mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-05 09:40:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
22,080 Commits 170 Branches 263 Tags
Commit Graph

9757 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
02f82bbfa9 Fix MSVC warning 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-10-13 13:32:02 +02:00
Manuel Pégourié-Gonnard
f155ab9a91 Abort on errors when we should 
We're not strictly required to abort, but at least to leave the context
is an invalid state. For "late" functions like input() and output(),
calling abort() is the easiest way to do that. Do it systematically for
input() and output() by using a wrapper. psa_pake_get_implicit_key() was
already doing it. For "early" function, we can just leave the operation
in its current state which is already invalid.

Restore previous tests about that. Not adding systematic tests, though,
just test the two functions that are the most important, and more likely
to return errors.

Since we now abort in more cases, we need to make sure we don't
invalidate the operation that's going to be re-used later in the test.
For that reason, use a copy of the operation for calls to input() and
output() that are expected to return errors.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-10-13 13:20:31 +02:00
Gilles Peskine
0fe6631486
Merge pull request #6291 from gilles-peskine-arm/platform.h-unconditional-3.2 
Include platform.h unconditionally
 2022-10-13 10:19:22 +02:00
Xiaokang Qian
28af501cae Fix the ticket_lifetime equal to 0 issue 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-13 08:18:19 +00:00
Xiaokang Qian
126bf8e4d7 Address some comments 
Delete reference immediately after shallow copy
Fix format issues

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-13 02:57:15 +00:00
Xiaokang Qian
997669aeeb Fix heap use-after-free corruption issue 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 14:30:27 +00:00
Xiaokang Qian
307a7303fd Rebase and replace session_negotiate 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:14:32 +00:00
Xiaokang Qian
baa4764d77 Fix typo issues 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian
8730644da1 Move ticket and hostname set code just after shallow-copy 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian
ed3afcd6c3 Fix various typo and macro guards issues 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian
ed0620cb13 Refine code base on comments 
Move code to proper macro guards protection
Fix typo issues

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian
03409290d2 Add MBEDTLS_SSL_SESSION_TICKETS guard to server name check 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian
d7adc374d3 Refine the server name compare logic 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian
a3b451f950 Adress kinds of comments base on review 
Rename function name to mbedtls_ssl_session_set_hostname
Add two extra check cases for server name
Fix some coding styles

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian
2f9efd3038 Address comments base on review 
Change function name to ssl_session_set_hostname()
Remove hostname_len
Change hostname to c_string
Update test cases to multi session tickets

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:49 +00:00
Xiaokang Qian
bc663a0461 Refine code based on commnets 
Change code layout
Change hostname_len type to size_t
Fix various issues

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:01 +00:00
Xiaokang Qian
adf84a4a8c Remove public api mbedtls_ssl_reset_hostname() 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:05:11 +00:00
Xiaokang Qian
be98f96de2 Remove useless hostname check in server side 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:03:44 +00:00
Xiaokang Qian
6af2a6da74 Fix session save-load overflow issue 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:03:44 +00:00
Xiaokang Qian
ecd7528c7f Address some comments 
Hostname_len has at least one byte
Change structure serialized_session_tls13
Fix various issues

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:03:44 +00:00
Xiaokang Qian
281fd1bdd8 Add server name check when proposeing pre-share key 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:03:41 +00:00
Gilles Peskine
8fd3254cfc
Merge pull request #6374 from mprse/enc_types 
Test TLS 1.2 builds with each encryption type
 2022-10-12 12:45:50 +02:00
Jerry Yu
c79742303d Remove unnecessary empty line and fix format issue 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-11 21:22:33 +08:00
Jerry Yu
22c18c1432 Add NULL check in prepare hello 
`session_negotiate` is used directly in `ssl_prepare_client_hello`
without NULL check. Add the check in the beggining to avoid segment
fault.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-11 18:07:19 +08:00
Jerry Yu
c2bfaf00d9 fix wrong typo 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-11 18:07:19 +08:00
Jerry Yu
4f77ecf409 disable session resumption when ticket expired 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-10 22:10:08 +08:00
Jerry Yu
03aa174d7c Improve test message and title 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-10 21:48:37 +08:00
Jerry Yu
6916e70521 fix various issues 
- adjust guards. Remove duplicate guards and adjust format.
- Return success at function end. Not `ret`
- change input len

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-10 21:33:51 +08:00
Jerry Yu
21092062f3 Restrict cipher suite validation to TLS1.3 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-10 21:21:31 +08:00
Gabor Mezei
d7edb1d225
Initialize variable 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-10-10 14:32:09 +02:00
Gabor Mezei
e9c013c222
Handle if parameters are alised 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-10-10 14:26:57 +02:00
Przemek Stekiel
88ade84735 psa_aead_setup: remove redundant tag length check 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-08 17:56:18 +02:00
Przemek Stekiel
6ab50762e0 psa_aead_setup: validate tag length before calling driver setup 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-08 17:54:30 +02:00
Jerry Yu
a99cbfa2d3 fix various issues 
- rename function and variable
- change signature of `ssl_tls13_has_configured_psk`
- remove unnecessary statements
- remove unnecessary local variables
- wrong variable initial value
- improve output message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-08 14:35:47 +08:00
Jerry Yu
40afab61a8 Add ciphersuite check in set_session 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-08 14:35:43 +08:00
Jerry Yu
21f9095fa8 Revert "move ciphersuite validation to set_session" 
This reverts commit 19ae6f62c7a4e6cf14bf61fcb6ea070d34e70f2a.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-08 14:35:34 +08:00
Jerry Yu
379b91a393 add ticket age check 
Remove ticket if it is expired.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-08 10:21:15 +08:00
David Horstmann
91e20a0580 Refactor macro-spanning ifs in ecdh.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-07 14:08:42 +01:00
David Horstmann
fc735dffd6 Refactor macro-spanning ifs in ecp.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-07 14:08:42 +01:00
David Horstmann
8a7629fd0f Refactor macro-spanning if in asn1write.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-07 14:08:42 +01:00
David Horstmann
2788f6b668 Refactor macro-spanning if in sha512.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-07 14:08:42 +01:00
David Horstmann
687262ca7d Refactor macro-spanning if in sha256.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-07 14:08:42 +01:00
David Horstmann
21b89761f8 Refactor macro-spanning if in ssl_tls13_server.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-07 14:08:42 +01:00
David Horstmann
10be134d8e Refactor macro-spanning if in ssl_msg.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-07 14:08:42 +01:00
David Horstmann
4a28563e84 Refactor macro-spanning ifs in ssl_client.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-07 14:08:42 +01:00
David Horstmann
e0af39a2ef Refactor macro-spanning ifs in ssl_tls12_server.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-07 14:08:36 +01:00
Przemek Stekiel
86679c7bd8 psa_validate_tag_length(): use PSA_WANT_ALG_xxx instead MBEDTLS_PSA_BUILTIN_ALG_xxx guards 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-07 08:24:19 +02:00
Jerry Yu
4a698341c9 Re-org selected_identity parser 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-07 10:11:05 +08:00
Jerry Yu
6183cc7470 Re-org binders writer 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-07 10:11:05 +08:00
Jerry Yu
f75364bee1 Re-organize identities writer 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-07 10:11:05 +08:00