2170 Commits

Author	SHA1	Message	Date
Przemek Stekiel	89132a6ab0	Fix call to mbedtls_pk_wrap_as_opaque(): use usage variable instead PSA_KEY_USAGE_SIGN_HASH ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	b58c47a666	ssl_server2: use key opaque algs given from command line ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	344c561292	ssl_server2: Add support for key_opaque_algs2 command line paramtere ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	a17b5c6ba2	ssl_client: use key opaque algs given from command line ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	01396a16da	ssl_test_lib: add function translate given opaque algoritms to psa ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	77fc9ab1ba	Fix typos and code style ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	4ca0d72c3b	ssl server: add key_opaque_algs command line option ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	f1822febc4	ssl client: add key_opaque_algs command line option ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	85d692d1c4	ssl client/server: add parsing function for key_opaque_algs command line option ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Manuel Pégourié-Gonnard	068a13d909	Merge pull request #5771 from superna9999/5761-rsa-decrypt-rework-pk-wrap-as-opaque ... RSA decrypt 0: Rework `mbedtls_pk_wrap_as_opaque()`	2022-05-02 09:06:49 +02:00
Manuel Pégourié-Gonnard	67397fa4fd	Merge pull request #5704 from mprse/mixed_psk_2cx ... Mixed PSK 2a, 2b, 2c: enable client/server support opaque RSA-PSK, ECDHE-PSK, DHE-PSK	2022-04-29 10:47:16 +02:00
Neil Armstrong	94e371af91	Update mbedtls_pk_wrap_as_opaque() usage in SSL client2 & server2 ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-28 13:27:59 +02:00
Gilles Peskine	72b99edf31	Merge pull request #5381 from mpg/benchmark-ecc-heap ... Improve benchmarking of ECC heap usage	2022-04-22 16:43:11 +02:00
Przemek Stekiel	cb322eac6b	Enable support for psa opaque DHE-PSK key exchange on the server side ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:54:33 +02:00
Przemek Stekiel	b293aaa61b	Enable support for psa opaque DHE-PSK key exchange on the client side ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:54:33 +02:00
Przemek Stekiel	14d11b0877	Enable support for psa opaque ECDHE-PSK key exchange on the server side ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:53:55 +02:00
Przemek Stekiel	19b80f8151	Enable support for psa opaque ECDHE-PSK key exchange on the client side ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:28 +02:00
Przemek Stekiel	aeb710fec5	Enable support for psa opaque RSA-PSK key exchange on the server side ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:28 +02:00
Przemek Stekiel	fc72e428ed	ssl_client2: Enable support for TLS 1.2 RSA-PSK opaque ciphersuite ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:27 +02:00
Ronald Cron	38b8aa4f63	Merge pull request #5539 from xkqian/add_client_hello_to_server ... Add client hello into server side	2022-04-22 10:26:00 +02:00
Manuel Pégourié-Gonnard	21f82c7510	Merge pull request #5709 from superna9999/5625-pk-opaque-rsa-tls12 ... RSA sign 3b: TLS 1.2 integration testing	2022-04-22 10:05:43 +02:00
Gilles Peskine	afbfed9397	Merge pull request #5582 from gilles-peskine-arm/ssl-opt-auto-psk ... Run ssl-opt.sh in more reduced configurations	2022-04-21 12:03:53 +02:00
XiaokangQian	318dc763a6	Fix test failure issue and update code styles ... Change-Id: I0b08da1b083abdb19dc383e6f4b210f66659c109 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 09:43:51 +00:00
Paul Elliott	a2da9c7e45	Merge pull request #5631 from gstrauss/enum-tls-vers ... Unify internal/external TLS protocol version enums	2022-04-19 17:05:26 +01:00
Glenn Strauss	e3af4cb72a	mbedtls_ssl_(read|write)_version using tls_version ... remove use of MBEDTLS_SSL_MINOR_VERSION_* remove use of MBEDTLS_SSL_MAJOR_VERSION_* (only remaining use is in tests/suites/test_suite_ssl.data) Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00
Glenn Strauss	60bfe60d0f	mbedtls_ssl_ciphersuite_t min_tls_version,max_tls_version ... Store the TLS version in tls_version instead of major, minor version num Note: existing application use which accesses the struct member (using MBEDTLS_PRIVATE) is not compatible, as the struct is now smaller. Reduce size of mbedtls_ssl_ciphersuite_t members are defined using integral types instead of enums in order to pack structure and reduce memory usage by internal ciphersuite_definitions[] Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:12 -04:00
Neil Armstrong	f0b1271a42	Support RSA Opaque PK keys in ssl_server2 ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-13 10:49:25 +02:00
