Jerry Yu
447a3bee17
fix wrong typo and format issues
...
Change-Id: I99a4c7d28c26bfcc43bc8947485d1dfafb6974dc
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-18 09:55:36 +08:00
lhuang04
8c51b73c86
Update CMake version for CMP0090
...
Summary:
[CMP0090](https://cmake.org/cmake/help/latest/policy/CMP0090.html ) was introduced in CMake version 3.15. The CMake version guard
should be greater or equal to 3.15.
My cmake version is 3.14.5, and run into the following error.
```
cmake --version
cmake version 3.14.5
```
```
CMake Error at CMakeLists.txt:338 (cmake_policy):
Policy "CMP0090" is not known to this version of CMake.
-- Configuring incomplete, errors occurred!
Test Plan:
```
cmake
```
Signed-off-by: lhuang04 <lhuang04@fb.com>
2021-08-17 12:50:11 -07:00
Jerry Yu
7276f13c93
fix comments for sig_algs parser
...
Change-Id: I68bd691c4b67fb18ff9d55ead34f5517b1b981de
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-17 18:25:57 +08:00
Manuel Pégourié-Gonnard
684543a3a8
Merge pull request #4807 from hanno-arm/bio_recv_ret_0_eof
...
Document that returning 0 from the recv callback means EOF
2021-08-17 10:30:46 +02:00
Jerry Yu
7899de839c
fix comments and format issues
...
Change-Id: I927d97f9d788389d6abb9edbda0f7c3e2f8e9b63
CustomizedGitHooks: yes
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-17 13:26:59 +08:00
Jerry Yu
f7fce9200c
Remove rsa_pss_rsae_sha256 from preset_sig_algs.
...
To keep consistent with ssl_{clien2t,server2}.
Change-Id: I08dbe47a3d9b778ba3acad283f608fef4e63c626
CustomizedGitHooks: yes
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-17 13:26:53 +08:00
Archana
0dc86b5a2a
Remove dependency of builtin keys on storage
...
The psa_open_key API depends on MBEDTLS_PSA_CRYPTO_STORAGE_C.
This is unnecessary for builtin keys and so is fixed.
Updated an open_fail test vector keeping with the same.
Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-08-17 02:46:00 +05:30
Manuel Pégourié-Gonnard
93a3ca6caf
Merge pull request #4413 from gilles-peskine-arm/tls_ext_cid-config
...
Allow configuring MBEDTLS_TLS_EXT_CID at compile time
2021-08-13 10:49:50 +02:00
Manuel Pégourié-Gonnard
f11724bf2e
Merge pull request #4861 from yuhaoth/pr/add-openssl-gnutls-tls1_3-check
...
Add openssl/gnutls tls1.3 feature tests.
2021-08-13 09:15:22 +02:00
Manuel Pégourié-Gonnard
4512f21473
Merge pull request #3572 from mpg/add-arm-linux-build
...
Add arm-linux-gnueabi-gcc build
2021-08-12 13:16:02 +02:00
Manuel Pégourié-Gonnard
5e344563e4
Merge pull request #4858 from hanno-arm/upstream_tls13_transforms
...
Upstream TLS 1.3 record transformations structure fields
2021-08-12 12:29:54 +02:00
Manuel Pégourié-Gonnard
2fb897ecf9
Merge pull request #4852 from hanno-arm/unify_cli_srv_hs_step
...
Share preparatory code between client and server handshake steps
2021-08-12 12:24:51 +02:00
Manuel Pégourié-Gonnard
b7745d2323
Merge pull request #4834 from hanno-arm/msg_layer_reset_helper
...
Move messaging related session reset into separate helper function
2021-08-12 12:20:33 +02:00
Manuel Pégourié-Gonnard
409c8f6e1b
Merge pull request #4851 from hanno-arm/hs_msg_without_checksum
...
Add handshake message writing variant that doesn't update checksum
2021-08-12 11:54:10 +02:00
Gilles Peskine
7dd2f504b3
Allow configuring MBEDTLS_TLS_EXT_CID at compile time
...
The numerical identifier of the CID extension hasn't been settled yet
and different implementations use values from different drafts. Allow
configuring the value at compile time.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-08-12 10:31:01 +02:00
Hanno Becker
a9e4e6fd6f
ssl_server2: Add usage string for TLS 1.3 key exchange modes
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:31:52 +01:00
Hanno Becker
cfa4d4b3f5
ssl_client2: Adjust usage string to recognized cmd line parameter
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:31:14 +01:00
Hanno Becker
30319f1f88
Remove misplaced comment in TLS 1.3 ciphersuite definitions
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:31:14 +01:00
Hanno Becker
5d045a8b89
Stick to 'ephemeral' instead of ECDHE for TLS 1.3 key exchanges
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:31:14 +01:00
Hanno Becker
674f9480cf
Fix typo: algorithmc -> algorithms
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:31:14 +01:00
Hanno Becker
d4fa9bc710
Remove outdated mentioning of version-specific ciphersuite config
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:31:14 +01:00
Hanno Becker
a2535931ac
Add Doxygen documentation for TLS 1.3 key exchange macros
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:31:14 +01:00
Hanno Becker
932064d660
Add ssl-opt.sh tests for ssl_client/server TLS 1.3 kex parameters
...
