cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-30 19:20:40 -04:00
Code Issues Packages Projects Releases Wiki Activity
17,816 Commits 7 Branches 115 Tags
Commit Graph

538 Commits

Author SHA1 Message Date
XiaokangQian
1aef02ee20 Fix initialized issues and remove useless code 
Fix the variable not inialized issue, remove the client
certificate related code, remove early data related code.

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-11-10 01:47:23 +00:00
XiaokangQian
f13c56032f Revert some changes about tls13 and macros 
There is one PR #4988 to change it in the future

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-11-10 01:47:23 +00:00
XiaokangQian
a763498490 Change code based on commetns 
Focus on the code style, naming rule,etc.

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-11-10 01:47:23 +00:00
XiaokangQian
aa5f5c1f5d TLS1.3: Add server finish processing in client side 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-11-10 01:47:22 +00:00
Manuel Pégourié-Gonnard
0dbe1dfa1c
Merge pull request #4859 from brett-warren-arm/supported_groups 
Add mbedtls_ssl_conf_groups to API
 2021-11-02 10:49:09 +01:00
Brett Warren
e0edc8407b Add mbedtls_ssl_conf_groups to API 
mbedtls_ssl_conf_groups allows supported groups for key
sharing to be configured via their IANA NamedGroup ID.

This is added in anticipation of PQC and Hybrid key
sharing algorithms being integrated into Mbed TLS.

mbedtls_ssl_conf_curves is deprecated in favor of
mbedtls_ssl_conf_groups. handshake_init has been
modified to translate and copy curves configured
via conf_curves into a heap allocatied array of
NamedGroup IDs. This allows the refactoring of code
interacting with conf_curve related variables (such
as curve_list) to use NamedGroup IDs while retaining
the deprecated API.

Signed-off-by: Brett Warren <brett.warren@arm.com>
 2021-10-29 11:27:00 +01:00
XiaokangQian
7b2d4efee8 Change the buffer boundary check and alert type 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-10-28 01:49:37 +00:00
XiaokangQian
2d5c72be0b TLS1.3: Add Encrypted Extensions 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-10-28 01:49:37 +00:00
Gilles Peskine
6210320215
Merge pull request #4989 from AndrzejKurek/remove-ssl-export-keys 
Remove MBEDTLS_SSL_EXPORT_KEYS, making it always on
 2021-10-18 17:53:56 +02:00
Ronald Cron
e23bba04ee
Merge pull request #4927 from yuhaoth/pr/add-tls13-serverhello-utils 
TLS 1.3: ServerHello: add  utils functions used by ServerHello
Regarding the merge job, there was only one of the failure we currently encounter on almost all PR (Session resume using tickets, DTLS: openssl client test case see #5012) thus we can consider that this PR passed CI.
 2021-10-11 11:01:11 +02:00
Jerry Yu
ae0b2e2a2f Rename counter_len 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 15:40:14 +08:00
Andrzej Kurek
5902cd64e2 Remove MBEDTLS_SSL_EXPORT_KEYS, making it always on 
This option only gated an ability to set a callback,
but was deemed unnecessary as it was yet another define to
remember when writing tests, or test configurations. Fixes #4653.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2021-09-29 10:15:42 -04:00
Jerry Yu
d96a5c2d86 Fix wrong usage of counter len macro 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-29 17:46:51 +08:00
Manuel Pégourié-Gonnard
1869377146
Merge pull request #4942 from yuhaoth/pr/add-tls13-client-dummy-state-handlers 
add tls13 client dummy state handlers and improve dispatch test
 2021-09-29 10:45:16 +02:00
Jerry Yu
d9a94fe3d0 Add counter length macro 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-28 20:10:26 +08:00
Jerry Yu
957f0fa1f7 Add length macro for in_ctr 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Jerry Yu
394ece6cdd Add function for set pending alert flag 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:38 +08:00
Jerry Yu
33cedca8aa fix comments issue 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:38 +08:00
Jerry Yu
e7047819ee add pend fatal alert 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:38 +08:00
Jerry Yu
687101b2e6 tls13: add dummy state machine handler 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:05 +08:00
Jerry Yu
e226cef124 Add NamedGroup IANA values and helper functions 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-08 09:52:15 +08:00
Jerry Yu
1bc2c1f1a3 fix various issues 
fix comments, format and name conversion issues

