Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							bef824d394 
							
						 
					 
					
						
						
							
							SSL: use MD_CAN macros  
						
						... 
						
						
						
						Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> 
						
						
					 
					
						2023-03-21 16:29:31 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2a44ac245f 
							
						 
					 
					
						
						
							
							Merge pull request  #7217  from lpy4105/issue/6840/add-cache-entry-removal-api  
						
						... 
						
						
						
						ssl_cache: Add cache entry removal api 
						
						
					 
					
						2023-03-15 15:38:06 +01:00 
						 
				 
			
				
					
						
							
							
								Pengyu Lv 
							
						 
					 
					
						
						
						
						
							
						
						
							f30488f5cd 
							
						 
					 
					
						
						
							
							Move the usage string of cache_remove to USAGE_CACHE  
						
						... 
						
						
						
						Signed-off-by: Pengyu Lv <pengyu.lv@arm.com> 
						
						
					 
					
						2023-03-15 09:53:45 +08:00 
						 
				 
			
				
					
						
							
							
								Pengyu Lv 
							
						 
					 
					
						
						
						
						
							
						
						
							753d02ffd4 
							
						 
					 
					
						
						
							
							ssl_server2: Add options to support cache removal  
						
						... 
						
						
						
						Signed-off-by: Pengyu Lv <pengyu.lv@arm.com> 
						
						
					 
					
						2023-03-13 09:28:17 +08:00 
						 
				 
			
				
					
						
							
							
								Valerio Setti 
							
						 
					 
					
						
						
						
						
							
						
						
							5ba1d5eb2c 
							
						 
					 
					
						
						
							
							programs: use proper macro for ECDSA capabilities in ssl_sever2  
						
						... 
						
						
						
						Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no> 
						
						
					 
					
						2023-02-23 08:15:17 +01:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							f31c9e441b 
							
						 
					 
					
						
						
							
							Merge pull request  #7019  from tom-cosgrove-arm/dont-use-cast-assignment-in-ssl_server2.c  
						
						... 
						
						
						
						Don't use cast-assignment in ssl_server.c 
						
						
					 
					
						2023-02-06 12:13:08 +00:00 
						 
				 
			
				
					
						
							
							
								Tom Cosgrove 
							
						 
					 
					
						
						
						
						
							
						
						
							de85725507 
							
						 
					 
					
						
						
							
							Don't use cast-assignment in ssl_server.c  
						
						... 
						
						
						
						Would have used mbedtls_put_unaligned_uint32(), but alignment.h is in library/.
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com> 
						
						
					 
					
						2023-02-03 16:38:05 +00:00 
						 
				 
			
				
					
						
							
							
								Aditya Deshpande 
							
						 
					 
					
						
						
						
						
							
						
						
							644a5c0b2b 
							
						 
					 
					
						
						
							
							Fix bugs in example programs: change argc == 0 to argc < 2  
						
						... 
						
						
						
						Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com> 
						
						
					 
					
						2023-01-30 16:48:13 +00:00 
						 
				 
			
				
					
						
							
							
								Pengyu Lv 
							
						 
					 
					
						
						
						
						
							
						
						
							302feb3955 
							
						 
					 
					
						
						
							
							add cases to test session resumption with different ticket_flags  
						
						... 
						
						
						
						This commit add test cases to test if the check of kex change mode
in SessionTicket works well.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com> 
						
						
					 
					
						2023-01-13 11:05:56 +08:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
						
						
							
						
						
							449bd8303e 
							
						 
					 
					
						
						
							
							Switch to the new code style  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com> 
						
						
					 
					
						2023-01-11 14:50:10 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							c98624af3c 
							
						 
					 
					
						
						
							
							Merge pull request  #6680  from valeriosetti/issue6599  
						
						... 
						
						
						
						Allow isolation of EC J-PAKE password when used in TLS 
						
						
					 
					
						2022-12-14 11:04:33 +01:00 
						 
				 
			
				
					
						
							
							
								Valerio Setti 
							
						 
					 
					
						
						
						
						
							
						
						
							d75c5c4405 
							
						 
					 
					
						
						
							
							test: pake: fail in case the opaque key is destroyed unexpectedly  
						
						... 
						