Dave Rodgman	ed35887fc8	Merge pull request #2104 from hanno-arm/iotssl-2071 ... Check that integer types don't use padding bits in selftest	2022-04-11 17:26:08 +01:00
Dave Rodgman	8f5a29ae40	Improve fix for printf specifier ... Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-04-11 12:59:45 +01:00
Dave Rodgman	eaba723139	Fix printf specifier ... Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-04-11 10:07:38 +01:00
Dave Rodgman	e2e7e9400b	Fail for types not of size 2, 4 or 8 ... Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-04-08 12:46:30 +01:00
Hanno Becker	baae59cd49	Improve documentation of absence-of-padding check ... Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-04-08 12:46:29 +01:00
Hanno Becker	0d7dd3cd43	Check that size_t and ptrdiff_t don't have padding ... Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-04-08 12:46:26 +01:00
Hanno Becker	4ab3850605	Check that integer types don't use padding bits in selftest ... This commit modifies programs/test/selftest to include a check that none of the standard integer types (unsigned) [short, int, long, long] uses padding bits, which we currently don't support. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-04-08 12:45:05 +01:00
Gilles Peskine	e756f642cd	Seed the PRNG even if time() isn't available ... time() is only needed to seed the PRNG non-deterministically. If it isn't available, do seed it, but pick a static seed. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-04-08 04:46:41 -04:00
Gilles Peskine	99a732bf0c	Fix off-by-one in buffer_size usage ... The added null byte was accounted for twice, once by taking opt.buffer_size+1 when allocating the buffer and once by taking opt.buffer-1 when filling the buffer. Make opt.buffer_size the size that is actually read, it's less confusing that way. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-06 23:34:36 +02:00
Gilles Peskine	8bb96d96cd	Fix buffer size calculation ... Make sure that buf always has enough room for what it will contain. Before, this was not the case if the buffer was smaller than the default response, leading to memory corruption in ssl_server2. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-06 23:31:05 +02:00
Dave Rodgman	017a19997a	Update references to old Github organisation ... Replace references to ARMmbed organisation with the new org, Mbed-TLS, following project migration. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-03-31 14:43:16 +01:00
Jerry Yu	79c004148d	Add PSA && TLS1_3 check_config ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-03-22 15:13:34 +08:00
Jerry Yu	3a58b462b6	add pss_rsae_sha{384,512} ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-03-22 15:13:34 +08:00
Dave Rodgman	2cecd8aaad	Merge pull request #3624 from daxtens/timeless ... RFC: Fix builds with MBEDTLS_HAVE_TIME disabled and test	2022-03-15 16:43:19 +00:00
Manuel Pégourié-Gonnard	10e5cdbbbf	Merge pull request #5454 from gstrauss/cert_cb-user_data ... server certificate selection callback	2022-03-10 11:51:42 +01:00
Manuel Pégourié-Gonnard	d815114f93	Merge pull request #5524 from mprse/tls_ecdh_2c ... TLS ECDH 2c: ECHDE in TLS 1.3 (client-side)	2022-03-08 11:43:45 +01:00
Andrzej Kurek	541318ad70	Refactor ssl_context_info time printing ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-03-04 05:07:45 -05:00
Andrzej Kurek	554b820747	Guard cache_timeout in ssl_server2 with MBEDTLS_HAVE_TIME ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-03-04 05:07:45 -05:00
Andrzej Kurek	6056e7af4f	Fix benchmark and udp_proxy dependency on MBEDTLS_HAVE_TIME ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-03-04 05:07:45 -05:00
Andrzej Kurek	06a00afeec	Fix requirement mismatch in fuzz/common.c ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-03-04 05:07:45 -05:00
David Horstmann	ca53459bed	programs/fuzz: Remove superfluous MBEDTLS_HAVE_TIME ... MBEDTLS_HAVE_TIME_ALT implies MBEDTLS_HAVE_TIME, so an extra check for MBEDTLS_HAVE_TIME is not needed. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-03-04 05:07:45 -05:00
David Horstmann	4e0cc40d0f	programs/fuzz: Use build_info.h in common.h ... Remove direct inclusion of mbedtls_config.h and replace with build_info.h, as is the convention in Mbed TLS 3.0. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-03-04 05:07:45 -05:00
David Horstmann	5b9cb9e8ca	programs/test: fix build without MBEDTLS_HAVE_TIME ... Allow programs/test/udp_proxy.c to build when MBEDTLS_HAVE_TIME is not defined. In this case, do not attempt to seed the pseudo-random number generator used to sometimes produce corrupt packets and other erroneous data. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-03-04 05:07:45 -05:00