Przemek Stekiel
f4e8f01964
psa_tls12_prf_key_derivation_t: add other_secret and other_secret_length fields to handle mixed PSK
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-07 15:01:50 +02:00
Przemek Stekiel
37c81c4f05
Extend PSA_ALG_TLS12_PSK_TO_MS alg (add #PSA_KEY_DERIVATION_INPUT_OTHER_SECRET input)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-07 15:01:50 +02:00
Ronald Cron
0e980e8e84
Merge pull request #5640 from ronald-cron-arm/version-negotiation-2
...
TLS 1.2/1.3 version negotiation - 2
2022-04-01 12:29:06 +02:00
Manuel Pégourié-Gonnard
33a9d61885
Merge pull request #5638 from paul-elliott-arm/ssl_cid_accessors
...
Accessors to own CID within mbedtls_ssl_context
2022-04-01 11:36:00 +02:00
Paul Elliott
0113cf1022
Add accessor for own cid to ssl context
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-31 19:21:41 +01:00
Ronald Cron
bdb4f58cea
Add and update documentation of some minor version fields
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-31 18:24:59 +02:00
Dave Rodgman
017a19997a
Update references to old Github organisation
...
Replace references to ARMmbed organisation with the new
org, Mbed-TLS, following project migration.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-03-31 14:43:16 +01:00
Ronald Cron
a980adf4ce
Merge pull request #5637 from ronald-cron-arm/version-negotiation-1
...
TLS 1.2/1.3 version negotiation - 1
2022-03-31 11:47:16 +02:00
Manuel Pégourié-Gonnard
3304f253d7
Merge pull request #5653 from paul-elliott-arm/handshake_over
...
Add mbedtls_ssl_is_handshake_over()
2022-03-30 12:16:40 +02:00
Paul Elliott
571f1187b6
Merge pull request #5642 from mprse/ecp_export
...
Add ECP keypair export function
2022-03-29 17:19:04 +01:00
Dave Rodgman
1c41501949
Merge pull request #5632 from tom-cosgrove-arm/seclib-667-sha512-acceleration-mbedtls-internal
...
SECLIB-667: Accelerate SHA-512 with A64 crypto extensions
2022-03-29 15:34:12 +01:00
Ronald Cron
de1adee51a
Rename ssl_cli/srv.c
...
Rename ssl_cli.c and ssl_srv.c to reflect the fact
that they are TLS 1.2 specific now. Align there new
names with the TLS 1.3 ones.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 14:39:49 +02:00
Ronald Cron
63d97ad0bb
Merge pull request #5559 from yuhaoth/pr/add-rsae-sha384-sha512
...
Add rsae sha384 sha512
2022-03-29 14:01:51 +02:00
Manuel Pégourié-Gonnard
cefa904759
Merge pull request #5622 from paul-elliott-arm/timing_delay_accessor
...
Accessor for mbedtls_timing_delay_context final delay
2022-03-25 09:14:41 +01:00
Jerry Yu
e6e73d63ec
fix comments issue
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-24 13:07:28 +08:00
Tom Cosgrove
87fbfb5d82
SECLIB-667: Accelerate SHA-512 with A64 crypto extensions
...
Provide an additional pair of #defines, MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
and MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. At most one of them may be
specified. If used, it is necessary to compile with -march=armv8.2-a+sha3.
The MBEDTLS_SHA512_PROCESS_ALT and MBEDTLS_SHA512_ALT mechanisms
continue to work, and are mutually exclusive with SHA512_USE_A64_CRYPTO.
There should be minimal code size impact if no A64_CRYPTO option is set.
The SHA-512 implementation was originally written by Simon Tatham for PuTTY,
under the MIT licence; dual-licensed as Apache 2 with his kind permission.
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-03-23 21:40:53 +00:00
Manuel Pégourié-Gonnard
5e4bf95d09
Merge pull request #5602 from superna9999/5174-md-hmac-dtls-cookies
...
MD: HMAC in DTLS cookies
2022-03-23 13:05:24 +01:00
Paul Elliott
93ba3e3918
Add mbedtls_ssl_is_handshake_over() function
...
Add function to query if SSL handshake is over or not, in order to
determine when to stop calling mbedtls_ssl_handshake_step among other
things. Document function, and add warnings that the previous method of
ascertaining if handshake was over is now deprecated, and may break in
future releases.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-22 22:47:49 +00:00
Neil Armstrong
488a40eecb
Rename psa_hmac to psa_hmac_key in mbedtls_ssl_cookie_ctx
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-22 10:41:38 +01:00
Neil Armstrong
c0db7623ec
Also guard include of mbedtls/threading.h in ssl_cookie.h when USE_PSA_CRYPTO is set
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-22 10:38:58 +01:00
Jerry Yu
406cf27cb5
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:14:53 +08:00
Jerry Yu
b02ee18e64
replace use_psa_crypto with psa_crypto_c
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:35 +08:00
Jerry Yu
704cfd2a86
fix comments and style issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:35 +08:00
Jerry Yu
718a9b4a3f
fix doxgen fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
bc18c23531
Guard pk_sign_ext with PSA_CRYPTO_C
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
79c004148d
Add PSA && TLS1_3 check_config
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
8beb9e173d
Change prototype of pk_sign_ext
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
d69439aa61
add mbedtls_pk_sign_ext
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Paul Elliott
b9af2db4cf
Add accessor for timing final delay
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-21 15:26:19 +00:00
Przemek Stekiel
a677b5f6c7
Fix minor issues
...
