mbedtls

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	6a25159c69	Merge pull request #5648 from gabor-mezei-arm/5403_hkdf_use_internal_psa_implementations HKDF 2: use internal implementations in TLS 1.3	2022-04-01 11:15:29 +02:00
Dave Rodgman	d7bdedc9f6	Merge pull request #5681 from daverodgman/migration Update references to old Github organisation	2022-04-01 09:51:29 +01:00
Manuel Pégourié-Gonnard	451114fe42	Merge pull request #5647 from superna9999/5179-follow-up-tls-record-hmac-no-mdinfo Remove md_info in ssl_tls12_populate_transform() when USE_PSA_CRYPTO is defined	2022-04-01 10:04:56 +02:00
Paul Elliott	02758a51df	Add tls CID tests Add tests to test tls coneection id functionality, including the new 'own cid' accessor. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-03-31 19:21:41 +01:00
Paul Elliott	0113cf1022	Add accessor for own cid to ssl context Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-03-31 19:21:41 +01:00
Ronald Cron	cbd7bfd30e	ssl-opt.sh: Force TLS 1.2 on server for TLS 1.2 specific tests Force TLS 1.2 on OpenSSL/GnuTLS server for TLS 1.2 specific tests. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 18:25:27 +02:00
Ronald Cron	634d865d80	ssl-opt.sh: Fix "no TLS 1.3 server support" test check Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 18:25:27 +02:00
Ronald Cron	11218dda96	ssl_client.c: Fix unused parameter Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 18:25:27 +02:00
Ronald Cron	bdb4f58cea	Add and update documentation of some minor version fields Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 18:24:59 +02:00
Paul Elliott	ff59a34606	Prevent free of uninitialised variables In an error case it was possible for mbedtls_mpi variables to be free'd uninitialised. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-03-31 17:14:13 +01:00
Ronald Cron	82c785fac3	Make handshake::min_minor_ver client only Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 15:44:41 +02:00
Dave Rodgman	017a19997a	Update references to old Github organisation Replace references to ARMmbed organisation with the new org, Mbed-TLS, following project migration. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-03-31 14:43:16 +01:00
Neil Armstrong	91477a7964	Switch handshake->ecdh_bits to size_t and remove now useless cast & limit checks Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-31 15:24:18 +02:00
Neil Armstrong	98f6f78a70	Update mbedtls_pk_wrap_as_opaque() documentation for ECDH derivation usage Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-31 15:24:18 +02:00
Neil Armstrong	b7b549aa71	Force server-side TLS1.2 for ECDH- Opaque PK key test Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-31 15:24:18 +02:00
Neil Armstrong	1335222f13	Return translated PSA error in PSA version of ssl_get_ecdh_params_from_cert() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-31 15:24:18 +02:00
Neil Armstrong	f788253ed3	Fix comment typo in PSA version of ssl_get_ecdh_params_from_cert() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-31 15:24:17 +02:00
Neil Armstrong	023bf8d7c2	Add ECDH- Opaque PK key test Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-31 15:24:17 +02:00
Neil Armstrong	80325d00cf	Allow ECDSA PK Opaque keys for ECDH Derivation Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-31 15:24:17 +02:00
Neil Armstrong	104a7c1d29	Handle Opaque PK EC keys in ssl_get_ecdh_params_from_cert() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-31 15:24:17 +02:00
Neil Armstrong	8113d25d1e	Add ecdh_psa_shared_key flag to protect PSA privkey if imported Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-31 15:24:17 +02:00
Neil Armstrong	5cd5f76d67	Use mbedtls_platform_zeroize() in ssl_get_ecdh_params_from_cert() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-31 15:23:12 +02:00
Neil Armstrong	4f33fbc7e9	Use PSA define for max EC key pair size in ssl_get_ecdh_params_from_cert() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-31 15:23:12 +02:00
Neil Armstrong	306d6074b3	Fix indentation issue in PSA version of ssl_get_ecdh_params_from_cert() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-31 15:23:12 +02:00
Neil Armstrong	062de7dd79	Use PSA_BITS_TO_BYTES instead of open-coded calculation in PSA version of ssl_get_ecdh_params_from_cert() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-31 15:23:12 +02:00
