cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-14 17:47:46 -04:00
Code Issues Packages Projects Releases Wiki Activity
16,571 Commits 7 Branches 115 Tags
Commit Graph

16571 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
c537aa83f4 CAMELLIA: add missing context init/free 
This fixes the self-test with alternative implementations.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-05-25 09:23:10 +02:00
Gilles Peskine
be89fea1a7 ARIA: add missing context init/free 
This fixes the self-test with alternative implementations.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-05-25 09:23:10 +02:00
Gilles Peskine
59392b0075 Fix misplaced extern "C" affecting MBEDTLS_ARIA_ALT 
Reported via Mbed OS:
https://github.com/ARMmbed/mbed-os/issues/14694

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-05-25 09:23:10 +02:00
Thomas Daubney
3ca92b182c Re-wording of Migration guide entry 
Commit re-words the migration guide
entry as requested in review.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2021-05-24 14:11:39 +01:00
TRodziewicz
9d1ce40898 Additional corrections 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 14:07:17 +02:00
TRodziewicz
4ca18aae38 Corrections after the code review 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 13:38:00 +02:00
TRodziewicz
d807060e0a Addition of migration guide and corrections to the ChangeLog file 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:50:51 +02:00
TRodziewicz
97e41723fa Remove the _SSL_FALLBACK_ tests 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:50:42 +02:00
TRodziewicz
6370dbeb1d Remove the _SSL_FALLBACK_ parts 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:49:59 +02:00
TRodziewicz
2d8800e227 Small corrections in the comments 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:49:24 +02:00
TRodziewicz
b5850c5216 Correction of too restrictive ssl cli minor check 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:49:15 +02:00
TRodziewicz
ef73f01927 Removing strayed dtls1 after doing tests 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:49:04 +02:00
TRodziewicz
55bd84bebc Correction to the ssl client/server usage comment. 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:48:40 +02:00
TRodziewicz
28126050f2 Removal of constants and functions and a new ChangeLog file 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:48:12 +02:00
TRodziewicz
0f82ec6740 Remove the TLS 1.0 and 1.1 support 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:45:20 +02:00
Hanno Becker
55bc2c53af Test TLS 1.3 PSK binder calculation helper 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-24 11:20:30 +01:00
Hanno Becker
b7d9bad6be Add helper function for calculation of TLS 1.3 PSK binder 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-24 11:20:30 +01:00
Hanno Becker
a4f40a0f48 Test TLS 1.3 second level key derivation helpers 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-24 11:20:27 +01:00
Thomas Daubney
2fbbe1d2fe Corrections to ChangeLog and Migration guide 
This commit fixes typos and re-words
the migration guide. It also adds
the issue number to the ChangeLog.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2021-05-24 10:53:57 +01:00
Hanno Becker
ef5235bc2e Add TLS 1.3 second level key derivations 
This commit adds helper functions to ssl_tls13_keys.[ch]
allowing to derive the secrets specific to each stage of
a TLS 1.3 handshake (early, handshake, application) from
the corresponding master secret (early secret, handshake
secret, master secret).

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-24 08:32:24 +01:00
Hanno Becker
3bbf4c058f Fix typo in migration guide for ticket API change 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-23 06:20:23 +01:00
Hanno Becker
fb1add76fd Don't use markdown formatting in ChangeLog 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-23 06:03:55 +01:00
Hanno Becker
88f86f7f37 Remove copy-pasta from record API documentation 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-23 06:03:55 +01:00
Hanno Becker
ebd6ab7f6e Improve documentation of record expansion API 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-23 06:03:55 +01:00
Hanno Becker
24628b69be Add ChangeLog entry 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-23 06:03:55 +01:00
Hanno Becker
b2efc4d464 Add migration guide 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-23 06:03:55 +01:00
Hanno Becker
80d163d496 Remove Doxygen references to now-internal MFL query API 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-23 06:03:55 +01:00
Hanno Becker
2d8e99b097 Add API to query maximum plaintext size of incoming records 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-23 06:03:55 +01:00
Hanno Becker
be746949c4 Relax documentation of mbedtls_ssl_get_max_out_record_payload() 
The previous documentation could be read as exhaustively listing
the factors that go into computing the maximum outgoing record
plaintext size -- we should give examples, but allow ourselves
to add more factors in the future.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-23 06:03:55 +01:00
Hanno Becker
9752aadd85 Make query API for state of MFL extension internal 
This commit makes the API

- mbedtls_ssl_get_output_max_frag_len()
- mbedtls_ssl_get_input_max_frag_len()
- mbedtls_ssl_get__max_frag_len()

for querying the state of the Maximum Fragment Length
extension internal.