						
						
						Signed-off-by: Valerio Setti <vsetti@baylibre.com> 
						
						
					 
					
						2022-12-13 11:51:32 +01:00 
						 
				 
			
				
					
						
							
							
								Valerio Setti 
							
						 
					 
					
						
						
						
						
							
						
						
							785116a5be 
							
						 
					 
					
						
						
							
							test: pake: modify opaque key verification before destruction  
						
						... 
						
						
						
						Signed-off-by: Valerio Setti <vsetti@baylibre.com> 
						
						
					 
					
						2022-12-12 11:59:25 +01:00 
						 
				 
			
				
					
						
							
							
								Valerio Setti 
							
						 
					 
					
						
						
						
						
							
						
						
							eb3f788b03 
							
						 
					 
					
						
						
							
							tls: pake: do not destroy password key in TLS  
						
						... 
						
						
						
						Signed-off-by: Valerio Setti <vsetti@baylibre.com> 
						
						
					 
					
						2022-12-08 18:42:58 +01:00 
						 
				 
			
				
					
						
							
							
								Valerio Setti 
							
						 
					 
					
						
						
						
						
							
						
						
							d5fa0bfb85 
							
						 
					 
					
						
						
							
							test: pake: check psa key validity before destroying it  
						
						... 
						
						
						
						Signed-off-by: Valerio Setti <vsetti@baylibre.com> 
						
						
					 
					
						2022-12-07 16:02:42 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							fbba0e9d75 
							
						 
					 
					
						
						
							
							Merge pull request  #6537  from yuhaoth/pr/tls13-refactor-early-data-configuration-interface  
						
						... 
						
						
						
						TLS 1.3: Refactor early data configuration interface. 
						
						
					 
					
						2022-12-07 09:42:12 +01:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							d146a37d56 
							
						 
					 
					
						
						
							
							Change the definition of max_early_data_size argument.  
						
						... 
						
						
						
						`conf_max_early_data_size` does not reuse as en/disable. When
call it, we should call `conf_early_data()` also.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2022-12-06 14:56:54 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							2c93fc1544 
							
						 
					 
					
						
						
							
							Revert "Add reco_debug_level to reduce debug output"  
						
						... 
						
						
						
						This reverts commit a6934776c90a834a321daf7eeb35f2ad7d402c50.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2022-12-06 11:05:54 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							54dfcb7794 
							
						 
					 
					
						
						
							
							fix comments and debug info issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2022-12-05 15:43:09 +08:00 
						 
				 
			
				
					
						
							
							
								Tom Cosgrove 
							
						 
					 
					
						
						
						
						
							
						
						
							1797b05602 
							
						 
					 
					
						
						
							
							Fix typos prior to release  
						
						... 
						
						
						
						Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com> 
						
						
					 
					
						2022-12-04 17:19:59 +00:00 
						 
				 
			
				
					
						
							
							
								Valerio Setti 
							
						 
					 
					
						
						
						
						
							
						
						
							d6feb20869 
							
						 
					 
					
						
						
							
							test: pake: allow opaque password only when USE_PSA is enabled  
						
						... 
						
						
						
						Signed-off-by: Valerio Setti <vsetti@baylibre.com> 
						
						
					 
					
						2022-12-02 14:28:49 +01:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							7854a4e019 
							
						 
					 
					
						
						
							
							Add max_early_data_size option for ssl_sever2  
						
						... 
						
						
						
						- to set max_early_data_set
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2022-12-01 23:11:48 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							a6934776c9 
							
						 
					 
					
						
						
							
							Add reco_debug_level to reduce debug output  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2022-12-01 23:11:48 +08:00 
						 
				 
			
				
					
						
							
							
								Valerio Setti 
							
						 
					 
					
						
						
						
						
							
						
						
							661b9bca75 
							
						 
					 
					
						
						
							
							test: psa_pake: add specific log message for the opaque password  
						
						... 
						
