cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-01 01:16:36 -04:00
Code Issues Packages Projects Releases Wiki Activity
21,622 Commits 7 Branches 115 Tags
Commit Graph

21622 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
97483b0fd4 Remove incorrect comment 
This comment (which used to be attached to the implementation, and should
not have been moved to the header file) is incorrect: the library function
mbedtls_mpi_read_string preserves leading zeros as desired, but does not
create a zero-limb object for an empty string.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-09-30 18:51:41 +02:00
Gilles Peskine
845de0898e
Merge pull request #6083 from tom-cosgrove-arm/issue-6015-montgomery-multiplication 
Montgomery multiplication from bignum prototype
 2022-09-30 10:35:21 +02:00
Gilles Peskine
31a8815f25 Documentation typo 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-09-29 18:48:41 +02:00
Tom Cosgrove
6da3a3b15f Fix doc regarding aliasing of modulus input to mbedtls_mpi_core_montmul() 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-09-29 17:20:18 +01:00
Tom Cosgrove
4386ead662 Correct the aliasing requirements in doc for mbedtls_mpi_core_montmul(), and test them 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-09-29 14:40:21 +01:00
Przemek Stekiel
48a6a666a0 Add ssl-opt tls 1.2 tests for single cipher builds 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-29 15:29:33 +02:00
Przemek Stekiel
ce5b68c7a3 Revert "Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions" 
This reverts commit a82290b7271a3cd489e62a0f98d24622dbbf4bbe.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-29 15:29:18 +02:00
Przemek Stekiel
8d4b241028 Remove redundant indirect dependencies after optimizing setup for one cipher components 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-29 10:13:40 +02:00
Przemek Stekiel
a891a091a3 test_suite_cmac.data: fix bug: use cipher type instead cipher id 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-29 09:53:20 +02:00
Przemek Stekiel
68db0d2f67 Optimize one cipher only components and adapt nemes 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-29 08:32:25 +02:00
Ronald Cron
77c691f099
Merge pull request #6194 from xkqian/tls13_add_psk_client_cases 
TLS 1.3: Add PSK client cases
 2022-09-28 17:08:06 +02:00
Przemek Stekiel
0cc3466c9e Change testing strategy to default + one cypher only (psa/no psa) 
In full config TLS 1.2 is disabled.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 12:06:57 +02:00
Przemek Stekiel
b0de1c040b Add components to build and test default/full config with legacy-ccm cipher only 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 11:15:16 +02:00
Przemek Stekiel
9550c05757 Add component to build and test full config with stream cipher only 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 09:51:55 +02:00
Xiaokang Qian
a70bd9108a Fix the description of psk client cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-28 07:50:13 +00:00
Manuel Pégourié-Gonnard
e3358e14b2
Merge pull request #6051 from mprse/permissions_2b_v2 
Permissions 2b: TLS 1.3 sigalg selection
 2022-09-28 09:50:04 +02:00
Manuel Pégourié-Gonnard
f3f9e450b6
Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2 
Ad-hoc KDF for EC J-PAKE in TLS 1.2
 2022-09-28 09:47:32 +02:00
Przemek Stekiel
e31ba83675 Use basic symbols instead MBEDTLS_CIPHER_MODE_AEAD in check config 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 09:44:58 +02:00
Przemek Stekiel
d582a01073 Make MBEDTLS_SSL_CONTEXT_SERIALIZATION dependent on AEAD 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 07:59:01 +02:00
Xiaokang Qian
ca343ae280 Improve message logs and test cases description in psk 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-28 02:07:54 +00:00
Ronald Cron
cba39a386f Add change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-09-27 19:10:39 +02:00
Gabor Mezei
0bb138241b
Add initialization for structures 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-09-27 18:48:44 +02:00
Przemek Stekiel
4c49927bad Fix unused variables warnings in default + stream cipher only build 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-27 15:04:14 +02:00
Przemek Stekiel
6f29a6c4b4 test_suite_cipher.function: always include aes.h 
It is done to have MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH macro available (used in tests)

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-27 15:04:14 +02:00
Przemek Stekiel
a82290b727 Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions 
Both functions are calling mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions. These functions are guarded with MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C flags - make it consistent.
