mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-14 00:40:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
17,916 Commits 170 Branches 263 Tags
Commit Graph

7698 Commits

Author SHA1 Message Date
Jerry Yu
957f0fa1f7 Add length macro for in_ctr 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
e06f4532ef remove useless code 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
4836952f9d fix tls1_3 prefix issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
92c1ca221f fix likely typos error 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
b65eb2f3cf Revert "tls13: add generate handshake keys" 
This reverts commit f02ca4158674b974ae103849c43e0c92efc40e8c.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
5243142476 Add macro for length of input counter 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
e3131ef7f3 fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
a63de352dc Revert "tls13: add ecdh_read_public" 
This reverts commit 6a9d2ee4df88028e352e50d4f48687ce5b0f26ac.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
000f976070 Rename get_handshake_transcript 
- Remove tls13 prefix
- Remove TLS1_3 macro wrap

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
c7875b5f11 add set in/out transform utils 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
d3f73349a7 tls13: add ecdh_read_public 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
7bea4bac96 tls13: add checksum of handshake message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
4925ef5da1 tls13: add generate handshake keys 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
89ea321d96 tls13: add key_schedule_stage_early_data 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
24c0ec31f9 tls13: add get_handshake_transcript 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
3bf1f97a0e fix various issue on pending send alert 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:38 +08:00
Jerry Yu
bbd5a3fded fix pending_alert issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:38 +08:00
Jerry Yu
394ece6cdd Add function for set pending alert flag 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:38 +08:00
Jerry Yu
e7047819ee add pend fatal alert 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:38 +08:00
Jerry Yu
e86cd65754 fix unused-variable fail without MBEDTLS_DEBUG_C 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:05 +08:00
Jerry Yu
860b4ee42e Rename *_read_* to *_process_* 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:05 +08:00
Jerry Yu
6e81b27003 Add client state number check 
It is temporary check. If any change on `mbedtls_ssl_states`, please
double check those tests

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:05 +08:00
Jerry Yu
435756ffc0 Keep consistent order in dummy functions 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:05 +08:00
Jerry Yu
6c983524a8 Move msvc compatible fix to common.h 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:05 +08:00
Jerry Yu
687101b2e6 tls13: add dummy state machine handler 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:05 +08:00
Gilles Peskine
aafb21f320
Merge pull request #4968 from davidhorstmann-arm/fix-aarch64-asm-constraints 
Fix aarch64 assembly for bignum multiplication
 2021-09-27 09:01:15 +02:00
Paul Elliott
71b0567c87 Merge remote-tracking branch 'upstream/development' into psa-m-aead-merge 
Also fiixed the following merge problems:

crypto_struct.h   : Added MBEDTLS_PRIVATE to psa_aead_operation_s
                    members (merge conflict)
psa_crypto_aead.c : Added ciphertext_length to mbedtls_gcm_finish
                    call (change of API during development)

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-24 11:18:13 +01:00
Ronald Cron
f2cb19f921
Merge pull request #4891 from yuhaoth/pr/enable-key-exchange-in-client-hello 
TLS1.3: Client Hello : Add  extensions and test case.
 2021-09-23 18:45:01 +02:00
Paul Elliott
90fdc117dd Make NULL tag check more explicit 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
Paul Elliott
70618b22a9 Change sizeof to variable rather than struct 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
David Horstmann
11c81df707 Fix aarch64 assembly for bignum multiplication 
Add memory constraints to the aarch64 inline assembly in MULADDC_STOP.
This fixes an issue where Clang 12 and 13 were generating
non-functional code on aarch64 platforms. See #4962, #4943
for further details.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2021-09-22 18:31:35 +01:00
Manuel Pégourié-Gonnard
a0b4b0c3cd Clean up some remnants of TLS pre-1.2 support 
Now that support for earlier version have been removed, we no longer
need to care about them.

Since TLS 1.3 is being gradually introduced, we might still need a
version check in some places - but here the function is called
ssl_tls12_populate_tranform() and TLS 1.3 has its own function
mbedtls_ssl_tls13_populate_transform(), so when this function is called
we just know we're using TLS 1.2.

Reviewer hint: use the -b option of git diff / git show

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2021-09-21 14:12:59 +02:00
Gilles Peskine
f0f2294f57
Merge pull request #4708 from mstarzyk-mobica/ccm_chunked 
Ccm chunked - enable multipart CCM in PSA
 2021-09-21 13:46:52 +02:00
Gilles Peskine
6c12a1e9f2 Add ARIA to the PSA API 
Use the encoding from an upcoming version of the specification.

Add as much (or as little) testing as is currently present for Camellia.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-09-21 11:59:39 +02:00
Gilles Peskine
304689e4c4
Merge pull request #4947 from gilles-peskine-arm/muladdc-amd64-memory-development 
Fix x86_64 assembly for bignum multiplication
 2021-09-20 22:23:49 +02:00
Gilles Peskine
93cb6111ba
Merge pull request #4878 from SiliconLabs/remove_dependency_4877 
Remove dependency of built-in keys on storage
 2021-09-20 22:20:16 +02:00
Paul Elliott
ec95cc9489 Add safety for NULL tag being passed to finish 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 22:39:06 +01:00
Paul Elliott
8ff74217e4 Add comment explaining finish output size 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
4c916e8d74 Improve comment on buffer clearing 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
69bf5fc901 Const correctness 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
70f447dfe5 Replace individual zeroization with memset 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
eac6c757a2 Make nonce length check return error where it can 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
12acb6bb4c Remove missed references to aead_verify from docs 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
b183d56b5f Use safer size for tag checking 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
06b6b8c8d6 Add missing zeroize for sensitive tag data. 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Jerry Yu
388bd0d53c fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-15 22:06:11 +08:00
Gilles Peskine
d337fbc4cb x86_64 MULADDC assembly: add missing constraints about memory 
MULADDC_CORE reads from (%%rsi) and writes to (%%rdi). This fragment is
repeated up to 16 times, and %%rsi and %%rdi are s and d on entry
respectively. Hence the complete asm statement reads 16 64-bit words
from memory starting at s, and writes 16 64-bit words starting at d.

Without any declaration of modified memory, Clang 12 and Clang 13 generated
non-working code for mbedtls_mpi_mod_exp. The constraints make the unit
tests pass with Clang 12.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-09-15 15:51:43 +02:00
Jerry Yu
dd1fb9e37e add mbedtls_ecdh_setup_no_everest 
Setup ecdh without everest for TLS1.3

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-15 11:10:15 +08:00
Jerry Yu
bdc71888fc Remove restartable and everest from tls1.3 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-14 19:33:31 +08:00
Janos Follath
cacec723c8
Merge pull request #4938 from gilles-peskine-arm/psa_cipher_update_ecp-unused_parameter 
Fix parameter set but unused on psa_cipher_update_ecb
 2021-09-13 13:55:38 +01:00