						
						
						Signed-off-by: Valerio Setti <vsetti@baylibre.com> 
						
						
					 
					
						2022-11-29 17:28:17 +01:00 
						 
				 
			
				
					
						
							
							
								Valerio Setti 
							
						 
					 
					
						
						
						
						
							
						
						
							77e8315f5b 
							
						 
					 
					
						
						
							
							fix formatting and typos  
						
						... 
						
						
						
						Signed-off-by: Valerio Setti <vsetti@baylibre.com> 
						
						
					 
					
						2022-11-29 17:28:04 +01:00 
						 
				 
			
				
					
						
							
							
								Valerio Setti 
							
						 
					 
					
						
						
						
						
							
						
						
							d572a82df9 
							
						 
					 
					
						
						
							
							tls: psa_pake: add test for opaque password  
						
						... 
						
						
						
						Signed-off-by: Valerio Setti <vsetti@baylibre.com> 
						
						
					 
					
						2022-11-29 11:30:56 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							fd7aa13671 
							
						 
					 
					
						
						
							
							Merge pull request  #6436  from yanrayw/ssl_client2-add-build-version  
						
						... 
						
						
						
						Add build version to the output of ssl_client2 and ssl_server2 
						
						
					 
					
						2022-11-10 14:39:38 +01:00 
						 
				 
			
				
					
						
							
							
								Yanray Wang 
							
						 
					 
					
						
						
						
						
							
						
						
							eaf46d1291 
							
						 
					 
					
						
						
							
							Add output of build version in ssl_server2  
						
						... 
						
						
						
						Usage:
- By default, build version is printed out in the beginning of
ssl_server2 application.
- ./ssl_server2 build_version=1 only prints build verison and stop
Signed-off-by: Yanray Wang <yanray.wang@arm.com> 
						
						
					 
					
						2022-10-28 10:53:50 +08:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							744fd37d23 
							
						 
					 
					
						
						
							
							Merge pull request  #6467  from davidhorstmann-arm/fix-unusual-macros-0  
						
						... 
						
						
						
						Fix unusual macros 
						
						
					 
					
						2022-10-25 19:55:29 +02:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
						
						
							
						
						
							3f44e5b11a 
							
						 
					 
					
						
						
							
							Refactor macro-spanning if in ssl_server2.c  
						
						... 
						
						
						
						Signed-off-by: David Horstmann <david.horstmann@arm.com> 
						
						
					 
					
						2022-10-24 13:12:19 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
						
						
							
						
						
							73fe8df922 
							
						 
					 
					
						
						
							
							Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED  
						
						... 
						
						
						
						Introduce and use
MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED to
guard TLS code (both 1.2 and 1.3) specific
to handshakes involving PSKs.
Signed-off-by: Ronald Cron <ronald.cron@arm.com> 
						
						
					 
					
						2022-10-22 14:42:04 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
						
						
							
						
						
							e68ab4f55e 
							
						 
					 
					
						
						
							
							Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED  
						
						... 
						
						
						
						Introduce and use
MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED to
guard TLS code (both TLS 1.2 and 1.3) specific
to handshakes involving certificates.
Signed-off-by: Ronald Cron <ronald.cron@arm.com> 
						
						
					 
					
						2022-10-22 14:42:04 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
						
						
							
						
						
							81378b72e8 
							
						 
					 
					
						
						
							
							programs: ssl: Remove dependency on TLS 1.3 for "sig_algs" option  
						
						... 
						
						
						
						Signature algorithms can be specified through
the sig_algs option for TLS 1.2 as well.
Signed-off-by: Ronald Cron <ronald.cron@arm.com> 
						
						
					 
					
						2022-10-21 14:40:56 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
						
						
							
						
						
							20a8e63b23 
							
						 
					 
					
						
						
							
							programs: ssl: Fix some mbedtls_ssl_conf_sig_algs() guards  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com> 
						
						
					 
					
						2022-10-21 14:36:43 +02:00 
						 
				 
			
				
					
						
							
							
								Andrzej Kurek 
							
						 
					 
					
						
						
						
						
							
						
						
							b50754ae86 
							
						 
					 
					
						
						
							
							Switch from x509_CRT_PARSE to KEY_EXCHANGE_WITH_CERT_ENABLED  
						
						... 
						