- parameter name in function description
- test_suite_ecp.data: add new line at the end of file
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-21 09:49:40 +01:00
Przemek Stekiel
711d0f5e29
Add implemetation of ECP keypair export function
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-18 13:52:26 +01:00
Manuel Pégourié-Gonnard
7c92fe966a
Merge pull request #5614 from gabor-mezei-arm/5203_tls_cipher_tickets_use_psa_for_protection
...
TLS Cipher 2a: tickets: use PSA for protection
2022-03-17 09:50:09 +01:00
Dave Rodgman
2cecd8aaad
Merge pull request #3624 from daxtens/timeless
...
RFC: Fix builds with MBEDTLS_HAVE_TIME disabled and test
2022-03-15 16:43:19 +00:00
Dave Rodgman
868d38f50f
Merge pull request #5547 from tom-cosgrove-arm/seclib-667-sha256-acceleration-mbedtls-internal
...
SECLIB-667: Accelerate SHA-256 with A64 crypto extensions
2022-03-14 12:57:37 +00:00
Manuel Pégourié-Gonnard
c11bffe989
Merge pull request #5139 from mprse/key_der_ecc
...
PSA: implement key derivation for ECC keys
2022-03-14 09:17:13 +01:00
Gabor Mezei
2a02051286
Use PSA in TLS ticket handling
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-10 17:09:59 +01:00
Manuel Pégourié-Gonnard
10e5cdbbbf
Merge pull request #5454 from gstrauss/cert_cb-user_data
...
server certificate selection callback
2022-03-10 11:51:42 +01:00
Glenn Strauss
9bff95f051
Adjust comment describing mbedtls_ssl_set_hs_own_cert()
...
mbedtls_ssl_set_hs_own_cert() is callable from the certificate selection
callback.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-03-10 04:45:27 -05:00
Manuel Pégourié-Gonnard
d815114f93
Merge pull request #5524 from mprse/tls_ecdh_2c
...
TLS ECDH 2c: ECHDE in TLS 1.3 (client-side)
2022-03-08 11:43:45 +01:00
Neil Armstrong
7cd0270d6c
Drop mutex in mbedtls_ssl_cookie_ctx when PSA is used
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-07 14:33:21 +01:00
Neil Armstrong
77b69ab971
Remove non-PSA MAC key in mbedtls_ssl_cookie_ctx
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-04 14:45:45 +01:00
Daniel Axtens
f071024bf8
Do not include time.h without MBEDTLS_HAVE_TIME
...
MBEDTLS_HAVE_TIME is documented as: "System has time.h and time()."
If that is not defined, do not attempt to include time.h.
A particular problem is platform-time.h, which should only be included if
MBEDTLS_HAVE_TIME is defined, which makes everything messier. Maybe it
should be refactored to have the check inside the header.
Signed-off-by: Daniel Axtens <dja@axtens.net>
2022-03-04 05:07:45 -05:00
Neil Armstrong
bca99ee0ac
Add PSA key in mbedtls_ssl_cookie_ctx
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-04 10:20:20 +01:00
Przemek Stekiel
3f076dfb6d
Fix comments for conditional compilation
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-04 09:36:46 +01:00
Gilles Peskine
1f13e984ad
Merge pull request #5529 from superna9999/5514-translate-psa-errs-to-mbedtls
...
Rename, move and refine PSA to mbedtls PK errors mappings
2022-03-03 13:30:29 +01:00
Gilles Peskine
d929dbbb25
Merge pull request #5368 from mfil/feature/additional_md_getters
...
Add function to get message digest info from context
2022-03-02 16:44:26 +01:00
Neil Armstrong
19915c2c00
Rename error translation functions and move them to library/pk_wrap.*
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-01 15:21:02 +01:00
Gilles Peskine
f48bd4bccb
Merge pull request #5371 from AndrzejKurek/doxygen-duplicate-parameter-docs
...
doxygen: merge multiple descriptions of the same return codes
2022-02-28 17:09:45 +01:00
Gilles Peskine
0037fcd6c7
Merge pull request #4910 from gilles-peskine-arm/check_config-chachapoly-development
...
Add check_config checks for AEAD
2022-02-28 17:07:48 +01:00
Glenn Strauss
0ebf24a668
Adjust comment describing mbedtls_ssl_conf_sni()
...
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-02-25 19:55:53 -05:00