mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-31 09:32:55 +00:00

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	226aa15702	Make handshake hashing functions return int There are three family of functions: update_checksum, calc_verify, calc_finished, that perform hashing operations and were returning void so far. This is not correct, as hashing functions can return errors (for example, on hardware failure when accelerated). Change them to return int. This commit just changes the types: for now the functions always return 0, and their return value is not checked; this will be fixed in the next few commits. There is a related function in TLS 1.3, mbedtls_ssl_reset_transcript_for_hrr, which also handles hashes, and already returns int but does not correctly check for errors from hashing functions so far, it will also be handled in the next few commits. There's a special case with handshake_params_init: _init functions should return void, so we'll need to split out the part that can return errors, see the next commit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Pengyu Lv	4938a566bf	refine ticket_flags printing helper Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-01-16 11:28:49 +08:00
Pengyu Lv	acecf9c95b	make ticket_flags param types consistent When ticket_flags used as parameter, use unsigned int, instead of uint8_t or mbedtls_ssl_tls13_ticket_flags.Also remove the definition of mbedtls_ssl_tls13_ticket_flags. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-01-16 11:23:24 +08:00
Pengyu Lv	ee455c01ce	move ticket_flags debug helpers The debug helpers printing ticket_flags status are moved to ssl_tls.c and ssl_debug_helpers.h. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-01-13 11:06:01 +08:00
Gilles Peskine	449bd8303e	Switch to the new code style Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-01-11 14:50:10 +01:00
Manuel Pégourié-Gonnard	28d4d43416	Merge pull request #6863 from valeriosetti/issue6830 Remove uses of mbedtls_ecp_curve_info in TLS (with USE_PSA)	2023-01-10 10:01:17 +01:00
Gilles Peskine	cd0a565644	Merge pull request #6703 from yuhaoth/pr/tls13-misc-from-prototype TLS 1.3: Upstream misc fix from prototype	2023-01-05 14:35:54 +01:00
Valerio Setti	67419f0e11	tls: fix + save code size when DEBUG_C is not enabled Some PSA curves' symbols (PSA_WANT_) were not matching the corresponding MBEDTLS_ECP_DP_. This was fixed together with the removal of extra code when DEBUG_C is not enabled. Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2023-01-04 17:36:00 +01:00
Valerio Setti	18c9fed857	tls: remove dependency from mbedtls_ecp_curve functions Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2023-01-03 13:03:34 +01:00
Manuel Pégourié-Gonnard	c98624af3c	Merge pull request #6680 from valeriosetti/issue6599 Allow isolation of EC J-PAKE password when used in TLS	2022-12-14 11:04:33 +01:00
Valerio Setti	016f682796	tls: pake: small code refactoring for password setting functions Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-09 14:17:50 +01:00
Jerry Yu	0c2a738c23	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-09 09:51:20 +08:00
Jerry Yu	ddda050604	tls13: Upstream various fix in prototype - Adjust max input_max_frag_len - Guard transform_negotiate - Adjust function position - update comments - fix wrong requirements Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-09 09:51:20 +08:00
Jerry Yu	2e19981e17	tls13: guards transform negotiate Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-09 09:51:20 +08:00
Valerio Setti	eb3f788b03	tls: pake: do not destroy password key in TLS Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-08 18:42:58 +01:00
Valerio Setti	ae7fe7ee53	tls: pake: avoid useless psa_pake_abort in setting opaque password Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-07 17:36:59 +01:00
Valerio Setti	70d1fa538a	tls: pake: fix missing return values check Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-07 16:20:27 +01:00
Valerio Setti	c689ed8633	tls: pake: minor adjustments Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-07 14:40:38 +01:00
Dave Rodgman	90af1a10ab	Merge pull request #6734 from daverodgman/fix_test_dep_spelling Fix spelling of test dependency	2022-12-07 09:06:29 +00:00
Dave Rodgman	556e8a3219	Fix additional mis-spelling Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-12-06 16:31:25 +00:00
Jerry Yu	6ee56aa18f	Add default values for conf->early_data - early_data default to disable - max_early_data_size default to built-in value Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-06 18:00:47 +08:00
Jerry Yu	39da9857df	remove limitation of max_early_data_size Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-06 16:58:36 +08:00
Jerry Yu	12c46bd14f	fix various issues - disable reuse of max_early_data_size. - make conf_early_data available for server. - various comment issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-06 11:02:51 +08:00