						
						
						Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com> 
						
						
					 
					
						2022-10-19 08:35:09 -04:00 
						 
				 
			
				
					
						
							
							
								Andrzej Kurek 
							
						 
					 
					
						
						
						
						
							
						
						
							d0786f5f26 
							
						 
					 
					
						
						
							
							Revert one of the changes to ssl_server2 dependencies  
						
						... 
						
						
						
						Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com> 
						
						
					 
					
						2022-10-19 08:35:09 -04:00 
						 
				 
			
				
					
						
							
							
								Andrzej Kurek 
							
						 
					 
					
						
						
						
						
							
						
						
							6ee1e20d7f 
							
						 
					 
					
						
						
							
							Replace x509_CRT_PARSE_C with KEY_EXCHANGE_WITH_CERT_ENABLED  
						
						... 
						
						
						
						SSL programs use certificates in an exchange, so it's more natural
to have such dependency instead of just certificate parsing.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com> 
						
						
					 
					
						2022-10-19 08:35:09 -04:00 
						 
				 
			
				
					
						
							
							
								Andrzej Kurek 
							
						 
					 
					
						
						
						
						
							
						
						
							e38b788b79 
							
						 
					 
					
						
						
							
							Add missing key exchange dependencies  
						
						... 
						
						
						
						Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com> 
						
						
					 
					
						2022-10-19 08:35:08 -04:00 
						 
				 
			
				
					
						
							
							
								Andrzej Kurek 
							
						 
					 
					
						
						
						
						
							
						
						
							68327748d3 
							
						 
					 
					
						
						
							
							Add missing dependencies  
						
						... 
						
						
						
						Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com> 
						
						
					 
					
						2022-10-19 08:35:08 -04:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							8fd3254cfc 
							
						 
					 
					
						
						
							
							Merge pull request  #6374  from mprse/enc_types  
						
						... 
						
						
						
						Test TLS 1.2 builds with each encryption type 
						
						
					 
					
						2022-10-12 12:45:50 +02:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							c79742303d 
							
						 
					 
					
						
						
							
							Remove unnecessary empty line and fix format issue  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2022-10-11 21:22:33 +08:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
						
						
							
						
						
							d61a4d3d1a 
							
						 
					 
					
						
						
							
							Fix missing guard and double-space  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com> 
						
						
					 
					
						2022-10-11 09:40:40 +02:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							6916e70521 
							
						 
					 
					
						
						
							
							fix various issues  
						
						... 
						
						
						
						- adjust guards. Remove duplicate guards and adjust format.
- Return success at function end. Not `ret`
- change input len
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2022-10-10 21:33:51 +08:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
						
						
							
						
						
							68a01a6720 
							
						 
					 
					
						
						
							
							Fix session tickets related build flags in fuzz_server and ssl_server2  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com> 
						
						
					 
					
						2022-10-10 13:30:43 +02:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							03b8f9d299 
							
						 
					 
					
						
						
							
							Adjust guards for dummy_tickets  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2022-10-08 14:56:38 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							25ab654781 
							
						 
					 
					
						
						
							
							Add dummy ticket support  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2022-10-07 10:11:05 +08:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e3358e14b2 
							
						 
					 
					
						
						
							
							Merge pull request  #6051  from mprse/permissions_2b_v2  
						
						... 
						
						
						
						Permissions 2b: TLS 1.3 sigalg selection 
						
						
					 
					
						2022-09-28 09:50:04 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Elliott 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2c282c9bd0 
							
						 
					 
					
						
						
							
							Merge pull request  #6180  from yuhaoth/pr/add-tls13-multiple-session-tickets  
						
						... 
						
						
						
						TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session. 
						
						
					 
					
						2022-09-23 15:48:33 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
						
						
							
						
						
							50969e3af5 
							
						 
					 
					
						
						
							
							ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com> 
						
						
					 
					
						2022-09-20 15:57:57 +02:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
						
						
							
						
						
							7a51305478 
							
						 
					 
					
						
						
							
							Add multi-session tickets test  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> 
						
						
					 
					
						2022-09-19 14:26:07 +08:00