Neil Armstrong	1f4b39621b	Implement PSA server-side ECDH-RSA/ECDSA Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-31 15:23:12 +02:00
Ronald Cron	6476726ce4	Fix comments Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 14:13:57 +02:00
Ronald Cron	a980adf4ce	Merge pull request #5637 from ronald-cron-arm/version-negotiation-1 TLS 1.2/1.3 version negotiation - 1	2022-03-31 11:47:16 +02:00
Ronald Cron	ba120bb228	ssl_tls13_client.c: Fix ciphersuite final validation As we may offer ciphersuites not compatible with TLS 1.3 in the ClientHello check that the selected one is compatible with TLS 1.3. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 09:35:33 +02:00
Ronald Cron	8fdad9e534	ssl_tls12_client.c: Remove duplicate of ciphersuite validation Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 09:35:33 +02:00
Ronald Cron	757a2abfe2	ssl_client.c: Extend and export ciphersuite validation function Extend and export ciphersuite validation function to be able to use it in TLS 1.2/3 specific code. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 09:35:33 +02:00
Ronald Cron	f735cf1f0f	ssl_tls.c: Fix ciphersuite selection regarding protocol version Use the actual minimum and maximum of the minor version to be negotiated to filter ciphersuites to propose rather than the ones from the configuration. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 09:35:33 +02:00
Ronald Cron	9847338429	ssl_tls13_client.c: Add check in supported_versions parsing Add check in ServerHello supported_versions parsing that the length of the extension data is exactly two. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 09:33:41 +02:00
Ronald Cron	1fa4f6863b	ssl_tls.c: Return in error if default config fails Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 09:27:35 +02:00
Ronald Cron	a77fc2756e	ssl_tls13_client.c: versions ext writing : Fix available space check Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 09:27:35 +02:00
Ronald Cron	37bdaab64f	tls: Simplify the logic of the config version check and test it Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 09:26:58 +02:00
Ronald Cron	3cffc5ccb1	tls: Remove unnecessary checks of MBEDTLS_CIPHERSUITE_NODTLS Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-30 21:59:44 +02:00
Ronald Cron	150d579d7a	ssl_client.c: Improve coding style Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-30 21:58:50 +02:00
Neil Armstrong	e451295179	Remove md_info in ssl_tls12_populate_transform() when USE_PSA_CRYPTO is defined Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-30 16:41:12 +02:00
Neil Armstrong	253e9e7e6d	Use mbedtls_rsa_info directly in rsa_verify_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-30 16:39:07 +02:00
Neil Armstrong	ea54dbe7c2	Fix comment typo in rsa_verify_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-30 16:39:07 +02:00
Neil Armstrong	19e6bc4c9f	Use new PSA to mbedtls PK error mapping functions in rsa_verify_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-30 16:39:07 +02:00
Neil Armstrong	8a44bb47ac	Handle INVALID_SIGNATURE instead of INVALID_PADDING in rsa_verify_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-30 16:39:07 +02:00
Neil Armstrong	82cf804e34	Fix 80 characters indentation in rsa_verify_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-30 16:39:07 +02:00
Neil Armstrong	6baea78072	Use now shared RSA_PUB_DER_MAX_BYTES define in pk_wrap.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-30 16:39:07 +02:00
Neil Armstrong	a33280af6c	Check psa_destroy_key() return in rsa_verify_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-30 16:39:07 +02:00
Neil Armstrong	059a80c212	Map INVALID_PADDING from PSA to MbedTLS error in rsa_verify_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-30 16:39:07 +02:00
Neil Armstrong	52f41f8228	PK: RSA verification PSA wrap implementation Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-30 16:39:07 +02:00
Neil Armstrong	56d51274d8	Initialize PSA crypto in test_suite_pk for RSA verify tests Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-30 16:39:07 +02:00
Ronald Cron	da41b38c42	Improve and fix comments Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-30 14:10:03 +02:00

... 7 8 9 10 11 ...

19779 commits