Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							7f029d8a94 
							
						 
					 
					
						
						
							
							fix coding style issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2022-01-11 11:08:53 +08:00 
						 
				 
			
				
					
						
							
							
								Andrzej Kurek 
							
						 
					 
					
						
						
						
						
							
						
						
							03e01461ad 
							
						 
					 
					
						
						
							
							Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO  
						
						... 
						
						
						
						Fix library references, tests and programs.
Testing is performed in the already present all.sh test.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com> 
						
						
					 
					
						2022-01-03 12:53:24 +01:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							1ea9d10687 
							
						 
					 
					
						
						
							
							fix test_ref_configs build fail  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-12-21 14:52:38 +08:00 
						 
				 
			
				
					
						
							
							
								Glenn Strauss 
							
						 
					 
					
						
						
						
						
							
						
						
							cee11296aa 
							
						 
					 
					
						
						
							
							Reset dhm_P and dhm_G if config call repeated  
						
						... 
						
						
						
						Reset dhm_P and dhm_G if call to mbedtls_ssl_config_defaults() repeated
to avoid leaking memory.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com> 
						
						
					 
					
						2021-12-20 20:24:56 -05:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							1753261083 
							
						 
					 
					
						
						
							
							change write_supported_groups_ext prototype  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-12-20 22:32:09 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							ba07342cd6 
							
						 
					 
					
						
						
							
							Add generic write_supported-groups_ext  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-12-20 22:22:15 +08:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
						
						
							
						
						
							a4174312da 
							
						 
					 
					
						
						
							
							Initialize hash_len before using it  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com> 
						
						
					 
					
						2021-12-13 14:38:40 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
						
						
							
						
						
							f0fd4c3aee 
							
						 
					 
					
						
						
							
							mbedtls_ssl_parse_finished: zeroize expected finished value on error  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com> 
						
						
					 
					
						2021-12-13 12:36:15 +01:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							050ad4bb50 
							
						 
					 
					
						
						
							
							Merge pull request  #5313  from gilles-peskine-arm/missing-ret-check-mbedtls_md_hmac  
						
						... 
						
						
						
						Check HMAC return values 
						
						
					 
					
						2021-12-13 10:51:27 +00:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
						
						
							
						
						
							ecf6bebb9c 
							
						 
					 
					
						
						
							
							Catch failures of md_hmac operations  
						
						... 
						
						
						
						Declare mbedtls_md functions as MBEDTLS_CHECK_RETURN_TYPICAL, meaning that
their return values should be checked.
Do check the return values in our code. We were already doing that
everywhere for hash calculations, but not for HMAC calculations.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com> 
						
						
					 
					
						2021-12-11 15:00:57 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
						
						
							
						
						
							db6adc5aad 
							
						 
					 
					
						
						
							
							ssl: Fix some compilation guards for TLS 1.3 signature algorithms  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com> 
						
						
					 
					
						2021-12-10 14:25:35 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
						
						
							
						
						
							6f135e1148 
							
						 
					 
					
						
						
							
							Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3  
						
						... 
						
						
						
						As we have now a minimal viable implementation of TLS 1.3,
let's remove EXPERIMENTAL from the config option enabling
it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com> 
						
						
					 
					
						2021-12-10 13:47:55 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b873577fc3 
							
						 
					 
					
						
						
							
							Merge pull request  #5240  from duckpowermb/development  
						
						... 
						
						
						
						[session] fix a session copy bug 
						
						
					 
					
						2021-12-09 09:23:23 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							392113434a 
							
						 
					 
					
						
						
							
							Merge pull request  #5263  from ronald-cron-arm/psa-test-driver_3.x  
						
						... 
						
						
						
						Forward port to 3.x: Introduce PSA test driver library to test PSA configuration 
						
						
					 
					
						2021-12-07 12:52:20 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
						
						
							
						
						
							69a63426af 
							
						 
					 
					
						
						
							
							psa: Fix the size of hash buffers  
						
						... 
						
						
						
						Fix the size of hash buffers for PSA hash
operations.
Signed-off-by: Ronald Cron <ronald.cron@arm.com> 
						
						
					 
					
						2021-12-03 18:55:33 +01:00 
						 
				 
			
				
					
						
							
							
								吴敬辉 
							
						 
					 
					
						
						
						
						
							
						
						
							0b71611c80 
							
						 
					 
					
						
						
							
							[session] fix a session copy bug  
						
						... 
						
						
						
						fix a possible double reference on 'ticket'
when peer_cert/peer_cert_digest calloc failed.
Signed-off-by: 吴敬辉 <11137405@vivo.com> 
						
						
					 
					
						2021-11-29 10:50:04 +08:00 
						 
				 
			
				
					
						
							
							
								Xiaofei Bai 
							
						 
					 
					
						
						
						
						
							
						
						
							6dc90da740 
							
						 
					 
					
						
						
							
							Rebased on 74217ee and add fixes  
						
						... 
						
