cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-11 06:25:01 -04:00
Code Issues Packages Projects Releases Wiki Activity
19,015 Commits 7 Branches 115 Tags
Commit Graph

2930 Commits

Author SHA1 Message Date
Xiaofei Bai
746f9481ea Fix 1_3/13 usages in macros and function names 
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
 2021-11-26 08:08:36 +00:00
Gabor Mezei
be7b21da22
Merge branch 'development' into 3649_move_constant_time_functions_into_separate_module 2021-11-24 10:44:13 +01:00
Gilles Peskine
9264428266
Merge pull request #5105 from AaronErhardt/doc-fixes 
doc improvements in aes and sha256 includes
 2021-11-22 22:22:00 +01:00
Max Fillinger
e85bb7096f Fix documentation for block size getters 
- Document unit (bytes)
- Explain what happens for stream ciphers

Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2021-11-21 16:33:44 +01:00
Max Fillinger
5fee208ff2 Make new IV and block size getters return size_t 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2021-11-21 16:33:35 +01:00
Paul Elliott
fb5fdb5007 Further documentation improvements 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-11-18 22:39:16 +00:00
Ronald Cron
28777db226
Merge pull request #4952 from xkqian/add_server_finished 
Add server finished
 2021-11-12 12:30:10 +01:00
Paul Elliott
853c0da8de Fix for pkcs12 with NULL or zero length password 
Previously passing a NULL or zero length password into either
mbedtls_pkcs12_pbe() or mbedtls_pkcs12_derive() could cause an infinate
loop, and it was also possible to pass a NULL password, with a non-zero
length, which would cause memory corruption.
I have fixed these errors, and improved the documentation to reflect the
changes and further explain what is expected of the inputs.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-11-11 19:26:37 +00:00
XiaokangQian
3306284776 Change code base on comments 
Remove client certificate verify in tests.
Change the layout of structure to fix abi_api check issues.
Add comments of Finished.
Align with the coding styles.

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-11-11 03:37:45 +00:00
XiaokangQian
d6d234f698 Solve the ABI_API check issue for mbedtls_ssl_session 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-11-11 02:22:12 +00:00
Max Fillinger
f057893035 Allow checking variable IV/key size in cipher_info 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2021-11-10 14:20:50 +01:00
Max Fillinger
3a782a0fe4 Add IV and block size getters for cipher_info 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2021-11-10 14:20:38 +01:00
Manuel Pégourié-Gonnard
087f04783d
Merge pull request #5076 from mstarzyk-mobica/psa_ccm_no_tag 
PSA CCM*-no-tag
 2021-11-10 10:18:55 +01:00
XiaokangQian
c5c39d5800 Change code for styles and comments .etc 
Remove useless code in union.
Rename functions and parameters.
Move definitions into othe files.

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-11-10 01:47:23 +00:00
XiaokangQian
1aef02ee20 Fix initialized issues and remove useless code 
Fix the variable not inialized issue, remove the client
certificate related code, remove early data related code.

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-11-10 01:47:23 +00:00
XiaokangQian
f13c56032f Revert some changes about tls13 and macros 
There is one PR #4988 to change it in the future

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-11-10 01:47:23 +00:00
XiaokangQian
a763498490 Change code based on commetns 
Focus on the code style, naming rule,etc.

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-11-10 01:47:23 +00:00
XiaokangQian
aa5f5c1f5d TLS1.3: Add server finish processing in client side 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-11-10 01:47:22 +00:00
Gabor Mezei
642eeb2879
Fix documentation and comments 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-11-03 16:13:32 +01:00
Manuel Pégourié-Gonnard
0dbe1dfa1c
Merge pull request #4859 from brett-warren-arm/supported_groups 
Add mbedtls_ssl_conf_groups to API
 2021-11-02 10:49:09 +01:00
Manuel Pégourié-Gonnard
4313d3ac87
Merge pull request #5010 from gilles-peskine-arm/psa-rsa-pss_any_salt 
PSA: fix salt length for PSS verification
 2021-10-29 16:36:36 +02:00
Brett Warren
e0edc8407b Add mbedtls_ssl_conf_groups to API 
mbedtls_ssl_conf_groups allows supported groups for key
sharing to be configured via their IANA NamedGroup ID.

This is added in anticipation of PQC and Hybrid key
sharing algorithms being integrated into Mbed TLS.

mbedtls_ssl_conf_curves is deprecated in favor of
mbedtls_ssl_conf_groups. handshake_init has been
modified to translate and copy curves configured
via conf_curves into a heap allocatied array of
NamedGroup IDs. This allows the refactoring of code
interacting with conf_curve related variables (such
as curve_list) to use NamedGroup IDs while retaining
the deprecated API.