Valerio Setti	757f359474	tls: pake: do not destroy key on errors while setting opaque password Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-02 11:07:11 +01:00
Jerry Yu	cc4e007ff6	Add max_early_data_size to mbedtls_ssl_config Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-01 23:11:48 +08:00
Valerio Setti	0944329036	tls: pake: add check for empty passwords in mbedtls_ssl_set_hs_ecjpake_password() Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-01 15:06:09 +01:00
Valerio Setti	a9a97dca63	psa_pake: add support for opaque password Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-28 18:26:16 +01:00
Jerry Yu	3d9b590f02	guards transform_earlydata Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-28 17:34:06 +08:00
Manuel Pégourié-Gonnard	ef25a99f20	Merge pull request #6533 from valeriosetti/issue5847 Use PSA EC-JPAKE in TLS (1.2) - Part 2	2022-11-23 13:27:30 +01:00
Valerio Setti	99d88c1ab4	tls: psa_pake: fix missing casting in mbedtls_psa_ecjpake_write_round Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-22 16:03:43 +01:00
Valerio Setti	d4a9b1ab8d	tls: psa_pake: remove useless defines and fix a comment Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-22 11:11:10 +01:00
Valerio Setti	79f6b6bb1b	tls: psa_pake: fixing mbedtls_psa_ecjpake_write_round() It might happen that the psa_pake_output() function returns elements which are not exactly 32 or 65 bytes as expected, but 1 bytes less. As a consequence, insted of hardcoding the expected value for the length in the output buffer, we write the correct one as obtained from psa_pake_output() Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-21 14:17:03 +01:00
Jerry Yu	1fb3299ad7	Replace internal usage of is_handshake_over. NEW_SESSION_TICKETS* are processed in handshake_step. Change the stop condition from `mbedtls_ssl_is_handshake_over` to directly check. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-19 20:12:34 +08:00
Jerry Yu	5ed73ff6de	Add NEW_SESSION_TICKET* into handshake over states All state list after HANDSHAKE_OVER as is_handshakeover Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-19 20:12:34 +08:00
Jerry Yu	6848a61922	Revert "Replace internal usage of mbedtls_ssl_is_handshake_over" This reverts commit 1d3ed2975e7ef0d84050a3aece02eec1f890dec3. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-19 20:12:34 +08:00
Jerry Yu	e219c11b4e	Replace internal usage of mbedtls_ssl_is_handshake_over Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-19 20:12:34 +08:00
Valerio Setti	61ea17d30a	tls: psa_pake: fix return values in parse functions Ensure they all belong to the MBEDTLS_ERR_SSL_* group Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-18 12:11:00 +01:00
Valerio Setti	aca21b717c	tls: psa_pake: enforce not empty passwords Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-17 18:20:50 +01:00
Valerio Setti	819de86895	tls: removed extra white spaces and other minor fix Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-17 18:05:19 +01:00
Valerio Setti	6b3dab03b5	tls: psa_pake: use a single function for round one and two in key exchange read/write Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-17 17:14:54 +01:00
Valerio Setti	9bed8ec5d8	tls: psa_pake: make round two reading function symmatric to the writing one Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-17 16:36:19 +01:00
Valerio Setti	30ebe11f86	tls: psa_pake: add a check on read size on both rounds Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-17 16:35:02 +01:00
Valerio Setti	a08b1a40a0	tls: psa_pake: move move key exchange read/write functions to ssl_tls.c Inlined functions might cause the compiled code to have different sizes depending on the usage and this not acceptable in some cases. Therefore read/write functions used in the initial key exchange are moved to a standard C file. Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-17 16:34:59 +01:00
Valerio Setti	02c25b5f83	tls12: psa_pake: use common code for parsing/writing round one and round two data Share a common parsing code for both server and client for parsing round one and two. Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-16 13:56:12 +01:00
Paul Elliott	aeb8bf2ab0	Merge pull request #6170 from yuhaoth/pr/tls13-cleanup-extensions-parser TLS 1.3: Add extension check for message parsers	2022-11-11 19:00:46 +00:00
Jerry Yu	97be6a913e	fix various issues - typo error - replace `ssl->hanshake` with handshake Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-09 22:43:31 +08:00
Jerry Yu	7de2ff0310	Refactor extension list print Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-08 23:51:39 +08:00
Jerry Yu	79aa721ade	Rename ext print function and macro Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-08 23:51:39 +08:00
Jerry Yu	b95dd3683b	Add missing mask set and tls13 unrecognized extension Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-08 23:51:38 +08:00
Jerry Yu	ea52ed91cf	fix typo and spell issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-08 21:01:17 +08:00

1 2 3 4 5 ...

1912 Commits