Those tests are so far only checking that ssl_client2/ssl_server2
recognize the arguments, nothing more.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:31:14 +01:00
Hanno Becker
2c0f697fbc
Support TLS 1.3 key exchange config in ssl_client2/ssl_server2
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:31:14 +01:00
Hanno Becker
71f1ed66c2
Add identifiers and API for configuration of TLS 1.3 key exchanges
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:28:45 +01:00
Hanno Becker
e2defad0bb
Fix indentation of pre-existing code-block in ssl_tls.c
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:28:45 +01:00
Hanno Becker
ae336852c5
Add ssl-opt.sh run to TLS 1.3 test in all.sh
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:28:45 +01:00
Hanno Becker
e486b2d7bb
Document use of mbedtls_ssl_conf_ciphersuites() for TLS 1.3
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:28:45 +01:00
Hanno Becker
8ca26923eb
Add TLS 1.3 ciphersuites
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:28:45 +01:00
Hanno Becker
e043d15d75
Turn comments of 1.3 record transforms into Doxygen documentation
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:22:52 +01:00
Dave Rodgman
2aec149e13
Merge pull request #4248 from hanno-arm/tls13_populate_transform
...
Fix and test compliance of TLS 1.3 record protection
2021-08-11 16:41:51 +01:00
Jerry Yu
0402979ed3
Add openssl/gnutls tls1.3 feature tests.
...
Add functions and test cases to make sure
tls1.3 is available in openssl/gnutls
Change-Id: I797d15117a8de96614f392e6bb2ed16b6d71ba69
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-11 18:09:49 +08:00
Hanno Becker
deb68ce2d1
Fix guard around TLS 1.3 SigAlg configuration
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-10 16:04:05 +01:00
Hanno Becker
9c6aa7bb9a
Add default values for TLS 1.3 SigAlg configuration
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-10 13:55:49 +01:00
Hanno Becker
11ceadd382
Add cmdline param for TLS 1.3 sig alg config to ssl_{client,server}2
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-10 13:55:46 +01:00
Hanno Becker
1cd6e0021f
Add experimental API for configuration of TLS 1.3 sig algs
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-10 13:55:43 +01:00
Mateusz Starzyk
e0f5227550
Add CCM test for calling finish without any input.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-08-10 14:31:57 +02:00
Hanno Becker
551265f879
Add TLS 1.3 IANA signature-algorithm values
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-10 13:03:48 +01:00
Mateusz Starzyk
8fb1754e1a
Add short description for CCM test functions.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-08-10 14:00:14 +02:00
Mateusz Starzyk
f442de69eb
Add tests for CCM corner cases.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-08-10 14:00:14 +02:00
Mateusz Starzyk
bccbf88bc3
Rename CCM test functions.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-08-10 14:00:14 +02:00
Mateusz Starzyk
2f1754916c
Improve comment on local_output.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-08-10 14:00:14 +02:00
Mateusz Starzyk
a42f9537b5
Improve documentation for CCM's processed
variable.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-08-10 14:00:14 +02:00
Mateusz Starzyk
b73c3ec1bc
Restore MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED as default ret.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-08-10 14:00:14 +02:00
Mateusz Starzyk
62d22f9782
Use additional state in CCM to track auth data input.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-08-10 14:00:14 +02:00
Mateusz Starzyk
4f2dd8aada
Fix errors returned by CCM functions.
...
Add new error code for calling functions in wrong order.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-08-10 14:00:14 +02:00
Mateusz Starzyk
f337850738
Use const size buffer for local output in CCM decryption.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-08-10 13:59:36 +02:00
Mateusz Starzyk
c562788068
Fix local buffer allocation conditions.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-08-10 13:58:39 +02:00
Mateusz Starzyk
ceb5bc6150
Fix typos.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-08-10 13:58:39 +02:00
Mateusz Starzyk
8788906947
Add CCM test for edge cases.
...
Cover:
- not calling auth data update
- not calling cipher text update
- exceeding configured auth data length
- exceeding configured cipher text length
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-08-10 13:58:39 +02:00