mbedtls

Author	SHA1	Message	Date
Ronald Cron	0e39ece23f	Merge pull request #5916 from yuhaoth/pr/tls13-refactor-get-sig-alg-from-pk Refactor signature algorithm chooser	2022-07-04 09:10:08 +02:00
Jerry Yu	202919c23d	refine supported sig alg print Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:18:29 +08:00
Jerry Yu	64f410c246	Add tls13 sig alg parameters Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:09 +08:00
Glenn Strauss	bd10c4e2af	Test accessors to config DN hints for cert request Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-06-29 02:54:28 -04:00
XiaokangQian	d5d5b60c07	Add comprehensive test cases for TLS1.3 server side Change-Id: I544cb12b3ffe5edd7d59fa54342ca7db5b5c8a2a Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-31 02:51:26 +00:00
Manuel Pégourié-Gonnard	9bc53a2e84	Merge pull request #5806 from josesimoes/fix-3031 Remove prompt to exit in all programs	2022-05-12 10:50:31 +02:00
Shaun Case	8b0ecbccf4	Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell. Signed-off-by: Shaun Case <warmsocks@gmail.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-05-11 21:25:51 +01:00
josesimoes	23419560c9	Remove prompt to exit in all programs Signed-off-by: José Simões <jose.simoes@eclo.solutions>	2022-05-06 17:11:22 +01:00
Przemek Stekiel	cb20d202d2	Further code optimization - key_opaque_set_alg_usage(): set alg/usage in loop - key_opaque_set_alg_usage(): add key paramteter to set default alg/usage if it is not specified by command line parameters - unify default alg/usage for client and server - optimize opaque code on client and server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-06 09:34:30 +02:00
Przemek Stekiel	296bfba924	ssl_server2: add key_opaque_algs2 usage info Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 11:08:34 +02:00
Przemek Stekiel	488efa05b6	Fix compiler warnings: initialize local variables: psa_alg, psa_alg2, psa_usage Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	134eb8b6e2	Fix style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	092128324f	ssl_client2/ss_server2: optimize code for opaque key Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	e5e9ba920f	ssl_server2: refactor opaque code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	b58c47a666	ssl_server2: use key opaque algs given from command line Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	344c561292	ssl_server2: Add support for key_opaque_algs2 command line paramtere Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	77fc9ab1ba	Fix typos and code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	4ca0d72c3b	ssl server: add key_opaque_algs command line option Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Manuel Pégourié-Gonnard	068a13d909	Merge pull request #5771 from superna9999/5761-rsa-decrypt-rework-pk-wrap-as-opaque RSA decrypt 0: Rework `mbedtls_pk_wrap_as_opaque()`	2022-05-02 09:06:49 +02:00
Neil Armstrong	94e371af91	Update mbedtls_pk_wrap_as_opaque() usage in SSL client2 & server2 Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-28 13:27:59 +02:00
Przemek Stekiel	cb322eac6b	Enable support for psa opaque DHE-PSK key exchange on the server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:54:33 +02:00
Przemek Stekiel	14d11b0877	Enable support for psa opaque ECDHE-PSK key exchange on the server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:53:55 +02:00
Przemek Stekiel	aeb710fec5	Enable support for psa opaque RSA-PSK key exchange on the server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:28 +02:00
Ronald Cron	38b8aa4f63	Merge pull request #5539 from xkqian/add_client_hello_to_server Add client hello into server side	2022-04-22 10:26:00 +02:00
Manuel Pégourié-Gonnard	21f82c7510	Merge pull request #5709 from superna9999/5625-pk-opaque-rsa-tls12 RSA sign 3b: TLS 1.2 integration testing	2022-04-22 10:05:43 +02:00
Gilles Peskine	afbfed9397	Merge pull request #5582 from gilles-peskine-arm/ssl-opt-auto-psk Run ssl-opt.sh in more reduced configurations	2022-04-21 12:03:53 +02:00
XiaokangQian	318dc763a6	Fix test failure issue and update code styles Change-Id: I0b08da1b083abdb19dc383e6f4b210f66659c109 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 09:43:51 +00:00
Glenn Strauss	e3af4cb72a	mbedtls_ssl_(read\|write)_version using tls_version remove use of MBEDTLS_SSL_MINOR_VERSION_* remove use of MBEDTLS_SSL_MAJOR_VERSION_* (only remaining use is in tests/suites/test_suite_ssl.data) Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00
