yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
29249 commits 1 branch 0 tags 94 MiB
Commit graph

29249 commits

This branch
This branch
All branches
Author SHA1 Message Date
Ronald Cron
ccfaefa361 ssl_client2: Switch from int to size_t 
Switch from int to size_t for some
data lengths and counter local
variables.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron
4e1bd470fb ssl_client2: Move code to build http request 
Move code to build http request into a
dedicated function.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron
54a3829453 ssl_client2: Simplify early_data option 
No need to define specific early data,
the idea is rather to just send the
usual request data as early data
instead of standard application data.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Xiaokang Qian
b62732e1d6 tls13: cli: Add mbedtls_ssl_write_early_data() API 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron
2261ab298f tests: early data status: Add HRR scenario 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 16:43:33 +01:00
Ronald Cron
d6dba675b8 tests: early data status: Add "server rejects" scenario 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 16:43:33 +01:00
Ronald Cron
265273e8b3 tests: early data status: Add "not sent" scenario 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 16:43:33 +01:00
Ronald Cron
5c208d7daf tests: ssl: Add scenario param to early data status testing function 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 16:43:33 +01:00
Ronald Cron
a7f94e49a8 tests: ssl: Add early data status unit test 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 16:43:33 +01:00
Ronald Cron
90e223364c tls13: cli: Refine early data status 
The main purpose of the change is to
know from the status, at any point in
the handshake, if early data can be
sent or not and why.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 16:43:33 +01:00
Ronald Cron
fe59ff794d tls13: Send dummy CCS only once 
Fix cases where the client was sending
two CCS, no harm but better to send only one.

Prevent to send even more CCS when early data
are involved without having to add conditional
state transitions.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 16:43:33 +01:00
Ronald Cron
bfcdc069ef tests: ssl: Use get TLS 1.3 ticket helper for early data test 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 16:43:33 +01:00
Ronald Cron
1f6e4e4a49 tests: ssl: Add helper function to get a TLS 1.3 ticket 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 16:43:33 +01:00
Ronald Cron
ced99be007 tests: ssl: Add early data handshake option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 16:43:33 +01:00
Ronald Cron
b4ad3e750b tests: ssl: First reset to all zeroes options in init 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 16:43:33 +01:00
Ronald Cron
fb53647b0b tests: ssl: Move group list to options 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 16:43:33 +01:00
Manuel Pégourié-Gonnard
5c9cc0b30f
Merge pull request #8727 from ronald-cron-arm/tls13-ignore-early-data-when-rejected 
TLS 1.3: SRV: Ignore early data when rejected
 2024-02-06 13:16:03 +00:00
Ronald Cron
d0a772740e tests: early data: Complete the handshake 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 11:15:48 +01:00
Ronald Cron
33327dab85 tests: early data: Switch to mnemonics for test scenarios 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-05 18:27:04 +01:00
Ronald Cron
71c6e65d83 tls13: ssl_msg.c: Improve/add comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-05 16:54:37 +01:00
Ronald Cron
31e2d83eee tls13: srv: Improve coding 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-05 16:45:57 +01:00
Manuel Pégourié-Gonnard
32c28cebb4
Merge pull request #8715 from valeriosetti/issue7964 
Remove all internal functions from public headers
 2024-02-05 15:09:15 +00:00
Janos Follath
747bedb0b0
Merge pull request #8733 from ivq/gcm_ad_len_check 
Add back restriction on AD length of GCM
 2024-02-05 13:33:58 +00:00
Dave Rodgman
12285c5c7c Add calls to BLOCK_CIPHER_PSA_INIT / BLOCK_CIPHER_PSA_DONE 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-02 17:52:41 +00:00
Ronald Cron
ae2d81c314 tests: tls13: Run early data test only in TLS 1.3 only config 
Temporary workaround to not run the early data test
in Windows-2013 where there is an issue with
mbedtls_vsnprintf().

