mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-03 20:54:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
20,532 Commits 170 Branches 263 Tags
Commit Graph

314 Commits

Author SHA1 Message Date
Jerry Yu
000f976070 Rename get_handshake_transcript 
- Remove tls13 prefix
- Remove TLS1_3 macro wrap

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
c7875b5f11 add set in/out transform utils 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
d3f73349a7 tls13: add ecdh_read_public 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
7bea4bac96 tls13: add checksum of handshake message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
4925ef5da1 tls13: add generate handshake keys 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
89ea321d96 tls13: add key_schedule_stage_early_data 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
24c0ec31f9 tls13: add get_handshake_transcript 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
bbd5a3fded fix pending_alert issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:38 +08:00
Jerry Yu
394ece6cdd Add function for set pending alert flag 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:38 +08:00
Jerry Yu
e7047819ee add pend fatal alert 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:38 +08:00
Jerry Yu
bdc71888fc Remove restartable and everest from tls1.3 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-14 19:33:31 +08:00
Jerry Yu
b60e3cf424 fix various issues 
- format problems
- name conversion issues

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-08 16:41:02 +08:00
Jerry Yu
56fc07f7ae add key_share extension 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-08 10:37:20 +08:00
Jerry Yu
e226cef124 Add NamedGroup IANA values and helper functions 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-08 09:52:15 +08:00
Jerry Yu
26f4d15d13 Add key exchange modes helper functions 
Add helper functions for `tls13_kex_modes`

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-08 09:52:15 +08:00
Jerry Yu
8c02bb4b71 fix various comment issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 21:52:26 +08:00
Jerry Yu
2c0fbf3405 modify proc_chk macros 
- change the parameter
- remove debug output
- remove return value modify

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:20 +08:00
Jerry Yu
a2cf7bd243 fix comment issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:20 +08:00
Jerry Yu
67d4ed5b22 force change state type 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:20 +08:00
Jerry Yu
159c5a0e12 fix comments issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:20 +08:00
Jerry Yu
e41dec0158 Rename write signature algorithms function 
To keep similar name with other place.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:20 +08:00
Jerry Yu
eecfbf001c fix format issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:20 +08:00
Jerry Yu
995ecd396f fix wrong iana values and comments 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:20 +08:00
Jerry Yu
5cc8f0a0d8 Add simple document for tls13 functions 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:20 +08:00
Jerry Yu
275619336a fix name conversion issue for tls13 server entry 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:20 +08:00
Jerry Yu
f443681f56 fix function name conversion issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:20 +08:00
Jerry Yu
6f13f64aa6 fix various format issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:19 +08:00
Jerry Yu
8e7ca0432e fix extensions_present issues 
fix comments for the mask values. follow same order
as IANA values.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:19 +08:00
Jerry Yu
bc20bdd3a9 Implement write_partial with dummy exts 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:19 +08:00
Jerry Yu
93bcd61a41 Add field into handshake params 
Add `extensions_present` field. It represents
which are present.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:19 +08:00
Jerry Yu
65dd2ccfe6 Add dummy stages for client_hello_process 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:19 +08:00
Jerry Yu
beb3f41f2f Add handshake_set_state helper function 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:19 +08:00
Manuel Pégourié-Gonnard
5e344563e4
Merge pull request #4858 from hanno-arm/upstream_tls13_transforms 
Upstream TLS 1.3 record transformations structure fields
 2021-08-12 12:29:54 +02:00
Manuel Pégourié-Gonnard
409c8f6e1b
Merge pull request #4851 from hanno-arm/hs_msg_without_checksum 
Add handshake message writing variant that doesn't update checksum
 2021-08-12 11:54:10 +02:00
Hanno Becker
e043d15d75 Turn comments of 1.3 record transforms into Doxygen documentation 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:22:52 +01:00
Dave Rodgman
2aec149e13
Merge pull request #4248 from hanno-arm/tls13_populate_transform 
Fix and test compliance of TLS 1.3 record protection
 2021-08-11 16:41:51 +01:00
Hanno Becker
3aa186f946 Add transforms to be used for TLS 1.3 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 09:24:19 +01:00
Jerry Yu
b9930e7d70 Add dummy tls1.3 handshake dispatch functions 
Base on version config, `handshack_{clinet,server}_step`
will call different step function. TLS1.3 features will
be gradully added base on it.