Glenn Strauss	60bfe60d0f	mbedtls_ssl_ciphersuite_t min_tls_version,max_tls_version Store the TLS version in tls_version instead of major, minor version num Note: existing application use which accesses the struct member (using MBEDTLS_PRIVATE) is not compatible, as the struct is now smaller. Reduce size of mbedtls_ssl_ciphersuite_t members are defined using integral types instead of enums in order to pack structure and reduce memory usage by internal ciphersuite_definitions[] Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:12 -04:00
Neil Armstrong	f0b1271a42	Support RSA Opaque PK keys in ssl_server2 Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-13 10:49:25 +02:00
Gilles Peskine	99a732bf0c	Fix off-by-one in buffer_size usage The added null byte was accounted for twice, once by taking opt.buffer_size+1 when allocating the buffer and once by taking opt.buffer-1 when filling the buffer. Make opt.buffer_size the size that is actually read, it's less confusing that way. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-06 23:34:36 +02:00
Gilles Peskine	8bb96d96cd	Fix buffer size calculation Make sure that buf always has enough room for what it will contain. Before, this was not the case if the buffer was smaller than the default response, leading to memory corruption in ssl_server2. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-06 23:31:05 +02:00
Dave Rodgman	2cecd8aaad	Merge pull request #3624 from daxtens/timeless RFC: Fix builds with MBEDTLS_HAVE_TIME disabled and test	2022-03-15 16:43:19 +00:00
Andrzej Kurek	554b820747	Guard cache_timeout in ssl_server2 with MBEDTLS_HAVE_TIME Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-03-04 05:07:45 -05:00
Raoul Strackx	9ed9bc9377	programs/ssl: Fix compile errors when MBEDTLS_HAVE_TIME is not defined Signed-off-by: Raoul Strackx <raoul.strackx@fortanix.com> [dja: add some more fixes, tweak title] Signed-off-by: Daniel Axtens <dja@axtens.net>	2022-03-04 05:07:45 -05:00
Glenn Strauss	48a37f01b3	Add cert_cb use to programs/ssl/ssl_server2.c (for use by some tests/) Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-25 19:55:53 -05:00
Glenn Strauss	a941b62985	Create public macros for ssl_ticket key,name sizes Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-09 15:28:28 -05:00
Glenn Strauss	e328245618	Add test case use of mbedtls_ssl_ticket_rotate Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-09 14:33:16 -05:00
Manuel Pégourié-Gonnard	6f20595b6e	Merge pull request #5462 from gilles-peskine-arm/ssl-test-pkey-message-clarity Clarify key types message from ssl_client2 and ssl_server2	2022-02-03 11:33:03 +01:00
Manuel Pégourié-Gonnard	1ab2d6966c	Merge pull request #5385 from AndrzejKurek/use-psa-crypto-reduced-configs Resolve problems with reduced configs using USE_PSA_CRYPTO	2022-02-02 10:20:26 +01:00
Gilles Peskine	cc50f1be43	Fix copypasta Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-01-31 22:53:30 +01:00
Gilles Peskine	05bf89da34	Clarify key types message from ssl_client2 and ssl_server2 If no key is loaded in a slot, say "none", not "invalid PK". When listing two key types, use punctuation that's visibly a sequence separator (","). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-01-25 17:50:25 +01:00
Jerry Yu	11f0a9c2c4	fix deprecated-declarations error replace sig_hashes with sig_alg Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Manuel Pégourié-Gonnard	fcca7cfa97	Merge pull request #5428 from gstrauss/mbedtls_ssl_ciphersuite Add accessors for ciphersuite info	2022-01-24 11:13:31 +01:00
Manuel Pégourié-Gonnard	ff743a7f38	Merge pull request #5425 from gabor-mezei-arm/5181_tls_cipher_extend_testing_of_tickets TLS Cipher 1a: extend testing of tickets	2022-01-24 10:25:29 +01:00
Glenn Strauss	6eef56392a	Add tests for accessors for ciphersuite info Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-01-23 08:37:02 -05:00
Andrzej Kurek	7a58d5283b	Add missing dependencies on MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED Fix dependencies across test ssl programs. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-19 12:34:02 -05:00
Gabor Mezei	d4bea1efd5	Add ticket_aead option for ssl_server2 The ticket_aead option allows to specify the session ticket protection. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-01-12 16:21:15 +01:00
Andrzej Kurek	03e01461ad	Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO Fix library references, tests and programs. Testing is performed in the already present all.sh test. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-03 12:53:24 +01:00
Ronald Cron	6f135e1148	Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3 As we have now a minimal viable implementation of TLS 1.3, let's remove EXPERIMENTAL from the config option enabling it. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-10 13:47:55 +01:00

1 2 3 4 5 ...

580 commits