As a result ssl_server2 won't build now with MBEDTLS_SSL_SESSION_TICKETS enabled (mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions not available).
Mark MBEDTLS_SSL_SESSION_TICKETS as dependent on MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C and disable MBEDTLS_SSL_SESSION_TICKETS in stream cipher only build.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-27 15:04:14 +02:00
Przemek Stekiel
89ad62352d Fix guards for mbedtls_ct_size_mask() and mbedtls_ct_memcpy_if_eq() 
Both functions are used when MBEDTLS_SSL_SOME_SUITES_USE_MAC is defined not MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-27 15:04:14 +02:00
Przemek Stekiel
11c362a050 Add component to build and test default config with stream cipher only 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-27 15:04:08 +02:00
Xiaokang Qian
9c172042b6 Change cases description base on comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-27 11:41:50 +00:00
Xiaokang Qian
e12d30d751 Move psk related cases into tls13-kex-modes.sh 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-27 11:34:14 +00:00
Andrzej Kurek
f13925c022 Add a changelog entry for ECJPAKE to PMS KDF 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-27 05:16:10 -04:00
Ronald Cron
c27a9074c4 tls13: server: Add comment when trying another sig alg 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-09-27 10:07:55 +02:00
Xiaokang Qian
cb6e96305f Change kex mode string name 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-27 08:02:41 +00:00
Ronald Cron
b72dac4ed7 Fix PSA identifier of RSA_PKCS1V15 signing algorithms 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-09-27 09:25:47 +02:00
Andrzej Kurek
e09aff8f5a Add information about ECJPAKE_TO_PMS output size expectations 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-26 10:59:31 -04:00
Andrzej Kurek
3539f2c90b Improve readability in ecjpake tests 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-26 10:56:02 -04:00
Andrzej Kurek
b510cd2c50 Fix a copy-paste error - wrong macro used 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-26 10:50:22 -04:00
Andrzej Kurek
5603efd525 Improve readability and formatting 
Also use a sizeof instead of a constant for zeroization, as
requested in review.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-26 10:49:16 -04:00
Andrzej Kurek
96b9f23853 Adjust ECJPAKE_TO_PMS macro value 
This way the low 8 bits of the identifier indicate that this algorithm is used
with SHA-256.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-26 10:30:46 -04:00
Xiaokang Qian
954d5769ef PSK: change descriptions base on comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-26 08:40:10 +00:00
Xiaokang Qian
5beec4b339 Refine ssl_get_kex_mode_str() for easy automatic generation 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-26 08:23:45 +00:00
Xiaokang Qian
ac8195f4f7 Fix wrongly kex mode fallback issue in psk cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-26 06:31:58 +00:00
Gilles Peskine
5596c74a98
Merge pull request #6140 from Zaya-dyno/validation_remove_change_auth_enc 
Validation remove change auth enc
 2022-09-23 17:04:31 +02:00
Gilles Peskine
12a1e85caa
Merge pull request #6138 from Zaya-dyno/validation_remove_change_key_agree 
Validation remove change key agree
 2022-09-23 17:04:20 +02:00
Gilles Peskine
f70f4ead7f
Merge pull request #6248 from gilles-peskine-arm/all-sh-force-3.2 
Fix all.sh --force
 2022-09-23 17:04:00 +02:00
Gilles Peskine
8c2d236117
Merge pull request #6188 from N3xed/fix/windows-different-drives-build-error 
Copy files instead of hard-linking on Windows
 2022-09-23 17:03:50 +02:00
Gilles Peskine
87953f228f
Merge pull request #6091 from Zaya-dyno/validation_remove_change_pk 
Validation remove change pk
 2022-09-23 17:03:30 +02:00
Paul Elliott
2c282c9bd0
Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets 
TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.
 2022-09-23 15:48:33 +01:00
Gabor Mezei
f29c2a5313
Add initialization for structures 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-09-23 15:25:27 +02:00
Xiaokang Qian
210727f3b1 Skip some psk cases cause wrong fallback to ephemeral 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 07:25:40 +00:00
Jerry Yu
ba627bfd0d improve document about session tickets 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-23 09:58:22 +08:00