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:20 +08:00
Jerry Yu
a2cf7bd243 fix comment issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:20 +08:00
Jerry Yu
995ecd396f fix wrong iana values and comments 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:20 +08:00
Jerry Yu
b3317e1a01 Add extension types in rfc8446 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:19 +08:00
Jerry Yu
7984d9931e Add tls1.3 extension IANA values 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:19 +08:00
Jerry Yu
a13c7e739c add dummy client hello process 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-03 16:29:19 +08:00
Manuel Pégourié-Gonnard
e45ee40f7e
Merge pull request #4811 from hanno-arm/tls13_ciphersuite_api 
Add TLS 1.3 ciphersuite and key exchange identifiers and API
 2021-08-30 09:47:46 +02:00
Jerry Yu
cadebe5343 fix several format and comment issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-08-25 18:13:42 +08:00
Andrey Starodubtsev
90cc33aad6 Misprint was fixed 
Signed-off-by: Andrey Starodubtsev <andrey.starodubtsev@gmail.com>
 2021-08-23 12:20:41 +03:00
Manuel Pégourié-Gonnard
01a78599b0
Merge pull request #4864 from hanno-arm/upstream_sig_alg_identifers 
TLS 1.3 MVP: Upstream TLS 1.3 SignatureAlgorithm identifiers and configuration API
 2021-08-19 09:12:59 +02:00
Jerry Yu
447a3bee17 fix wrong typo and format issues 
Change-Id: I99a4c7d28c26bfcc43bc8947485d1dfafb6974dc
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-08-18 09:55:36 +08:00
Manuel Pégourié-Gonnard
684543a3a8
Merge pull request #4807 from hanno-arm/bio_recv_ret_0_eof 
Document that returning 0 from the recv callback means EOF
 2021-08-17 10:30:46 +02:00
Jerry Yu
7899de839c fix comments and format issues 
Change-Id: I927d97f9d788389d6abb9edbda0f7c3e2f8e9b63
CustomizedGitHooks: yes
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-08-17 13:26:59 +08:00
Manuel Pégourié-Gonnard
93a3ca6caf
Merge pull request #4413 from gilles-peskine-arm/tls_ext_cid-config 
Allow configuring MBEDTLS_TLS_EXT_CID at compile time
 2021-08-13 10:49:50 +02:00
Gilles Peskine
7dd2f504b3 Allow configuring MBEDTLS_TLS_EXT_CID at compile time 
The numerical identifier of the CID extension hasn't been settled yet
and different implementations use values from different drafts. Allow
configuring the value at compile time.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-08-12 10:31:01 +02:00
Hanno Becker
5d045a8b89 Stick to 'ephemeral' instead of ECDHE for TLS 1.3 key exchanges 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
674f9480cf Fix typo: algorithmc -> algorithms 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
d4fa9bc710 Remove outdated mentioning of version-specific ciphersuite config 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
a2535931ac Add Doxygen documentation for TLS 1.3 key exchange macros 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
71f1ed66c2 Add identifiers and API for configuration of TLS 1.3 key exchanges 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:28:45 +01:00
Hanno Becker
e486b2d7bb Document use of mbedtls_ssl_conf_ciphersuites() for TLS 1.3 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:28:45 +01:00
Hanno Becker
e043d15d75 Turn comments of 1.3 record transforms into Doxygen documentation 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:22:52 +01:00
Hanno Becker
1cd6e0021f Add experimental API for configuration of TLS 1.3 sig algs 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 13:55:43 +01:00
Hanno Becker
551265f879 Add TLS 1.3 IANA signature-algorithm values 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 13:03:48 +01:00
Hanno Becker
3aa186f946 Add transforms to be used for TLS 1.3 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 09:24:19 +01:00
Hanno Becker
0e719ff341 Improve the documentation of legacy msg layer transforms 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 09:24:08 +01:00
Hanno Becker
b6bbbb174d Fix typo in documentation of ssl->transform_out 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 09:00:14 +01:00
Gilles Peskine
3fbc5d3cf2
Merge pull request #4815 from gilles-peskine-arm/generate_errors-multiline-3.0 
Move MBEDTLS_ERR_xxx Doxygen comments before the definition
 2021-08-03 13:46:21 +02:00
Gilles Peskine
d297157fe8 Move MBEDTLS_ERR_xxx Doxygen comments before the definition 
Now that descriptions of error codes no longer have to be on the same line
for the sake of generate_errors.pl, move them to their own line before the
definition. This aligns them with what we do for other definitions, and
means that we no longer need to have very long lines containing both the C
definition and the comment.

```
perl -i -pe 's~^(#define +MBEDTLS_ERR_\w+ +-\w+) */\*[*!]<(.*)\*/~/**$2*/\n$1~' include/mbedtls/*.h
```

This commit does not change the output of generate_errors.pl.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-08-02 22:51:03 +02:00