mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-28 09:39:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
19,417 Commits 172 Branches 263 Tags
Commit Graph

8550 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
cefa904759
Merge pull request #5622 from paul-elliott-arm/timing_delay_accessor 
Accessor for mbedtls_timing_delay_context final delay
 2022-03-25 09:14:41 +01:00
XiaokangQian
20438976f9 Change comments and styles base on review 
Change-Id: Idde76114aba0a47b61355677dd33ea9de7deee9d
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 08:09:29 +00:00
XiaokangQian
c02768a399 Replace ssl->handshake with handshake in write_cookie_ext() 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 07:50:56 +00:00
XiaokangQian
9b93c0dd8d Change cookie parameters for dtls and tls 1.3 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 07:50:56 +00:00
XiaokangQian
25c9c9023c Refine cookie len to fix compile issues 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 07:50:56 +00:00
XiaokangQian
9deb90f74e Change parameter names and code style 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 07:50:56 +00:00
XiaokangQian
5e3c947841 Fix right-shift data loss issue with MBEDTLS_PUT_UINT16_BE in cookie 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 07:50:56 +00:00
XiaokangQian
233397ef88 Update code base on comments 
Remove state MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO cause no early data
Change code styles and comments
Fix cookie write issues

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 07:50:56 +00:00
XiaokangQian
0b64eedba8 Add cookies write in client hello 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-03-25 07:50:56 +00:00
Ronald Cron
90045241e7
Merge pull request #5659 from yuhaoth/pr/fix-wrong-check-certificate-verify 
TLS1.3: Fix incorrect check for certificate verify
 2022-03-25 08:35:41 +01:00
Jerry Yu
6c6f10265d fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-25 11:09:50 +08:00
Paul Elliott
27b0d94e25 Use mbedtls_ssl_is_handshake_over() 
Switch over to using the new function both internally and in tests.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-03-24 14:43:52 +00:00
Jerry Yu
bd1b3278b1 Remove useless code 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-24 13:07:28 +08:00
Tom Cosgrove
b7f5b97650 Minor changes to sha256.c to bring it in line with sha512.c 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-03-23 21:40:56 +00:00
Tom Cosgrove
87fbfb5d82 SECLIB-667: Accelerate SHA-512 with A64 crypto extensions 
Provide an additional pair of #defines, MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
and MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. At most one of them may be
specified. If used, it is necessary to compile with -march=armv8.2-a+sha3.

The MBEDTLS_SHA512_PROCESS_ALT and MBEDTLS_SHA512_ALT mechanisms
continue to work, and are mutually exclusive with SHA512_USE_A64_CRYPTO.

There should be minimal code size impact if no A64_CRYPTO option is set.

The SHA-512 implementation was originally written by Simon Tatham for PuTTY,
under the MIT licence; dual-licensed as Apache 2 with his kind permission.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-03-23 21:40:53 +00:00
Jerry Yu
e26acee896 Refactor guards for sig algs 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-23 21:01:33 +08:00
Jerry Yu
f8aa9a44aa fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-23 20:54:38 +08:00
Manuel Pégourié-Gonnard
5e4bf95d09
Merge pull request #5602 from superna9999/5174-md-hmac-dtls-cookies 
MD: HMAC in DTLS cookies
 2022-03-23 13:05:24 +01:00
Jerry Yu
8c3388620d create sig_alg decode function 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-23 13:34:04 +08:00
Jerry Yu
0c23fc39c3 fix various guards issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-23 12:20:01 +08:00
Jerry Yu
7533982f68 guard pk_error_from_psa_ecdsa with USE_PSA_CRYPTO 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-23 12:06:31 +08:00
Jerry Yu
e010de4be3 Rename ctx to rsa_ctx 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-23 11:45:55 +08:00
Jerry Yu
fb0621d841 fix pk_sign_ext issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-23 11:42:06 +08:00
Jerry Yu
cef3f33012 Guard rsa sig algs with rsa_c and pkcs1_v{15,21} 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 23:16:42 +08:00
Jerry Yu
e91a51a539 Refactor get_sig_alg_from pk 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 21:42:50 +08:00
Jerry Yu
bf455e7516 rename pk_psa_rsa_sign_ext param 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 21:39:41 +08:00
Jerry Yu
3616533d26 tls13:remove ec check from validate certification 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 19:46:05 +08:00
Neil Armstrong
488a40eecb Rename psa_hmac to psa_hmac_key in mbedtls_ssl_cookie_ctx 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-22 10:41:38 +01:00
Jerry Yu
dddf5a0e18 Refactor get_sig_alg_from_pk 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:47:19 +08:00
Jerry Yu
89107d1bc2 fix ci fail without RSA_C 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:14:53 +08:00
Jerry Yu
406cf27cb5 fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:14:53 +08:00
Jerry Yu
848ecce990 fix wrong typo in function name 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:14:52 +08:00
Jerry Yu
07869e804c fix psa crypto test fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:35 +08:00
Jerry Yu
b02ee18e64 replace use_psa_crypto with psa_crypto_c 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:35 +08:00
Jerry Yu
b6875bc17a change rsa_pss salt type 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:35 +08:00
Jerry Yu
704cfd2a86 fix comments and style issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:35 +08:00
Jerry Yu
718a9b4a3f fix doxgen fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Jerry Yu
1d172a3483 Add pk_psa_sign_ext 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Jerry Yu
8beb9e173d Change prototype of pk_sign_ext 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Jerry Yu
67eced0132 replace pk_sign with pk_sign_ext 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Jerry Yu
d69439aa61 add mbedtls_pk_sign_ext 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Jerry Yu
3a58b462b6 add pss_rsae_sha{384,512} 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Jerry Yu
bfcfe74b4e add signature algorithm debug helper 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:33 +08:00
Jerry Yu
919130c035 Add rsa_pss_rsae_sha256 support 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:33 +08:00
Gabor Mezei
1e64f7a643
Use MBEDTLS_USE_PSA_CRYPTO macro guard for testing instead of MBEDTLS_PSA_CRYPTO_C 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-03-21 17:00:54 +01:00
Gabor Mezei
1bf075fffd
Use SSL error codes 
The `psa_ssl_status_to_mbedtls` function is not only used for
cipher operations so transalte to TLS error codes.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-03-21 17:00:53 +01:00
Gabor Mezei
adfeadc6e5
Extend PSA error translation 
Add new error codes to the PSA to mbedtls error translation.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-03-21 17:00:53 +01:00
Gabor Mezei
58db65354b
Use the PSA-based HKDF functions 
Use the `mbedtls_psa_hkdf_extract` and `mbedtls_psa_hkdf_expand`
functions in the HKDF handling.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-03-21 17:00:53 +01:00
Paul Elliott
b9af2db4cf Add accessor for timing final delay 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-03-21 15:26:19 +00:00
Neil Armstrong
79daea25db Handle and return translated PSA errors in ssl_cookie.c 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-21 12:05:51 +01:00