Rationale: The value those APIs provide to the user is in
upper bounds for the size of incoming and outgoing records,
which can be used to size application data buffers apporpriately
before passing them to mbedtls_ssl_{read,write}(). However,
there are other factors which influence such upper bounds,
such as the MTU or other extensions (specifically, the
record_size_limit extension which is still to be implemented)
which should be taken into account.

There should be more general APIs for querying the maximum
size of incoming and outgoing records.

For the maximum size of outgoing records, we already have such,
namely mbedtls_ssl_get_max_out_record_payload().

For the maximum size of incoming records, a new API will be
added in a subsequent commit.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-23 06:03:55 +01:00
Hanno Becker
c49d15fded Use 'version-specific' instead of 'implementation-defined' in API 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-23 05:41:21 +01:00
Mateusz Starzyk
28c8cce051 Add conditional error.h include to test helpers function. 
`mbedtls_test_hook_error_add` is referenced inside main_test.function.
Including the `error.h` is necessary to build suites which define both
MBEDTLS_TEST_HOOKS and MBEDTLS_ERROR_C, such as:
build_psa_accel_alg_ecdh

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-05-21 18:10:44 +02:00
Mateusz Starzyk
f2b11a9a77 Add MBEDTLS_ALLOW_PRIVATE_ACCESS to tests drivers 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-05-21 18:10:44 +02:00
Mateusz Starzyk
beb95b4d25 Adjust doxyfile to expand MBEDTLS_PRIVATE macro. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-05-21 18:10:44 +02:00
Mateusz Starzyk
5dd4f6e9ce Add MBEDTLS_PRIVATE wrapping to sample programs. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-05-21 18:10:44 +02:00
Mateusz Starzyk
6c2e9b6048 Add MBEDTLS_ALLOW_PRIVATE_ACCESS to test programs 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-05-21 18:10:44 +02:00
Mateusz Starzyk
363eb29d4b Fix MBEDTLS_PRIVATE wrapping in the library's headers. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-05-21 18:10:44 +02:00
Mateusz Starzyk
88fa17d1e9 Add missing 'common.h' include. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-05-21 18:10:44 +02:00
Mateusz Starzyk
846f021de2 Run MBEDTLS_PRIVATE wrapping script on the library. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-05-21 18:10:44 +02:00
Mateusz Starzyk
0d41abbde6 Introduce scripts automating wrapping structs members with MBEDTLS_PRIVATE. 
Usage: run setup_and_run_MBEDTLS_PRIVATE.sh

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-05-21 18:07:06 +02:00
Mateusz Starzyk
2c09c9bca9 Introduce MBEDTLS_PRIVATE macro. 
Public structs members are considered private and should not
be used by users application.

MBEDTLS_PRIVATE(member) macro is intended to clearly indicate
which members are private.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-05-21 18:07:06 +02:00
Thomas Daubney
f54c5c5547 Fixes typo 
Commit fixes typo in rsa.h found in review.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2021-05-21 17:05:21 +01:00
Thomas Daubney
62b0d1dbc8 Adds ChangeLog and Migration guide entry 
Commit adds relevant entry to the
ChangeLog and to the
Migration guide.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2021-05-21 17:05:12 +01:00
Ronald Cron
f823722af4
Merge pull request #4532 from gilles-peskine-arm/host_test-int32-3.0 
Fix build error in host_test.function when int32_t is not int
 2021-05-21 16:02:28 +02:00
Thomas Daubney
d58ed587fd Restores erroneously removed checks 
Some padding checks in rsa.c were
erroneously removed in a previous
commit and are restored in this
commit.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2021-05-21 11:50:39 +01:00
Thomas Daubney
2c65db9655 Corrects documentation in rsa.h 
Some documentation in rsa.h was
still incorrect regarding f_rng
being mandatory. This has now
been corrected.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2021-05-21 10:58:28 +01:00
Janos Follath
7fc487c4d6
Merge pull request #4347 from hanno-arm/ssl_session_cache_3_0 
Add session ID as an explicit parameter to SSL session cache API
 2021-05-21 09:28:55 +01:00
Manuel Pégourié-Gonnard
ea047c8590
Merge pull request #4429 from gilles-peskine-arm/openssl-dhparam-robustness-3.0 
Fix SSL tests scripts with recent OpenSSL server with Diffie-Hellman
 2021-05-21 10:16:38 +02:00
Manuel Pégourié-Gonnard
59c4412767
Merge pull request #4497 from netfoundry/fix-mingw-build-development 
Use proper formatting macros when using MinGW provided stdio
 2021-05-21 10:03:26 +02:00
Ronald Cron
ca72287583
Merge pull request #4304 from mstarzyk-mobica/convert_NO_SHA384_to_positive 
Modify config option for SHA384.
 2021-05-21 08:04:33 +02:00