						
						
						Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com> 
						
						
					 
					
						2021-11-26 08:12:43 +00:00 
						 
				 
			
				
					
						
							
							
								Xiaofei Bai 
							
						 
					 
					
						
						
						
						
							
						
						
							9539501120 
							
						 
					 
					
						
						
							
							Rebase and add fixes  
						
						... 
						
						
						
						Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com> 
						
						
					 
					
						2021-11-26 08:09:26 +00:00 
						 
				 
			
				
					
						
							
							
								Xiaofei Bai 
							
						 
					 
					
						
						
						
						
							
						
						
							746f9481ea 
							
						 
					 
					
						
						
							
							Fix 1_3/13 usages in macros and function names  
						
						... 
						
						
						
						Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com> 
						
						
					 
					
						2021-11-26 08:08:36 +00:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
						
						
							
						
						
							a83014db4a 
							
						 
					 
					
						
						
							
							TLS1.3: Add signature scheme pkcs1 v1.5  
						
						... 
						
						
						
						Signed-off-by: XiaokangQian <xiaokang.qian@arm.com> 
						
						
					 
					
						2021-11-25 02:21:16 +00:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e2d707fea5 
							
						 
					 
					
						
						
							
							Merge pull request  #4866  from gabor-mezei-arm/3649_move_constant_time_functions_into_separate_module  
						
						... 
						
						
						
						Move constant-time functions into a separate module 
						
						
					 
					
						2021-11-24 19:33:00 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							be7b21da22 
							
						 
					 
					
						
						
							
							Merge branch 'development' into 3649_move_constant_time_functions_into_separate_module  
						
						
						
						
					 
					
						2021-11-24 10:44:13 +01:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
						
						
							
						
						
							4b82ca1b70 
							
						 
					 
					
						
						
							
							Refine test code and test scripts  
						
						... 
						
						
						
						Change client test code to support rsa pss signatures
Add test cases for rsa pss signature in ssl-opt.sh
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com> 
						
						
					 
					
						2021-11-22 05:50:12 +00:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
						
						
							
						
						
							82d34ccf47 
							
						 
					 
					
						
						
							
							Add signature scheme rsa pss  
						
						... 
						
						
						
						Signed-off-by: XiaokangQian <xiaokang.qian@arm.com> 
						
						
					 
					
						2021-11-22 05:50:12 +00:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							bb41a88f2e 
							
						 
					 
					
						
						
							
							Merge pull request  #5120  from yuhaoth/pr/fix-memory-leak-and-version-header  
						
						... 
						
						
						
						TLS1.3 :fix memory leak and version header 
						
						
					 
					
						2021-11-12 13:49:26 +01:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							a1a568c2f6 
							
						 
					 
					
						
						
							
							fix various issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-11-09 10:17:21 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							ba9c727e94 
							
						 
					 
					
						
						
							
							fix memory leak issue  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-10-30 20:23:45 +08:00 
						 
				 
			
				
					
						
							
							
								Brett Warren 
							
						 
					 
					
						
						
						
						
							
						
						
							e0edc8407b 
							
						 
					 
					
						
						
							
							Add mbedtls_ssl_conf_groups to API  
						
						... 
						
						
						
						mbedtls_ssl_conf_groups allows supported groups for key
sharing to be configured via their IANA NamedGroup ID.
This is added in anticipation of PQC and Hybrid key
sharing algorithms being integrated into Mbed TLS.
mbedtls_ssl_conf_curves is deprecated in favor of
mbedtls_ssl_conf_groups. handshake_init has been
modified to translate and copy curves configured
via conf_curves into a heap allocatied array of
NamedGroup IDs. This allows the refactoring of code
interacting with conf_curve related variables (such
as curve_list) to use NamedGroup IDs while retaining
the deprecated API.
Signed-off-by: Brett Warren <brett.warren@arm.com> 
						
						
					 
					
						2021-10-29 11:27:00 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							90437e3762 
							
						 
					 
					
						
						
							
							Rename constant-time functions to have mbedtls_ct prefix  
						
						... 
						
						
						
						Rename functions to better suite with the module name.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com> 
						
						
					 
					
						2021-10-20 11:59:27 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							9202ba37b1 
							
						 
					 
					
						
						
							
							Merge pull request  #4960  from mpg/cleanup-tls-cipher-psa-3.x  
						
						... 
						
						
						
						Clean up some remnants of TLS pre-1.2 support 
						
						
					 
					
						2021-10-19 21:59:15 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							765862c4f3 
							
						 
					 
					
						
						
							
							Move mbedtls_cf_memcmp to a new public header  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com> 
						
						
					 
					
						2021-10-19 12:22:25 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							6210320215 
							
						 
					 
					
						
						
							
							Merge pull request  #4989  from AndrzejKurek/remove-ssl-export-keys  
						
						... 
						
