mbedtls

Author	SHA1	Message	Date
Valerio Setti	d4a5d461de	library: add remaining changes for the new ECP_LIGHT symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Ronald Cron	8a12aeec93	tls: Initialize SSL context tls_version in mbedtls_ssl_setup() Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Manuel Pégourié-Gonnard	43cc127d3a	Fix code style Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard	b8b07aa24a	Handle errors from functions that now return int A few functions were changed from returning void to returning int three commits ago. Make sure their callers check the return values. This commits was basically a matter of declaring newly-int-returning functions MBEDTLS_CHECK_RETURN_CRITICAL and then fixing the resulting warnings. A few functions had to be made int in the process; they were applied the same process as well. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Xiaokang Qian	934ce6f6a9	Rename the finalize_client{server}_hello() Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	7179f810f1	Restore the empty lines Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	44051f6376	Refine the state change after write client hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	79f77528f5	Move state change to finalize client hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	592021aceb	Add CCS after client hello in case of early data and comp mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	b46275c7ec	Add TLS1_3 guard to finalize_write_client_hello() to fix compile issue Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:43 +00:00
Xiaokang Qian	126929f825	Move early keys generation into mbedtls_ssl_tls13_finalize_write_client_hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:46:45 +00:00
Xiaokang Qian	854db28bb7	Set hs_psk,ciphercuit_info and kex mode when writing pre-share key Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	df6f52e2b2	Generate early key and switch outbound key to it after write client hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:59 +00:00
Gilles Peskine	449bd8303e	Switch to the new code style Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-01-11 14:50:10 +01:00
Manuel Pégourié-Gonnard	28d4d43416	Merge pull request #6863 from valeriosetti/issue6830 Remove uses of mbedtls_ecp_curve_info in TLS (with USE_PSA)	2023-01-10 10:01:17 +01:00
Gilles Peskine	cd0a565644	Merge pull request #6703 from yuhaoth/pr/tls13-misc-from-prototype TLS 1.3: Upstream misc fix from prototype	2023-01-05 14:35:54 +01:00
Valerio Setti	18c9fed857	tls: remove dependency from mbedtls_ecp_curve functions Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2023-01-03 13:03:34 +01:00
Manuel Pégourié-Gonnard	4064a82802	Merge pull request #5600 from yuhaoth/pr/refactor-cookie-members-of-handshake Refactor cookie members of handshake	2022-12-14 10:55:34 +01:00
Jerry Yu	141bbe7bee	tls13: Adjust include files - remove duplicate and unused included - Adjust the order to system, mbedtls global, local. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-09 09:51:20 +08:00
Jerry Yu	e01304f6d8	fix type conversion issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-05 19:58:46 +08:00
Jerry Yu	ac5ca5a0ea	Refactor cookie members of handshake struct Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-05 19:58:45 +08:00
Tom Cosgrove	1797b05602	Fix typos prior to release Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-12-04 17:19:59 +00:00
Jerry Yu	97be6a913e	fix various issues - typo error - replace `ssl->hanshake` with handshake Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-09 22:43:31 +08:00
Jerry Yu	7de2ff0310	Refactor extension list print Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-08 23:51:39 +08:00
Jerry Yu	63a459cde5	Refactor client_hello parser and writer Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-06 11:54:21 +08:00
Jerry Yu	4b8f2f7266	Refactor sent extension message output Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-06 11:54:21 +08:00
Jerry Yu	c4bf5d658e	fix various issues - Signature of - mbedtls_tls13_set_hs_sent_ext_mask - check_received_extension and issues - Also fix comment issue. - improve readablity. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-31 16:41:42 +08:00
Jerry Yu	0c354a211b	introduce sent/recv extensions field And remove `extensions_present` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-31 16:41:42 +08:00
Gilles Peskine	744fd37d23	Merge pull request #6467 from davidhorstmann-arm/fix-unusual-macros-0 Fix unusual macros	2022-10-25 19:55:29 +02:00
