tls1_3 read certificate Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-10-28 21:28:08 +08:00
Ronald Cron	7cd24ded48	Merge pull request #5114 from yuhaoth/pr/add-get-uint24 Add GET/PUT_UINT24_BE/LE	2021-10-28 13:57:57 +02:00
Ronald Cron	cf1f376b24	Merge pull request #4937 from xkqian/add_tls13_encrypted_extension The rebase after the two approvals was simple enough to need only one reviewer.	2021-10-28 09:34:56 +02:00
Manuel Pégourié-Gonnard	4c9313fcd9	Merge pull request #4514 from mpg/generated-files-cmake Generated files cmake	2021-10-28 09:23:41 +02:00
Jerry Yu	29287a46d2	fix wrong para name in doxygen comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-28 10:26:13 +08:00
XiaokangQian	ab7f50d638	Change macro names and add test script for extensions Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-10-28 01:54:39 +00:00

1 2 3 4 5 ...

7805 commits