mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-09 21:40:43 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
18,910 Commits 170 Branches 263 Tags
Commit Graph

8200 Commits

Author SHA1 Message Date
Jerry Yu
c10f6b4735 tls13_only: simple test pass 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:00 +08:00
Jerry Yu
c3091b1c8c tls13_only: compile pass 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:00 +08:00
Andrzej Kurek
d70fa0e327 Restructure error handling in mbedtls_pk_verify_ext 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-02-17 10:51:15 -05:00
Gabor Mezei
8e3602569b
Typo 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-02-17 11:50:02 +01:00
Manuel Pégourié-Gonnard
4fa604cc3b
Merge pull request #5511 from SiliconLabs/feature/PSEC-3195-PSA-test-suites-NOT-using-UID-0 
feat: Update test_suite_psa_its to NOT use UID=0
 2022-02-17 11:49:33 +01:00
Gilles Peskine
57b1ff39c2
Merge pull request #5377 from hanno-arm/ecp_add_mixed_fewer_mpis 
Minor improvements to ECC arithmetic subroutines
 2022-02-17 10:27:18 +01:00
Manuel Pégourié-Gonnard
3d1f8b9c00
Merge pull request #5532 from ronald-cron-arm/tls13_and_use_psa_crypto 
Make TLS 1.3 compatible with MBEDTLS_USE_PSA_CRYPTO
 2022-02-16 17:33:47 +01:00
Andrzej Kurek
59550537f0 Change signature_length type to size_t 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-02-16 07:46:42 -05:00
Andrzej Kurek
4a953cdd9f pk: properly handle signatures in larger buffers when using PSA 
As stated in function documentation.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-02-16 06:13:35 -05:00
Gabor Mezei
8d5a4cbfdb
Check return value of psa_destroy_key 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-02-15 16:23:17 +01:00
Gabor Mezei
833713c35c
Add better name for variable 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-02-15 16:16:08 +01:00
Andrzej Kurek
8666df6f18 Add signature length mismatch handling when using PSA in pk_verify_ext 
Introduce a regression test for that too.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-02-15 08:23:02 -05:00
Andrzej Kurek
90ba2cbd0a Cosmetic changes to return placement and variable naming 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-02-15 08:18:44 -05:00
Manuel Pégourié-Gonnard
a1b506996d
Merge pull request #5526 from paul-elliott-arm/fix_fuzzer_null_ref 
Ensure ctr_drbg is initialised every time in fuzz_server
 2022-02-15 10:31:03 +01:00
Ronald Cron
b788c044b7 Use PSA status to Mbed TLS error code conversion function 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-02-15 09:14:15 +01:00
Manuel Pégourié-Gonnard
e14b644f4d
Merge pull request #5456 from mpg/cleanup-ecdh-psa 
Cleanup PSA-based ECDHE in TLS 1.2
 2022-02-15 09:09:07 +01:00
Przemyslaw Stekiel
0f5ecefbe9 Clean up the code 
- remove redundant local buffer
- fix code style

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-15 08:53:36 +01:00
Przemyslaw Stekiel
4b3fff43a8 Destroy ecdh_psa_privkey on HRR 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-15 08:53:26 +01:00
Przemyslaw Stekiel
169f115bf0 ssl_client2: init psa crypto for TLS 1.3 build 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-14 17:15:04 +01:00
lhuang04
86cacac91a Port ALPN support for tls13 client from tls13-prototype 
Summary:
Port ALPN implementation of tls13 client from
[tls13-prototype](https://github.com/hannestschofenig/mbedtls/blob/tls13-prototype/library/ssl_tls13_client.c#L1124).

Test Plan:

Reviewers:

Subscribers:

Tasks:

Tags:
Signed-off-by: lhuang04 <lhuang04@fb.com>
 2022-02-14 08:03:32 -08:00
PeterSpace
c2774a3ad4 Update library/psa_its_file.c 
Signed-off-by: pespacek <peter.spacek@silabs.com>
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
 2022-02-14 12:24:56 +01:00
Przemyslaw Stekiel
4f419e55a1 ssl_tls13_write_key_share_ext: initialize key_exchange_len (compiler warning) 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-14 10:19:53 +01:00
Przemyslaw Stekiel
c0824bfb11 Change mbedtls_ssl_tls13_key_schedule_stage_handshake() to use psa_raw_key_agreement() 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-14 10:19:45 +01:00
Przemyslaw Stekiel
6d6aabdb0d Remove unused function: ssl_tls13_check_ecdh_params() 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-14 10:13:10 +01:00
Przemyslaw Stekiel
9e23ddb09d Change ssl_tls13_read_public_ecdhe_share() to use PSA-specific parsing code. 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-14 10:13:00 +01:00
Ronald Cron
f6893e11c7 Finalize PSA hash operations in TLS 1.3 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-02-11 16:10:34 +01:00
Przemyslaw Stekiel
ea859c24b7 Change ssl_tls13_generate_and_write_ecdh_key_exchange() to use PSA 
Generate ECDH private key using psa_generate_key()
Export the public part of the ECDH private key using psa_export_public_key()