And a new test cases is added to make sure it reports
`feature is not available`.

Change-Id: I4f0e36cb610f5aa59f97910fb8204bfbf2825949
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-08-10 13:34:32 +08:00
Jerry Yu
60835a88c3 Add config check utils functions 
Check configuration parameter in structure setup
function to make sure the config data is available
and valid.

Current implementation checks the version config.
Available version configs are
- tls1_3 only
- tls1_2 only

issues: #4844

Change-Id: Ia762bd3d817440ae130b45f19b80a2868afae924
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-08-10 13:34:32 +08:00
Hanno Becker
f3cce8b0e1 Add handshake message writing variant that doesn't update checksum 
The helper `mbedtls_ssl_write_handshake_msg` writes a handshake message
and updates the handshake transcript.

With TLS 1.3, we need finer control over the checksum: updating
at message granularity is not sufficient. To allow for manual maintenance
of the checksum in those cases, refine `mbedtls_ssl_write_handshake_msg()`
into `mbedtls_ssl_write_handshake_msg_ext()` which takes a parameter
determining whether the checksum should be updated.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-07 14:29:49 +01:00
Hanno Becker
bd25755d2a Rename ssl_populate_transform() -> ssl_tls12_populate_transform() 
In TLS 1.2 specific code, the internal helper functions
ssl_populate_transform() builds an SSL transform structure,
representing a specific record protection mechanism.

In preparation for a subsequent commit which will introduce
a similar helper function specific to TLS 1.3, this commmit
renames ssl_populate_transform() to ssl_tls12_populate_transform().

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-02 04:52:45 +01:00
Manuel Pégourié-Gonnard
b637150dfe
Merge pull request #4730 from TRodziewicz/finish_removing_tls_1.0_and_1.1 
Remove all TLS 1.0 and 1.1 instances and add some compatibility tests
 2021-07-27 09:42:53 +02:00
TRodziewicz
299510e889 Correction to comments and changelog removed 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-07-09 16:55:11 +02:00
TRodziewicz
458280e67c Correction to outdated comment 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-07-07 11:33:06 +02:00
TRodziewicz
345165c1f7 Reverting deleted macros 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-07-06 13:42:11 +02:00
TRodziewicz
2abf03c551 Remove all TLS 1.0 and 1.1 instances and add some compatibility tests 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-28 14:36:37 +02:00
Bence Szépkúti
c662b36af2 Replace all inclusions of config.h 
Also remove preprocessor logic for MBEDTLS_CONFIG_FILE, since
build_info.h alreadyy handles it.

This commit was generated using the following script:

# ========================
#!/bin/sh
git ls-files | grep -v '^include/mbedtls/build_info\.h$' | xargs sed -b -E -i '
/^#if !?defined\(MBEDTLS_CONFIG_FILE\)/i#include "mbedtls/build_info.h"
//,/^#endif/d
'
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:24:07 +01:00
Manuel Pégourié-Gonnard
16fdab79a5
Merge pull request #4382 from hanno-arm/max_record_payload_api 
Remove MFL query API and add API for maximum plaintext size of incoming records
 2021-06-08 11:07:27 +02:00
Hanno Becker
df3b86343a Fixup rebase slip in library/ssl_misc.h 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-08 05:30:45 +01:00
Manuel Pégourié-Gonnard
cac90a15ed Hide constants for TLS 1.0 and TLS 1.1 
ssl_server2 had a check that we never try to use a minor version lower
than 2 with DTLS, but that check is no longer needed, as there's no way
that would happen now that MBEDTLS_SSL_MINOR_VERSION_1 is no longer
public.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2021-06-04 12:29:33 +02:00