mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-17 02:43:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
29,978 Commits 172 Branches 267 Tags
Commit Graph

29978 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ronald Cron
3641df2980 tls13: cli: Rename STATE_SENT to STATE_IND_SENT 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-12 17:48:18 +01:00
Ronald Cron
3c5a68339b tls13: cli: Rename STATE_NOT_SENT to STATE_NO_IND_SENT 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-12 17:48:18 +01:00
Ronald Cron
0c80dc1ed5 tls13: cli: Rename STATUS_NOT_SENT to STATUS_NO_IND_SENT 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-12 17:48:18 +01:00
Ronald Cron
05d7cfbd9c tls13: cli: Rename STATE_UNKNOWN to STATE_IDLE 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-12 17:48:18 +01:00
Ronald Cron
d2884662c1 tls13: cli: Split early data user status and internal state 
Do not use the return values of
mbedtls_ssl_get_early_data_status()
(MBEDTLS_SSL_EARLY_DATA_STATUS_ macros)
for the state of the negotiation and
transfer of early data during the
handshake.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-12 17:48:15 +01:00
Ronald Cron
ec4ed8eae4
Merge pull request #8857 from ronald-cron-arm/tls13-cli-max-early-data-size 
TLS 1.3: Enforce max_early_data_size on client
 2024-03-12 13:31:20 +00:00
Dave Rodgman
e0ffb1d2e9
Merge pull request #8908 from daverodgman/cmac-perf 
CMAC size and perf
 2024-03-12 13:17:00 +00:00
Dave Rodgman
a7f3c4e1d0
Merge pull request #8822 from daverodgman/sha3-perf 
SHA-3 performance & code size
 2024-03-12 13:14:40 +00:00
Gilles Peskine
b5b185b482
Merge pull request #8850 from billatarm/fix-pc-files 
project: set version
 2024-03-12 11:30:27 +00:00
Manuel Pégourié-Gonnard
fe164aecfc
Merge pull request #8887 from gilles-peskine-arm/pk_import_into_psa-fix_doxygen_code_blocks 
Fix intended code blocks that were not suitably indented
 2024-03-12 11:27:45 +00:00
Manuel Pégourié-Gonnard
1c191c1317
Merge pull request #8917 from gilles-peskine-arm/mbedtls_pk_decrypt-USE_PSA_CRYPTO-changelog-correction 
mbedtls_pk_decrypt/encrypt actually check the padding mode
 2024-03-12 07:53:54 +00:00
Gilles Peskine
88c2755a30 mbedtls_pk_decrypt/encrypt actually check the padding mode 
The sign/verify functions happily use the wrong algorithm, but the
encrypt/decrypt functions error out if the padding mode specifies V21.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-11 18:49:54 +01:00
Dave Rodgman
66ebde46df
Merge pull request #8916 from daverodgman/iar-bignum-fix 
Fix IAR warning
 2024-03-11 17:43:43 +00:00
Dave Rodgman
d282e264cd Fix IAR warning 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-03-11 15:28:48 +00:00
Janos Follath
43edc75e31
Merge pull request #8882 from Ryan-Everett-arm/threading-key-tests 
Test multi-threaded key generation
 2024-03-11 15:07:48 +00:00
Dave Rodgman
9cc01ccbf8
Merge pull request #8831 from yanesca/switch_to_new_exp 
Use mpi_core_exp_mod in bignum
 2024-03-11 13:40:46 +00:00
Paul Elliott
a09b01b5a8
Merge pull request #8912 from Ryan-Everett-arm/double-destroy-key-bugfix 
Fix threading bug when multiple destroy_key calls run on the same key
 2024-03-11 12:04:04 +00:00
Janos Follath
23dc8b5fd8
Fix code style 
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-03-11 10:39:57 +00:00
Janos Follath
adb9d2d822 Remove volatile from declaration 
Use of volatile is more an internal implementation detail (ensuring
const-time) than part of the contract (the caller doesn't care about
volatile as such).

