Jerry Yu
40f3771e18
Add handshake psk export function.
...
Rename `ssl_tls13_get_psk` and export the
function.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-08-11 21:25:35 +08:00
Manuel Pégourié-Gonnard
a82a8b9f4b
Mark internal int SSL functions CHECK_RETURN_CRITICAL
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-06-20 21:12:55 +02:00
Jerry Yu
fd5ea0458f
add compute application transform
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-19 14:29:48 +08:00
Jerry Yu
d6e253ded9
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-18 16:57:45 +08:00
Jerry Yu
ff2269889d
Add client finished
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-18 09:58:48 +08:00
Jerry Yu
f86eb75c58
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-06 11:16:55 +08:00
Jerry Yu
e110d258d9
Add set outbound transform
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-05 19:59:59 +08:00
Gabor Mezei
e42d8bf83b
Add macro guard for header file
...
Some of the macros are used by the test data files and must be moved
before the macros guard.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-30 11:33:06 +02:00
Gabor Mezei
07732f7015
Translate from mbedtls_md_type_t to psa_algorithm_t
...
Do the translation as early as possible from mbedtls_md_type_t to psa_algorithm_t.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-26 17:04:19 +01:00
Xiaofei Bai
d25fab6f79
Update based on comments
...
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
2021-12-02 06:36:27 +00:00
Xiaofei Bai
89b526da3e
Fix some more variables names
...
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
2021-11-26 08:08:36 +00:00
Xiaofei Bai
746f9481ea
Fix 1_3/13 usages in macros and function names
...
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
2021-11-26 08:08:36 +00:00
XiaokangQian
a4c99f2c2d
Remove useless blank line
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-11 06:46:35 +00:00
XiaokangQian
d0aa3e9307
Inprove code base on review comments
...
Change debug messag for server finished.
Change name of generate_application_keys.
Remove the client vertificate tests from ssl-opt.sh.
Add test strings for server finished in ssl-opt.sh.
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 06:17:40 +00:00
XiaokangQian
aaa0e197a8
Change the alignment and names of functions and a macro
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 03:07:04 +00:00
XiaokangQian
c5c39d5800
Change code for styles and comments .etc
...
Remove useless code in union.
Rename functions and parameters.
Move definitions into othe files.
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
8903bd97b0
Change some naming style issues and remove useless code
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
f13c56032f
Revert some changes about tls13 and macros
...
There is one PR #4988 to change it in the future
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
46c6fc74f1
Fix compile issue about MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
a763498490
Change code based on commetns
...
Focus on the code style, naming rule,etc.
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
4cab0240c7
Change coding style
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
aa5f5c1f5d
TLS1.3: Add server finish processing in client side
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:22 +00:00
Jerry Yu
0bbb39786d
tls13: add labels
...
add client and server cv magic words
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-29 19:57:55 +08:00
Jerry Yu
c068b6671e
Rename tls13 prefix to fix coding issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
f0ac2352d6
Refactor key_schedule_stage_handshake
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
a0650ebb9d
tls13: add handshake key schedule
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
61e35e0047
tls13: add generate handshake keys
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
c1ddeef53a
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-08 15:40:14 +08:00
Jerry Yu
4836952f9d
fix tls1_3 prefix issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
b65eb2f3cf
Revert "tls13: add generate handshake keys"
...
This reverts commit f02ca4158674b974ae103849c43e0c92efc40e8c.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
e3131ef7f3
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
4925ef5da1
tls13: add generate handshake keys
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
89ea321d96
tls13: add key_schedule_stage_early_data
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Hanno Becker
c94060c641
Add TLS 1.3 specific key to SSL transform conversion function
...
This commit adds the TLS 1.3 specific internal function
```
mbedtls_ssl_tls13_populate_transform()
```
which creates an instance of the SSL transform structure
`mbedtls_ssl_transform` representing a TLS 1.3 record protection
mechanism.
It is analogous to the existing internal helper function
```
ssl_tls12_populate_transform()
```
which creates transform structures representing record
protection mechanisms in TLS 1.2 and earlier.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:52:49 +01:00
Hanno Becker
c8d3ccd67b
Fix Doxygen for TLS 1.3 PSK binder helper
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-26 04:47:29 +01:00
Hanno Becker
b7d9bad6be
Add helper function for calculation of TLS 1.3 PSK binder
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-24 11:20:30 +01:00
Hanno Becker
ef5235bc2e
Add TLS 1.3 second level key derivations
...
This commit adds helper functions to ssl_tls13_keys.[ch]
allowing to derive the secrets specific to each stage of
a TLS 1.3 handshake (early, handshake, application) from
the corresponding master secret (early secret, handshake
secret, master secret).
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-24 08:32:24 +01:00
Hanno Becker
531fe3054c
Comment on hardcoding of maximum HKDF key expansion of 255 Bytes
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-16 09:50:17 +01:00
Hanno Becker
61baae7c9f
Minor fixes and improvements in TLS 1.3 key schedule documentation
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-16 09:47:47 +01:00
Hanno Becker
5cfc7245c8
Remove outdated documentation of mbedtls_ssl_tls1_3_derive_secret()
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 13:00:29 +01:00
Hanno Becker
0c42fd94bb
Fix Doxygen documentation of mbedtls_ssl_tls1_3_derive_secret()
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 12:58:29 +01:00
Hanno Becker
0973ff9545
Remove macro definitions between Doxygen block and prototype
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 12:56:28 +01:00
Hanno Becker
1413bd8ae9
Simplify identification of TLS 1.3 labels in unit test suite
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 12:46:09 +01:00
Hanno Becker
2fe043a6d1
Remove guard for TLS 1.3 specific declarations
...
We only guard the implementations of modules, not their declarations.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 10:58:53 +01:00
Hanno Becker
9b9be00606
Remove DTLS 1.3 specific label
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 10:58:52 +01:00
Hanno Becker
00cfc1ce52
Add "e exp master" TLS 1.3 key schedule label
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 10:41:23 +01:00
Hanno Becker
70d7fb0c2d
Don't hardcode TLS 1.3 labels in test cases
...
ssl_tls1_3_keys.c exports a structure containing all labels used
in the TLS 1.3 key schedule, but the TLS 1.3 key scheduling unit
tests so far replicated those labels in the test file. In particular,
wrong label values in ssl_tls1_3_keys.c wouldn't have been caught
by the unit tests.
This commit modifies the TLS 1.3 key schedule unit tests to use
the TLS 1.3 labels as exported by ssl_tls1_3_keys.c. This not only
makes sure that those labels are correct, but also avoids hardcoding
their hex-encoding in the test file.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 10:17:37 +01:00
Hanno Becker
90551c7a26
Use uniform naming scheme for TLS 1.3 label structure
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 09:25:23 +01:00
Hanno Becker
a3a5a4e1f9
Please check-names.sh
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 11:33:48 +01:00
Hanno Becker
493ea7f4ae
Remove instances of camelCase in TLS 1.3 key schedule
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 11:08:06 +01:00