						
						
						Remove MBEDTLS_SSL_EXPORT_KEYS, making it always on 
						
						
					 
					
						2021-10-18 17:53:56 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e23bba04ee 
							
						 
					 
					
						
						
							
							Merge pull request  #4927  from yuhaoth/pr/add-tls13-serverhello-utils  
						
						... 
						
						
						
						TLS 1.3: ServerHello: add  utils functions used by ServerHello
Regarding the merge job, there was only one of the failure we currently encounter on almost all PR (Session resume using tickets, DTLS: openssl client test case see #5012 ) thus we can consider that this PR passed CI. 
						
						
					 
					
						2021-10-11 11:01:11 +02:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							fd320e9a6e 
							
						 
					 
					
						
						
							
							Replace zeroize with memset  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-10-08 21:52:41 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							ae0b2e2a2f 
							
						 
					 
					
						
						
							
							Rename counter_len  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-10-08 15:40:14 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							c1ddeef53a 
							
						 
					 
					
						
						
							
							fix various issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-10-08 15:40:14 +08:00 
						 
				 
			
				
					
						
							
							
								Andrzej Kurek 
							
						 
					 
					
						
						
						
						
							
						
						
							a72fe641cc 
							
						 
					 
					
						
						
							
							Do not zeroize the ssl context if a key exporting function is set  
						
						... 
						
						
						
						Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com> 
						
						
					 
					
						2021-09-29 17:08:31 -04:00 
						 
				 
			
				
					
						
							
							
								Andrzej Kurek 
							
						 
					 
					
						
						
						
						
							
						
						
							324f72ec9c 
							
						 
					 
					
						
						
							
							Fix a bug where the ssl context is used after it's nullified  
						
						... 
						
						
						
						When not using DEBUG_C, but using the DTLS CID feature -
a null pointer was accessed in ssl_tls.c.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com> 
						
						
					 
					
						2021-09-29 10:15:52 -04:00 
						 
				 
			
				
					
						
							
							
								Andrzej Kurek 
							
						 
					 
					
						
						
						
						
							
						
						
							5902cd64e2 
							
						 
					 
					
						
						
							
							Remove MBEDTLS_SSL_EXPORT_KEYS, making it always on  
						
						... 
						
						
						
						This option only gated an ability to set a callback,
but was deemed unnecessary as it was yet another define to
remember when writing tests, or test configurations. Fixes  #4653 .
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com> 
						
						
					 
					
						2021-09-29 10:15:42 -04:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							bfe3d87f24 
							
						 
					 
					
						
						
							
							Merge pull request  #4842  from gilles-peskine-arm/public_fields-3.0-info  
						
						... 
						
						
						
						Make some structure fields public: key info, ASN.1 and X.509 parsing, socket fd 
						
						
					 
					
						2021-09-29 12:37:09 +02:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							d96a5c2d86 
							
						 
					 
					
						
						
							
							Fix wrong usage of counter len macro  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-09-29 17:46:51 +08:00 
						 
				 
			
				
					
						
							
							
								gabor-mezei-arm 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							4602564d7a 
							
						 
					 
					
						
						
							
							Unify memcmp functions  
						
						... 
						
						
						
						Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com> 
						
						
					 
					
						2021-09-28 16:33:47 +02:00 
						 
				 
			
				
					
						
							
							
								gabor-mezei-arm 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							db9a38c672 
							
						 
					 
					
						
						
							
							Move contatnt-time memcmp functions to the contant-time module  
						
						... 
						
						
						
						Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com> 
						
						
					 
					
						2021-09-28 16:16:14 +02:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							d9a94fe3d0 
							
						 
					 
					
						
						
							
							Add counter length macro  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-09-28 20:10:26 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							148165cc6f 
							
						 
					 
					
						
						
							
							Remove psa version of get_handshake_transcript  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-09-27 16:34:58 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							000f976070 
							
						 
					 
					
						
						
							
							Rename get_handshake_transcript  
						
						... 
						
						
						
						- Remove tls13 prefix
- Remove TLS1_3 macro wrap
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-09-27 16:34:58 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							24c0ec31f9 
							
						 
					 
					
						
						
							
							tls13: add get_handshake_transcript  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-09-27 16:34:58 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							3bf1f97a0e 
							
						 
					 
					
						
						
							
							fix various issue on pending send alert  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-09-27 16:25:38 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							bbd5a3fded 
							
						 
					 
					
						
						
							
							fix pending_alert issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-09-27 16:25:38 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							e7047819ee 
							
						 
					 
					
						
						
							
							add pend fatal alert  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2021-09-27 16:25:38 +08:00