mbedtls

Author	SHA1	Message	Date
Dave Rodgman	c98f8d996a	Merge branch 'development' into safer-ct5 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-08-07 11:47:35 +01:00
Manuel Pégourié-Gonnard	de8f56e936	Merge pull request #7884 from valeriosetti/issue7612 TLS: Clean up (EC)DH dependencies	2023-08-01 07:13:36 +00:00
Valerio Setti	ea59c43499	tls: fix a comment a rename a variable/symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-25 11:14:03 +02:00
Manuel Pégourié-Gonnard	828b3acd6b	Merge pull request #7848 from valeriosetti/issue7749 driver-only ECC: EPCf.TLS testing	2023-07-18 10:33:21 +02:00
Gilles Peskine	6aca2c9613	Merge pull request #7716 from mpg/psa-util-internal Split psa_util.h between internal and public	2023-07-10 18:33:23 +02:00
Valerio Setti	da403b749e	tls: use already existing symbols to size the buffer for XXDḦ peer key Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 16:19:05 +02:00
Valerio Setti	49e6907b5b	tls: replace ECP_LIGHT occurrencies with PK_HAVE_ECC_KEYS Up to this point "make test" runs successfully. "ssl-opt" has not been tested yet. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 09:10:20 +02:00
Valerio Setti	6eb005435c	tls: fix guards for legacy ECDH contexts Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-07 19:02:23 +02:00
Valerio Setti	3d237b5ff1	ssl_misc: fix guards for PSA data used in XXDH key exchanges Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-07 19:02:16 +02:00
Valerio Setti	c2232eadfb	tls: replace PK_CAN_ECDH guards with new helpers Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-07 17:23:53 +02:00
Valerio Setti	7aeec54094	tls: replace ECDH_C guards with new helpers Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-07 17:23:53 +02:00
Manuel Pégourié-Gonnard	d55d66f5ec	Fix missing includes Some files relied on psa_util.h to provide the includes they need. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-07-06 12:47:28 +02:00
Manuel Pégourié-Gonnard	2be8c63af7	Create psa_util_internal.h Most functions in psa_util.h are going to end up there (except those that can be static in one file), but I wanted to have separate commits for file creation and moving code around, so for now the new file's pretty empty but that will change in the next few commits. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-07-06 12:42:33 +02:00
Przemek Stekiel	408569f91a	Adapt function name: mbedtls_ssl_tls13_generate_and_write_dh_key_exchange Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-06 12:16:44 +02:00
Przemek Stekiel	7ac93bea8c	Adapt names: dh -> xxdh Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-05 09:26:26 +02:00
Przemek Stekiel	d5f79e7297	Adapt functions names for ffdh Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-05 09:26:26 +02:00
Przemek Stekiel	6f199859b6	Adapt handshake fields to ffdh Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-05 09:25:00 +02:00
Przemek Stekiel	e03ddbb497	Use valid size of peerkey buffer (EC vs FF) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-05 09:25:00 +02:00
Manuel Pégourié-Gonnard	56b159a12a	Merge pull request #7627 from mprse/ffdh_tls13_v2 Make use of FFDH keys in TLS 1.3 v.2	2023-07-03 10:12:33 +02:00
Dave Rodgman	c216d94560	Merge remote-tracking branch 'origin/development' into safer-ct5	2023-06-13 10:36:37 +01:00
Przemek Stekiel	da4fba64b8	Further code optimizations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	29c219c285	Combine mbedtls_ssl_tls13_generate_and_write_ecdh/ffdh_key_exchange functions Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	63706628d0	Adapt guards for FFDH Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:08 +02:00
Przemek Stekiel	cceb933e30	Add FFDH definitions and translation functions Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com> Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:07 +02:00
Manuel Pégourié-Gonnard	6076f4124a	Remove hash_info.[ch] Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Dave Rodgman	2801f7fa8d	Move mbedtls_ct_hmac into ssl_msg.c Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Valerio Setti	3f00b84dd1	pk: fix build issues Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-15 12:57:06 +02:00
Valerio Setti	d4a5d461de	library: add remaining changes for the new ECP_LIGHT symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Ronald Cron	eff5673e09	Improve and align variable names for supported versions data Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	47dce630f4	tls13: Add function to search for a supported_versions extension Move in a dedicated function the search for the supported_versions extension in a list of extensions, to be able to use it on server side as well. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:17 +02:00
