mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-04 15:39:53 +00:00

Author	SHA1	Message	Date
Jerry Yu	de4fb2cc34	Apply check read ptr macro Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	fd532e506b	fix set key exchange mode issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	0b17784932	Add finalize function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	e1b9c297b9	Add read_server_hello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	1efa815db7	tls13: add ecdh_read_public Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	a0650ebb9d	tls13: add handshake key schedule Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	61e35e0047	tls13: add generate handshake keys Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Mateusz Starzyk	594215be6e	Add support for CCM*-no-tag to PSA. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-10-21 11:33:41 +02:00
Mateusz Starzyk	bb2ced33dd	Ignore plaintext length for CCM*-no-tag. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-10-21 11:33:37 +02:00
Gabor Mezei	22c9a6fccc	Rename internal header constant_time.h to constant_time_internal.h Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-20 12:15:20 +02:00
Gabor Mezei	90437e3762	Rename constant-time functions to have mbedtls_ct prefix Rename functions to better suite with the module name. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-20 11:59:27 +02:00
Gabor Mezei	116cd6a6b4	Fix documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-20 11:18:37 +02:00
Gabor Mezei	6a426c9f9f	Bind functions' availability for config options Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-20 11:17:43 +02:00
Gilles Peskine	9202ba37b1	Merge pull request #4960 from mpg/cleanup-tls-cipher-psa-3.x Clean up some remnants of TLS pre-1.2 support	2021-10-19 21:59:15 +02:00
Gabor Mezei	765862c4f3	Move mbedtls_cf_memcmp to a new public header Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-19 12:22:25 +02:00
Gabor Mezei	291df7bbab	Add macro guard for header file Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-19 11:27:17 +02:00
Gabor Mezei	e212379810	Bind functions' availability for config options Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 19:38:02 +02:00
Gilles Peskine	6210320215	Merge pull request #4989 from AndrzejKurek/remove-ssl-export-keys Remove MBEDTLS_SSL_EXPORT_KEYS, making it always on	2021-10-18 17:53:56 +02:00
Gilles Peskine	bf21c07923	Merge pull request #5072 from mprse/issue_5065 Use switch statement instead if-else in psa_aead_check_nonce_length() and psa_aead_set_lengths(). Fixes #5065	2021-10-18 17:51:50 +02:00
Gabor Mezei	949455892f	Remove unused function Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 17:02:29 +02:00
Gabor Mezei	a2d0f90c5a	Make functions static These functions are only used as an auxiliary function for constant-time functions. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:56:50 +02:00
Gabor Mezei	a316fc8eb0	Update documentation and comments Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:39:13 +02:00
Gabor Mezei	63bbba5c13	Rename and reorder function parameters Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:39:13 +02:00
Gabor Mezei	7013f62ee5	Use condition for not sensitive data Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:39:13 +02:00
Gabor Mezei	eab90bcc36	Move implementation specific comment This comment is about how the functions are implemented, not about their public interface, so it doesn't belong in the header file. It applies to everything in constant_time.c so moved there. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:39:13 +02:00
Gabor Mezei	1e64261da5	Make mbedtls_cf_size_mask_lt function static The mbedtls_cf_size_mask_lt is solely used as an auxiliary function for mbedtls_cf_size_mask_ge. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:39:13 +02:00
Gilles Peskine	7637ab0d8b	Merge pull request #5037 from mprse/issue_4551 Fix psa_generate_key(): return PSA_ERROR_INVALID_ARGUMENT for public key	2021-10-18 10:39:21 +02:00
Gilles Peskine	2bb5e9c973	Merge pull request #4760 from gilles-peskine-arm/ecb-alt-ret-3.0 Catch failures of mbedtls_aes_crypt_ecb and its DES equivalents	2021-10-14 12:11:20 +02:00
Przemyslaw Stekiel	4cad4fc8a9	psa_crypto.c: use switch instead if-else in psa_aead_check_nonce_length and psa_aead_set_lengths (fixes #5065 ) Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2021-10-13 14:04:36 +02:00
Ronald Cron	e3e16d5d67	Merge pull request #4982 from yuhaoth/pr/add-read-ptr-and-handshake-kex-modes TLS1.3:add read ptr and handshake kex modes CI merge job: only "Session resume using tickets, DTLS: openssl client" failed in one component thus CI can be considered as passed.	2021-10-11 19:23:12 +02:00
Ronald Cron	e23bba04ee	Merge pull request #4927 from yuhaoth/pr/add-tls13-serverhello-utils TLS 1.3: ServerHello: add utils functions used by ServerHello Regarding the merge job, there was only one of the failure we currently encounter on almost all PR (Session resume using tickets, DTLS: openssl client test case see #5012) thus we can consider that this PR passed CI.	2021-10-11 11:01:11 +02:00
Jerry Yu	e4eefc716a	Improve document for chk_buf_read_ptr Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-09 10:40:40 +08:00
Gilles Peskine	f6892dec2a	Readability improvements Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-10-08 16:28:32 +02:00
Jerry Yu	fd320e9a6e	Replace zeroize with memset Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 21:52:41 +08:00
Jerry Yu	88b756bacb	move tls1_3 max md size It should be internal definition Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 18:41:38 +08:00
Jerry Yu	d1ab262844	define max md size for tls1_3 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 16:19:24 +08:00
Jerry Yu	205fd82f7e	fix check_name fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 16:16:24 +08:00
Jerry Yu	ae0b2e2a2f	Rename counter_len Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 15:40:14 +08:00
Jerry Yu	c1ddeef53a	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 15:40:14 +08:00
Jerry Yu	dca3d5ddf9	fix document issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 14:19:29 +08:00
Jerry Yu	0cabad375b	fix doxygen parameter wrong Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 14:00:29 +08:00
Jerry Yu	adf861aad4	Address kex_modes check function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 14:00:29 +08:00
Jerry Yu	e15e665cfb	fix comments and check return issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 14:00:29 +08:00
Jerry Yu	1b7c4a464c	tls13: add key exchange modes in handshake params Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 14:00:29 +08:00
Jerry Yu	34da3727d6	Add check read ptr macro Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 14:00:29 +08:00
Przemyslaw Stekiel	c0fe820dc9	psa_generate_key(): return PSA_ERROR_INVALID_ARGUMENT for public key Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2021-10-07 11:08:56 +02:00
Gilles Peskine	b9b817e977	Fix PSA_ALG_RSA_PSS verification accepting an arbitrary salt length PSA_ALG_RSA_PSS algorithm now accepts only the same salt length for verification that it produces when signing, as documented. Fixes #4946. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-10-05 14:26:25 +02:00
Mateusz Starzyk	c48f43b44d	Fix PSA AEAD GCM's update output buffer length verification. Move GCM's update output buffer length verification from PSA AEAD to the built-in implementation of the GCM. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-10-04 13:54:55 +02:00
Mateusz Starzyk	f28261fc14	Remove output buffer limitation for PSA with GCM. The requirement of minimum 15 bytes for output buffer in psa_aead_finish() and psa_aead_verify() does not apply to the built-in implementation of the GCM. Alternative implementations are expected to verify the length of the provided output buffers and to return the MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL in case the buffer length is too small. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-10-04 13:54:54 +02:00
Gilles Peskine	023aa11760	Merge pull request #4996 from mprse/mbedtls_cipher_setup_psa_ECB Fix test gap: mbedtls_cipher_setup_psa() with ECB	2021-10-01 14:49:10 +02:00

... 2 3 4 5 6 ...

7765 Commits