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-03-11 10:03:05 +00:00
Janos Follath
d6df0a5dac Fix use of volatile 
We need the pointer, A, to be volatile, to ensure the reads happen. bits
does not need to be volatile.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-03-11 09:40:03 +00:00
Janos Follath
b888bc0be6 Fix typo 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-03-11 09:29:53 +00:00
Manuel Pégourié-Gonnard
af3e574f5f
Merge pull request #8862 from valeriosetti/issue8825 
Improve support of mbedtls_psa_get_random in client-only builds
 2024-03-10 20:06:27 +00:00
Ronald Cron
61fd13c6a5 Merge remote-tracking branch 'mbedtls/development' into tls13-cli-max-early-data-size 2024-03-10 18:09:47 +01:00
Ronald Cron
7e1f9f290f
Merge pull request #8854 from ronald-cron-arm/tls13-srv-max-early-data-size 
TLS 1.3: Enforce max_early_data_size on server
 2024-03-09 00:16:07 +00:00
Ryan Everett
d868b746a8 Fix potential bug in psa_destroy_key where multiple threads can return PSA_SUCCESS 
Threads lose the mutex between locking the slot and changing the slot's state.
Make it so that threads check if another thread has completed a destruction during this period.
Also fix the issue with the incorrect status variable being used.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-08 18:39:07 +00:00
Janos Follath
16ef486c2c Improve style 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-03-08 17:25:57 +00:00
Janos Follath
4ec0fb5924 Avoid implementation defined behaviour 
The conversion back to signed short is an issue: the uint cast results
in (-1 + UINT_MAX), which is OK. But then that can't be cast back to a
signed value: "if the new type is signed and the value cannot be
represented in it; either the result is implementation-defined or an
implementation-defined signal is raised."

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-03-08 17:22:40 +00:00
Janos Follath
30f49f19cc Hinder unwanted optimisations 
We want this function to be constant time. Make it less likely that the
compiler optimises it.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-03-08 16:29:54 +00:00
Ronald Cron
e1295fabaf tests: ssl: early data: Fix comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 17:05:27 +01:00
Janos Follath
080a5171e2
Merge pull request #8861 from ronald-cron-arm/tls13-srv-select-kex 
TLS 1.3: SRV: Improve key exchange mode selection
 2024-03-08 14:58:36 +00:00
Janos Follath
a812e0fe14
Merge pull request #8883 from mfischer/fix_shared_secret 
library: psa_crypto: Explicitly initialize shared_secret
 2024-03-08 14:35:20 +00:00
Ronald Cron
52472104a2 tests: suite: early data: Add comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 14:51:20 +01:00
Ronald Cron
4facb0a9cd tests: ssl: Improve early data test code 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 14:51:20 +01:00
Ronald Cron
1a13e2f43e tests: ssl: Improve test code for very small max_early_data_size 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 14:51:20 +01:00
Ronald Cron
db944a7863 ssl_msg.c: Fix log position 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 14:50:58 +01:00
Ronald Cron
e14770fc42 ssl-opt.sh: Fix early data test option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:57:36 +01:00
Ronald Cron
19521ddc36 tls13: srv: Fix/Improve debug logs 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
7cab4f885b tls13: srv: Fix/Improve comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
16cc370423 tls13: srv: Fix initialization value 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
f602f7ba50 tls13: srv: Code improvements 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
3811765c0c tls13: srv: Add/Improve comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
74a1629231 tls13: srv: Move PSK ciphersuite selection up 
Move PSK ciphersuite selection up to the main
ClientHello parsing function. That way the
ciphersuite selection only happens in this
function.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
3e47eec431 tls13: srv: Simplify resumption detection 
Avoid marking we resume and then
cancelling it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
e8c162d7ba tls13: srv: Simplify kex availability checks 
Regarding the possibility of selecting a
key exchange mode, the check of the ticket
flags is now separated from the check of
the ClientHello content and server
configuration.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
79cdd4156f tls13: srv: Improve key exchange mode determination 
For PSK based key exchange modes do not check twice
anymore if they can be selected or not. Check it
only when looping over the offered PSKs to select
one.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
1f63fe4d74 tls13: srv: Fix resume flag in case of cancelled PSK 
If we prefer ephemeral key exchange mode over
the pure PSK one, make sure the resume flag is
disabled as eventually we are not going to
resume a session even if we aimed to at some
point.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
cf284565c5 tls13: srv: Determine best key exchange mode for a PSK 
Determine best key exchange for for ticket based and
external PSKs.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
89089cc69b tls13: srv: Factorize ciphersuite selection code 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
f7e9916b3d tls13: srv: Fix MBEDTLS_SSL_SESSION_TICKETS guard position 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
12e72f1664 tls13: srv: Always parse the pre-shared key extension 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00