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-11 15:17:05 +01:00
Paul Elliott
00738bf65e Ensure ctr_drbg is initialised every time 
ctr_drbg is a local variable and thus needs initialisation every time
LLVMFuzzerTestOneInput() is called, the rest of the variables inside the
if(initialised) block are all static.

Add extra validation to attempt to catch this issue in future.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-02-10 18:38:53 +00:00
Przemyslaw Stekiel
b15f33d496 Enable ecdh_psa_xxx fields in struct mbedtls_ssl_handshake_params for TLS 1.3 
These fields need to be enabled for 1.3 even if MBEDTLS_USE_PSA_CRYPTO isn't (1.3 should always use PSA).

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-10 15:24:27 +01:00
Gabor Mezei
9607ab4dbd
Prevent function not used compilation error 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-02-10 10:57:24 +01:00
Gabor Mezei
a3eecd242c
Implement HKDF expand in TLS 1.3 based on PSA HMAC 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-02-10 10:57:23 +01:00
Glenn Strauss
a941b62985 Create public macros for ssl_ticket key,name sizes 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-02-09 15:28:28 -05:00
Glenn Strauss
a950938ff0 Add mbedtls_ssl_ticket_rotate for ticket rotation. 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-02-09 14:33:15 -05:00
Andrzej Kurek
7db1b78fff Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO 
Duplicate a test case but with a different expected error
due to error translation to and from PSA.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-02-09 14:13:44 -05:00
Jerry Yu
7840f81303 fix client_auth fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-09 19:43:22 +08:00
Manuel Pégourié-Gonnard
62b49cd06a
Merge pull request #5472 from yuhaoth/pr/move-client-auth 
Move client_auth to handshake
 2022-02-09 10:57:00 +01:00
Ronald Cron
6ca6faa67e
Merge pull request #5080 from xffbai/add-tls13-read-certificate-request 
add tls1_3 read certificate request
 2022-02-09 09:51:55 +01:00
Xiaofei Bai
7c8b6a97b9 Update CertificateRequest skip condition 
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
 2022-02-08 15:21:13 +00:00
Jerry Yu
5c7d1cce97 fix typo error 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-08 21:08:29 +08:00
Jerry Yu
2d9a694088 change type of client_auth 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-08 21:07:10 +08:00
pespacek
e990100ddb BUGFIX: psa_its_set now rejects UID = 0 
Signed-off-by: pespacek <peter.spacek@silabs.com>
 2022-02-08 14:05:41 +01:00
Xiaofei Bai
c234ecf695 Update mbedtls_ssl_handshake_free() and address review comments. 
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
 2022-02-08 10:26:42 +00:00
Manuel Pégourié-Gonnard
45c5768a74
Merge pull request #5434 from mprse/tls_use_psa 
TLS Cipher: use PSA crypto
 2022-02-08 10:27:25 +01:00
Manuel Pégourié-Gonnard
5d6053f548 Fix a typo 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-08 10:26:19 +01:00
Xiaofei Bai
51f515a503 update based on comments 
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
 2022-02-08 07:28:04 +00:00
Jerry Yu
0ff8ac89f5 fix comments issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-08 10:10:48 +08:00
Przemyslaw Stekiel
c499e33ed0 ssl_msg.c: Change message in MBEDTLS_SSL_DEBUG_RET() to be the failed function name instead current function name 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-07 15:12:05 +01:00
Manuel Pégourié-Gonnard
ff229cf639 Add debug message for wrong curve 
The non-PSA path has a debug message here, so let's have a similar one
in the PSA case - just add the curve ID to be a bit more informative.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-07 12:00:32 +01:00
Manuel Pégourié-Gonnard
422370d633 Improve a comment and fix some whitespace 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-07 11:55:21 +01:00
Przemyslaw Stekiel
c8a06feae6 ssl_msg.c: Optimize null/stream cipher decryption/encryption 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-07 10:52:47 +01:00