Signed-off-by: Brett Warren <brett.warren@arm.com>
 2021-10-29 11:27:00 +01:00
Manuel Pégourié-Gonnard
136819fe6e
Merge pull request #4959 from gilles-peskine-arm/psa-add-aria 
Add ARIA to the PSA API
 2021-10-29 09:38:06 +02:00
Mateusz Starzyk
a706e5e317 Add missing cipher mode translations for PSA 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-10-28 17:59:06 +02:00
Brett Warren
36b70b2a4e Change MBEDTLS_ECP_DP_MAX to 14 
Signed-off-by: Brett Warren <brett.warren@arm.com>
 2021-10-28 16:00:13 +01:00
XiaokangQian
7b2d4efee8 Change the buffer boundary check and alert type 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-10-28 01:49:37 +00:00
XiaokangQian
2d5c72be0b TLS1.3: Add Encrypted Extensions 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-10-28 01:49:37 +00:00
Mateusz Starzyk
7de19ddaf5 Remove invalid comments in CCM API 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-10-27 11:25:08 +02:00
Mateusz Starzyk
4cb9739038 Use separate MBEDTLS_MODE for the CCM*. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-10-27 10:42:31 +02:00
Gilles Peskine
4fa0725936
Merge pull request #5002 from mstarzyk-mobica/psa_output_buffer_limitation 
Remove output buffer limitation for PSA with GCM.
 2021-10-25 19:37:33 +02:00
Aaron Erhardt
9bb56dc6be Add return info to sha256 docs 
Signed-off-by: Aaron Erhardt <aaron.erhardt@t-online.de>
 2021-10-22 22:05:10 +02:00
Aaron Erhardt
a5a2399cb0 Remove mode param from AES-CTR docs 
Signed-off-by: Aaron Erhardt <aaron.erhardt@t-online.de>
 2021-10-22 22:05:04 +02:00
Mateusz Starzyk
30bd7fa607 Change error code for MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-10-22 10:33:32 +02:00
Mateusz Starzyk
bb2ced33dd Ignore plaintext length for CCM*-no-tag. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-10-21 11:33:37 +02:00
Brett Warren
9e98573ca2 fix build fail with MBEDTLS_DEPRECATED 
When deprecated functions are allowed

Signed-off-by: Brett Warren <brett.warren@arm.com>
 2021-10-20 23:33:15 +01:00
Brett Warren
3a96d09898 export MBEDTLS_DEPRECATED from platform_util.h 
Since there are no longer any alternative
MBEDTLS_DEPRECATED definitions in the codebase,
MBEDTLS_DEPRECATED can now be exported without breaking
anything.

Signed-off-by: Brett Warren <brett.warren@arm.com>
 2021-10-20 23:33:15 +01:00
Gabor Mezei
90437e3762
Rename constant-time functions to have mbedtls_ct prefix 
Rename functions to better suite with the module name.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-20 11:59:27 +02:00
Gabor Mezei
53dd04c13b
Remove unneeded include 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-20 11:19:16 +02:00
Gabor Mezei
765862c4f3
Move mbedtls_cf_memcmp to a new public header 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-19 12:22:25 +02:00
Gilles Peskine
6210320215
Merge pull request #4989 from AndrzejKurek/remove-ssl-export-keys 
Remove MBEDTLS_SSL_EXPORT_KEYS, making it always on
 2021-10-18 17:53:56 +02:00
Gilles Peskine
2bb5e9c973
Merge pull request #4760 from gilles-peskine-arm/ecb-alt-ret-3.0 
Catch failures of mbedtls_aes_crypt_ecb and its DES equivalents
 2021-10-14 12:11:20 +02:00
Ronald Cron
e23bba04ee
Merge pull request #4927 from yuhaoth/pr/add-tls13-serverhello-utils 
TLS 1.3: ServerHello: add  utils functions used by ServerHello
Regarding the merge job, there was only one of the failure we currently encounter on almost all PR (Session resume using tickets, DTLS: openssl client test case see #5012) thus we can consider that this PR passed CI.
 2021-10-11 11:01:11 +02:00
Gilles Peskine
09c46da27e Implement PSA_WANT_KEY_TYPE_ARIA 
Follow what has been done for CAMELLIA.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-08 15:48:16 +02:00
Jerry Yu
88b756bacb move tls1_3 max md size 
It should be internal definition

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 18:41:38 +08:00
Jerry Yu
d1ab262844 define max md size for tls1_3 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 16:19:24 +08:00
Jerry Yu
ae0b2e2a2f Rename counter_len 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 15:40:14 +08:00
Gilles Peskine
44c96aa046 Support PSA_ALG_RSA_PSS_ANY_SALT iff PSA_ALG_RSA_PSS is supported 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-05 14:26:25 +02:00
Mateusz Starzyk
f28261fc14 Remove output buffer limitation for PSA with GCM. 
The requirement of minimum 15 bytes for output buffer in
psa_aead_finish() and psa_aead_verify() does not apply
to the built-in implementation of the GCM.

Alternative implementations are expected to verify the
length of the provided output buffers and to return
the MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL in case the
buffer length is too small.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-10-04 13:54:54 +02:00
Gilles Peskine
023aa11760
Merge pull request #4996 from mprse/mbedtls_cipher_setup_psa_ECB 
Fix test gap: mbedtls_cipher_setup_psa() with ECB
 2021-10-01 14:49:10 +02:00
Gilles Peskine
2aefc9ef2e Fix typo in comment 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-09-30 20:34:53 +02:00