mbedtls

Author	SHA1	Message	Date
Dave Rodgman	f691268ee9	Add missing initialisers Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	35598adb78	pkcs7: Check that hash algs are in digestAlgorithms Since only a single hash algorithm is currenlty supported, this avoids having to perform hashing more than once. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	6cfc469296	pkcs7: reject signatures with internal data A CMS signature can have internal data, but mbedTLS does not support verifying such signatures. Reject them during parsing. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	e373a254c4	pkcs7: do not store content type OIDs They will always be constant. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	55d9df25ef	Simple cleanup No change in behavior. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	4ec8355795	Check for junk after SignedData There must not be any. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	aaf3c0028d	pkcs7: do not store content type OID Since only one content type (signed data) is supported, storing the content type just wastes memory. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	512818b1d2	pkcs7: check that content lengths fill whole buffer Otherwise invalid data could be accepted. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-10 12:56:10 +00:00
Dave Rodgman	a22749e749	Merge pull request #6816 from nick-child-ibm/pkcs7_coverage Pkcs7 coverage	2023-02-10 12:55:29 +00:00
Ronald Cron	834e65d47f	Merge pull request #6499 from xkqian/tls13_write_end_of_early_data Tls13 write end of early data	2023-02-10 11:08:22 +01:00
Manuel Pégourié-Gonnard	cf1c16af6e	Merge pull request #6925 from gilles-peskine-arm/coding-style-doc Switch to the new coding style: documentation	2023-02-10 10:05:27 +01:00
Dave Rodgman	78c6f40736	Fix code-style Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-09 09:21:14 +00:00
Dave Rodgman	4f70b3cdb4	Fix pylint warning Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-08 16:40:40 +00:00
Nick Child	14f255f332	pkcs7: Remove unnecessary dependencies stdio, stdlib and string header files are not used. Remove them. Signed-off-by: Nick Child <nick.child@ibm.com>	2023-02-08 15:38:48 +00:00
Nick Child	c7c94df715	pkcs7/test: Format generate test script Adhere to syntax and format recommendations from check-python-files.py Signed-off-by: Nick Child <nick.child@ibm.com>	2023-02-08 15:38:48 +00:00
Manuel Pégourié-Gonnard	9cb1aa21c4	Merge pull request #6970 from valeriosetti/issue6857 driver-only ECDSA: get testing parity in PK	2023-02-08 13:33:15 +01:00
Xiaokang Qian	0de0d863b6	Rebase code to restore reco-delay and fix some style issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 07:41:42 +00:00
Xiaokang Qian	8dc4ce76c7	Fix various coding style and comment issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	6b980011e5	Replace session_negotiate->ciphersuite with handshake->ciphersuite_info->id Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	53c4c27d35	Update the comment of ciphersuite check for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	64bc9bc33d	Add comments to describe the early data behavior-encrypt/rejected... Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	e04afdc44f	Refine the condition of whether re-generate early keys Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	eb31cbc791	Share the hash check code between ticket and external psk Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	4ef8ba2938	Assign the ciphersuite in finalize_hrr{server_hello} Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	bb883244aa	Remove useless comments of outbound switch Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	02f5e14073	Combine the alert check of selected_id and ciphercuite Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	934ce6f6a9	Rename the finalize_client{server}_hello() Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	ac4c625dea	Add hash check of ciphersuite for ticket psk Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	6be8290aba	Change to CCS after client hello only if we offer early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	7179f810f1	Restore the empty lines Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	b58462157e	Refine the ciphersuite and select id check for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	44051f6376	Refine the state change after write client hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	7892b6caad	Refine the comment about generating early secrects in post server hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	bd0ab06d50	Skip CCS once we proposed early data even it is rejected Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	f6d8fd3d6b	Improve the coding style of new lines Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	79f77528f5	Move state change to finalize client hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	3f616c2493	Move selected_identity zero check to post_server_hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	1d8e86ce00	Get hash_alg by mbedtls_psa_translate_md Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	ea28a78384	Revert new field and check ciphersuite match when resume by exist info_id Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	4224244883	Improve coding styles and add comments Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	33ff868dca	Fix various errors Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	43a83f247c	Move the place where call set_outbound_transform to switch handshake key Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	907461319a	Fix compile error and warnings Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	f10f474981	Check server selected cipher suite indicating a Hash associated with the PSK Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	592021aceb	Add CCS after client hello in case of early data and comp mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	303f82c5b9	Skip generating early secrets in some cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	b46275c7ec	Add TLS1_3 guard to finalize_write_client_hello() to fix compile issue Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:43 +00:00
Xiaokang Qian	2a674937dd	Pend a illeagal allert when selected_identity isn't 0 Handshake should abort will illeagal parameter allert when receiving early data extentions but the selected_identity parsed from pre-share key isn't equal to 0. Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:46:48 +00:00
Xiaokang Qian	5b410075cf	Remove useless comments about handshake messages for TLS13 Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:46:48 +00:00
Xiaokang Qian	126929f825	Move early keys generation into mbedtls_ssl_tls13_finalize_write_client_hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:46:45 +00:00

1 2 3 4 5 ...

23300 commits