477 Commits

Author SHA1 Message Date
Waleed Elmelegy
e2a6aa5369 Improve comments explaining legacy_methods_compression handling
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-06-25 18:16:16 +01:00
Waleed Elmelegy
0a9e8a3a18 Correct a small typo in ssl_tls13_parse_client_hello()
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-06-25 10:22:49 +01:00
Waleed Elmelegy
a5842ac20e Improve handling of legacy_compression_methods in ssl_tls13_parse_client_hello()
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-06-19 15:09:48 +01:00
Waleed Elmelegy
b6e7331739 Fix issue in handling legacy_compression_methods in ssl_tls13_parse_client_hello()
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-06-11 18:45:40 +01:00
Gilles Peskine
a9d4ef0998 Fix uint32_t printed as unsigned int
This is ok in practice since we don't support 16-bit platforms, but it makes
`arm-none-eabi-gcc-10 -mthumb -Wformat` complain.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-06-03 22:16:23 +02:00
Manuel Pégourié-Gonnard
a4b773d3bb
Merge pull request from inorick/nofa_no_session_tickets
Guard ticket specific TLS 1.3 function with macro
2024-04-08 08:56:17 +00:00
Norbert Fabritius
d60aef0f1b Unconditionally define session variable
Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
2024-03-27 08:22:53 +01:00
Ronald Cron
1f045f3a0c tls13: srv: Fix guards of _is_psk_(ephemeral_)available
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-27 08:22:53 +01:00
Norbert Fabritius
96eed725e1 Guard ticket specific TLS 1.3 function with macro
Guard ssl_tls13_write_new_session_ticket_coordinate with
MBEDTLS_SSL_SESSION_TICKETS macro.

Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
2024-03-27 08:22:53 +01:00
Minos Galanakis
b70f0fd9a9 Merge branch 'development' into 'development-restricted'
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2024-03-19 22:24:40 +00:00
Ronald Cron
a5c5c58107 tls13: srv: Fix potential stack buffer overread
Fix potential stack buffer overread when
checking PSK binders.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-19 14:46:21 +01:00
Waleed Elmelegy
4dfb0e7c90 Add ALPN checking when accepting early data
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-03-15 12:12:15 +00:00
Ronald Cron
6bee910dbd
Merge pull request from waleed-elmelegy-arm/add_alpn_to_session
Add ALPN information in session tickets
2024-03-15 09:50:24 +00:00
Gilles Peskine
7b333f1e88
Merge pull request from ronald-cron-arm/tls13-ticket-lifetime
TLS 1.3: Enforce ticket maximum lifetime and discard tickets with 0 lifetime
2024-03-14 15:59:25 +00:00
Waleed Elmelegy
5bc5263b2c Add code improvments and refactoring in dealing with ALPN
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-03-13 16:50:01 +00:00
Waleed Elmelegy
883f77cb08 Add mbedtls_ssl_session_set_alpn() function
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-03-13 16:50:01 +00:00
Waleed Elmelegy
2824a209bc Add ALPN information in session tickets
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-03-13 16:50:01 +00:00
Jerry Yu
ce79488dd5 tls13: srv: Fail connection if ticket lifetime exceed 7 days
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-10 17:42:43 +01:00
Ronald Cron
7e1f9f290f
Merge pull request from ronald-cron-arm/tls13-srv-max-early-data-size
TLS 1.3: Enforce max_early_data_size on server
2024-03-09 00:16:07 +00:00
Janos Follath
080a5171e2
Merge pull request from ronald-cron-arm/tls13-srv-select-kex
TLS 1.3: SRV: Improve key exchange mode selection
2024-03-08 14:58:36 +00:00
Ronald Cron
19521ddc36 tls13: srv: Fix/Improve debug logs
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
7cab4f885b tls13: srv: Fix/Improve comments
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
16cc370423 tls13: srv: Fix initialization value
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
f602f7ba50 tls13: srv: Code improvements
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
3811765c0c tls13: srv: Add/Improve comments
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
74a1629231 tls13: srv: Move PSK ciphersuite selection up
Move PSK ciphersuite selection up to the main
ClientHello parsing function. That way the
ciphersuite selection only happens in this
function.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
3e47eec431 tls13: srv: Simplify resumption detection
Avoid marking we resume and then
cancelling it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
e8c162d7ba tls13: srv: Simplify kex availability checks
Regarding the possibility of selecting a
key exchange mode, the check of the ticket
flags is now separated from the check of
the ClientHello content and server
configuration.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
79cdd4156f tls13: srv: Improve key exchange mode determination
For PSK based key exchange modes do not check twice
anymore if they can be selected or not. Check it
only when looping over the offered PSKs to select
one.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
1f63fe4d74 tls13: srv: Fix resume flag in case of cancelled PSK
If we prefer ephemeral key exchange mode over
the pure PSK one, make sure the resume flag is
disabled as eventually we are not going to
resume a session even if we aimed to at some
point.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
cf284565c5 tls13: srv: Determine best key exchange mode for a PSK
Determine best key exchange for for ticket based and
external PSKs.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
89089cc69b tls13: srv: Factorize ciphersuite selection code
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
f7e9916b3d tls13: srv: Fix MBEDTLS_SSL_SESSION_TICKETS guard position
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
12e72f1664 tls13: srv: Always parse the pre-shared key extension
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
7a30cf5954 tls13: srv: Stop earlier identity check
If an identity has been determined as a
ticket identity but the ticket is not
usable, do not try to check if the
identity is that of an external
provided PSK.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
fbae94a52f tls13: srv: Improve ticket identity check return values
Improve the values returned by
ssl_tls13_offered_psks_check_identity_match_ticket().
Distinguish between the two following cases:
1) the PSK identity is not a valid ticket identity
2) the PSK identity is a valid ticket identity but
   the ticket cannot be used for session resumption.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
3cdcac5647 tls13: srv: Fix return value
Fix the value returned by
ssl_tls13_offered_psks_check_identity_match_ticket()
when there is no ticket parser function defined
or no time.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
6e31127f08 tls13: srv: Define specific return macros for binder check
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-08 08:43:41 +01:00
Ronald Cron
139a4185b1
Merge pull request from yanrayw/issue/4911/ssl_setup-check-RNG-configuration
TLS: check RNG when calling mbedtls_ssl_setup()
2024-03-08 07:38:39 +00:00
Ronald Cron
8571804382 tls13: srv: Enforce maximum size of early data
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-01 09:29:09 +01:00
Ronald Cron
c286519747 tls13: srv: Do not forget to include max_early_data_size in the ticket
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-01 09:03:51 +01:00
Ronald Cron
9b4e964c2c
Merge pull request from ronald-cron-arm/tls13-write-early-data
TLS 1.3: Add mbedtls_ssl_write_early_data() API
2024-02-29 14:31:55 +00:00
Manuel Pégourié-Gonnard
0ecb5fd6f5
Merge pull request from ronald-cron-arm/ssl-tickets
Fix and align ticket age check in ssl_ticket.c for TLS 1.2 and TLS 1.3
2024-02-21 09:38:46 +00:00
Ronald Cron
5fbd27055d tls13: Use a flag not a counter for CCS and HRR handling
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-15 17:19:02 +01:00
Ronald Cron
e273f7203d tls13: client: Improve CCS handling
Call unconditionally the CCS writing function
when sending a CCS may be necessary in the
course of an handshake. Enforce in the writing
function and only in the writing function that
only one CCS is sent.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-14 10:24:00 +01:00
Ronald Cron
fe59ff794d tls13: Send dummy CCS only once
Fix cases where the client was sending
two CCS, no harm but better to send only one.

Prevent to send even more CCS when early data
are involved without having to add conditional
state transitions.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-06 16:43:33 +01:00
Manuel Pégourié-Gonnard
5c9cc0b30f
Merge pull request from ronald-cron-arm/tls13-ignore-early-data-when-rejected
TLS 1.3: SRV: Ignore early data when rejected
2024-02-06 13:16:03 +00:00
Ronald Cron
31e2d83eee tls13: srv: Improve coding
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-05 16:45:57 +01:00
Manuel Pégourié-Gonnard
32c28cebb4
Merge pull request from valeriosetti/issue7964
Remove all internal functions from public headers
2024-02-05 15:09:15 +00:00
Jerry Yu
263dbf7167 tls13: srv: Do not allow early data indication in 2nd ClientHello
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-02 17:31:20 +01:00