Valerio Setti	77a904c761	ssl: remove useless guard Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-28 16:26:48 +02:00
Valerio Setti	1fa5c56863	ssl_tls: fix guard symbols for EC accelerated tests Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-28 16:26:47 +02:00
Valerio Setti	226f9b903f	ssl_tls: fix guard in ssl_misc.h Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-23 09:28:51 +01:00
Valerio Setti	080a22ba75	ssl_tls13: use PSA_WANT_ALG_ECDH as symbol for marking ECDH capability Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Valerio Setti	0c8ec3983e	ssl_tls: fix proper guards for accelerated ECDH Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Valerio Setti	90df310d89	ssl_tls13: fix guards for accel ECDH These changes fix all failures found in test_suite_ssl Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Manuel Pégourié-Gonnard	7224086ebc	Remove legacy_or_psa.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:29:31 +01:00
Manuel Pégourié-Gonnard	bef824d394	SSL: use MD_CAN macros Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:29:31 +01:00
Jan Bruckner	a0589e75a0	Changes from review Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-03-15 11:04:45 +01:00
Jan Bruckner	151f64283f	Add parsing for Record Size Limit extension in TLS 1.3 Fixes #7007 Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-03-14 08:41:25 +01:00
Manuel Pégourié-Gonnard	289e5baa83	Merge pull request #7082 from valeriosetti/issue6861 driver-only ECDSA: add ssl-opt.sh testing with testing parity	2023-03-08 16:45:38 +01:00
Gilles Peskine	a2fc399f57	Merge pull request #6829 from AndrzejKurek/unify-psa-errors Unify PSA to Mbed TLS error translation	2023-03-07 19:55:44 +01:00
Valerio Setti	2f1d967643	ssl: fix included pk header file Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-07 18:14:34 +01:00
Andrzej Kurek	8a045ce5e6	Unify PSA to Mbed TLS error translation Move all error translation utilities to psa_util.c. Introduce macros and functions to avoid having a local copy of the error translating function in each place. Identify overlapping errors and introduce a generic function. Provide a single macro for all error translations (unless one file needs a couple of different ones). Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-03 05:23:44 -05:00
Manuel Pégourié-Gonnard	f057ecfedf	Use MD not low-level sha256/512 in TLS Same reasoning as in previous commit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-24 13:30:55 +01:00
Valerio Setti	1ad9ef2132	ssl: use new macros for ECDSA capabilities Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-23 08:15:09 +01:00
Manuel Pégourié-Gonnard	43cc127d3a	Fix code style Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard	b8b07aa24a	Handle errors from functions that now return int A few functions were changed from returning void to returning int three commits ago. Make sure their callers check the return values. This commits was basically a matter of declaring newly-int-returning functions MBEDTLS_CHECK_RETURN_CRITICAL and then fixing the resulting warnings. A few functions had to be made int in the process; they were applied the same process as well. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard	226aa15702	Make handshake hashing functions return int There are three family of functions: update_checksum, calc_verify, calc_finished, that perform hashing operations and were returning void so far. This is not correct, as hashing functions can return errors (for example, on hardware failure when accelerated). Change them to return int. This commit just changes the types: for now the functions always return 0, and their return value is not checked; this will be fixed in the next few commits. There is a related function in TLS 1.3, mbedtls_ssl_reset_transcript_for_hrr, which also handles hashes, and already returns int but does not correctly check for errors from hashing functions so far, it will also be handled in the next few commits. There's a special case with handshake_params_init: _init functions should return void, so we'll need to split out the part that can return errors, see the next commit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Ronald Cron	70341c17b7	Merge pull request #6773 from yanrayw/6675-change-early_secrets-to-local TLS 1.3: Key Generation: Change tls13_early_secrets to local variable	2023-02-14 09:03:32 +01:00

1 2 3 4 5 ...

458 commits