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Jerry Yu
f57d14bed4 Ignore early data app msg before 2nd client hello 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Jerry Yu
263dbf7167 tls13: srv: Do not allow early data indication in 2nd ClientHello 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Ronald Cron
1483dc3bde tls13: cli: Indicate early data only in first ClientHello 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Ronald Cron
2995d35ac3 tls13: srv: Deprotect and discard early data records 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Jerry Yu
4caf3ca08c tls13: srv: Add discard_early_data_record SSL field 
Add discard_early_data_record in SSL context for
the record layer to know if it has to discard
some potential early data record and how.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Jerry Yu
064dd2b870 Adjust check order 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2024-02-02 17:31:20 +01:00
Ronald Cron
b90e695e09
Merge pull request #8692 from ronald-cron-arm/read-early-data 
TLS 1.3: SRV: Implement mbedtls_ssl_read_early_data()
 2024-02-02 14:07:47 +00:00
Ronald Cron
38dbab9f8d tests: ssl: Adjust early data test 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 20:10:41 +01:00
Ronald Cron
78a38f607c tls13: srv: Do not use early_data_status 
Due to the scope reduction for
mbedtls_ssl_read_early_data(), on
server as early data state variable
we now only need a flag in the
handshake context indicating if
the server has accepted early data
or not.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 20:10:35 +01:00
Ronald Cron
3b9034544e Revert "tls13: Introduce early_data_state SSL context field" 
This reverts commit 0883b8b625.
Due to the scope reduction of mbedtls_ssl_read_early_data()
it is not necessary anymore to refine the usage
of early_data_status/state rather the opposite.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 20:03:57 +01:00
Ronald Cron
164537c4a6 tls13: early data: Improve, add comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 19:52:30 +01:00
Ronald Cron
ed7d4bfda5 tls13: srv: Simplify mbedtls_ssl_read_early_data() API 
Do not progress the handshake in the API, just
read early data if some has been detected by
a previous call to mbedtls_ssl_handshake(),
mbedtls_ssl_handshake_step(),
mbedtls_ssl_read() or mbedtls_ssl_write().

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:45:07 +01:00
Ronald Cron
44d70a5f23 tls13: early data: Improve documentation 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:45:07 +01:00
Ronald Cron
2c4308958d ssl.h: Fix comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:45:07 +01:00
Ronald Cron
0883b8b625 tls13: Introduce early_data_state SSL context field 
Introduce early_data_state SSL context field to
distinguish better this internal state from
the status values defined for the
mbedtls_ssl_get_early_data_status() API.
Distinguish also between the client and
server states. Note that the client state
are going to be documented and reworked
as part of the implementation of
mbedtls_ssl_write_early_data().

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:45:04 +01:00
Ronald Cron
7d21cded3f ssl.h: Simplify guard 
MBEDTLS_SSL_EARLY_DATA implies
MBEDTLS_SSL_PROTO_TLS1_3 thus
MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_EARLY_DATA
is equivalent to MBEDTLS_SSL_EARLY_DATA.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:48 +01:00
Ronald Cron
7b6ee9482e tls13: srv: Reject early data in case of HRR 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Jerry Yu
579bd4d46b Update early data test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Jerry Yu
192e0f9b1d ssl_server2: Add read early data support 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Jerry Yu
d9ca354dbd tls13: srv: Add mbedtls_ssl_read_early_data() API 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Ronald Cron
3a04562ace Update mbedtls_ssl_read_early_data() definition 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Jerry Yu
032985c351 Add MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA error code 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Jerry Yu
6a5904db45 tls13: srv: Move early data size check placeholder 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Jerry Yu
739a1d4246 tls: Add internal function ssl_read_application_data() 
The function will be used by
mbedtls_ssl_read_early_data() as well.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Ronald Cron
5d0ae9021f tls13: srv: Refine early data status 
The main purpose is to know from the status
if early data can be received of not and
why.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00