David Horstmann	7aee0ec0ba	Minor improvements in ssl_client.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-25 10:38:25 +01:00
Ronald Cron	e68ab4f55e	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED to guard TLS code (both TLS 1.2 and 1.3) specific to handshakes involving certificates. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	41a443a68d	tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK.*ENABLED Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED instead of MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED to guard code specific to one of the TLS 1.3 key exchange mode with PSK. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	49e4184812	Merge pull request #6299 from xkqian/tls13_add_servername_check Add server name check when proposing pre-share key	2022-10-13 16:00:59 +02:00
Gilles Peskine	0fe6631486	Merge pull request #6291 from gilles-peskine-arm/platform.h-unconditional-3.2 Include platform.h unconditionally	2022-10-13 10:19:22 +02:00
Xiaokang Qian	307a7303fd	Rebase and replace session_negotiate Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:14:32 +00:00
Xiaokang Qian	ed3afcd6c3	Fix various typo and macro guards issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00
Xiaokang Qian	ed0620cb13	Refine code base on comments Move code to proper macro guards protection Fix typo issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00
Xiaokang Qian	03409290d2	Add MBEDTLS_SSL_SESSION_TICKETS guard to server name check Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00
Xiaokang Qian	d7adc374d3	Refine the server name compare logic Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00
Xiaokang Qian	a3b451f950	Adress kinds of comments base on review Rename function name to mbedtls_ssl_session_set_hostname Add two extra check cases for server name Fix some coding styles Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00
Xiaokang Qian	2f9efd3038	Address comments base on review Change function name to ssl_session_set_hostname() Remove hostname_len Change hostname to c_string Update test cases to multi session tickets Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:49 +00:00
Xiaokang Qian	bc663a0461	Refine code based on commnets Change code layout Change hostname_len type to size_t Fix various issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:01 +00:00
Xiaokang Qian	ecd7528c7f	Address some comments Hostname_len has at least one byte Change structure serialized_session_tls13 Fix various issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:03:44 +00:00
Xiaokang Qian	281fd1bdd8	Add server name check when proposeing pre-share key Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:03:41 +00:00
Jerry Yu	22c18c1432	Add NULL check in prepare hello `session_negotiate` is used directly in `ssl_prepare_client_hello` without NULL check. Add the check in the beggining to avoid segment fault. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-11 18:07:19 +08:00
Jerry Yu	4f77ecf409	disable session resumption when ticket expired Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-10 22:10:08 +08:00
Jerry Yu	21f9095fa8	Revert "move ciphersuite validation to set_session" This reverts commit `19ae6f62c7`. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-08 14:35:34 +08:00
Jerry Yu	379b91a393	add ticket age check Remove ticket if it is expired. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-08 10:21:15 +08:00
David Horstmann	4a28563e84	Refactor macro-spanning ifs in ssl_client.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-07 14:08:42 +01:00
Gilles Peskine	945b23c46f	Include platform.h unconditionally: automatic part We used to include platform.h only when MBEDTLS_PLATFORM_C was enabled, and to define ad hoc replacements for mbedtls_xxx functions on a case-by-case basis when MBEDTLS_PLATFORM_C was disabled. The only reason for this complication was to allow building individual source modules without copying platform.h. This is not something we support or recommend anymore, so get rid of the complication: include platform.h unconditionally. There should be no change in behavior since just including the header should not change the behavior of a program. This commit replaces most occurrences of conditional inclusion of platform.h, using the following code: ``` perl -i -0777 -pe 's!#if.\n#include "mbedtls/platform.h"\n(#else.\n(#define (mbedtls\|MBEDTLS)_.\n\|#include <(stdarg\|stddef\|stdio\|stdlib\|string\|time)\.h>\n))?#endif.*!#include "mbedtls/platform.h"!mg' $(git grep -l '#include "mbedtls/platform.h"') ``` Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-15 20:33:07 +02:00

1 2

88 commits