Andrzej Kurek
7ad75b6a22
Increase the min hs timeout in one of the ssl_opt tests
...
This triggered some spurious CI failure, where
the network is flaky. Increasing the min value,
leaving the max at the same distance should
account for this.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2021-01-14 06:17:40 -05:00
Andrzej Kurek
5ef12c0cbc
Merge pull request #4016 from AndrzejKurek/baremetal-ci-spurious-resend
...
Fix spurious resend in one of the ssl-opt.sh tests.
2021-01-13 21:58:49 +01:00
Andrzej Kurek
95b87f32f6
Increase the min hs timeout in one of the ssl_opt tests
...
This triggered some spurious CI failure, where
the network is flaky. Increasing the min value,
leaving the max at the same distance should
account for this.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2021-01-12 07:49:41 -05:00
Andrzej Kurek
d7073d9290
Merge pull request #3979 from AndrzejKurek/coverity-seg-fault-context
...
Fix the usage of ssl context after its nullified
2021-01-05 12:47:41 +01:00
Andrzej Kurek
ffe07bf020
Merge pull request #3977 from AndrzejKurek/fi-missing-volatile
...
FI variables missing 'volatile'
2021-01-05 12:05:52 +01:00
Andrzej Kurek
42ed2d3c59
Fix the usage of ssl context after its nullified
...
Previously, it was possible to access a null pointer
even though the given configuration should work.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2021-01-04 09:36:53 -05:00
Andrzej Kurek
17c3531b4b
Add missing volatile identifiers before fi-related variables
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-31 09:56:42 -05:00
Andrzej Kurek
165564de07
Merge pull request #3946 from AndrzejKurek/optimized-key-exchange
...
Key exchange optimizations
2020-12-23 20:03:17 +01:00
Andrzej Kurek
5d3d2327ce
Introduce additional fault injection protection to ssl_cli.c
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-23 03:45:53 -05:00
Andrzej Kurek
25997053a8
Introduce FI protection to ssl client handshake step handling
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-23 03:34:24 -05:00
Andrzej Kurek
ad3c4ffb56
Add an "SSL" infix to MBEDTLS_DELAYED_SERVER_CERT_VERIFICATION
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-21 08:11:36 -05:00
Andrzej Kurek
6b5c9a3744
Add an "SSL" infix to MBEDTLS_EARLY_KEY_COMPUTATION
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-21 08:02:59 -05:00
Andrzej Kurek
4f5549f595
Add an "SSL" infix to MBEDTLS_IMMEDIATE_TRANSMISSION
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-21 07:56:57 -05:00
Andrzej Kurek
df6e684460
Add a valgrind test for baremetal config
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-21 07:45:43 -05:00
Andrzej Kurek
0719b3c129
Add output flushing after each message transmission
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-19 17:15:52 -05:00
Andrzej Kurek
e6c3aa7e7b
Fix minor issues and clean up the code
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-18 15:06:42 -05:00
Andrzej Kurek
e2134ed4b1
Fix certificate management when freeing handshake
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-18 11:23:19 -05:00
Shelly Liberman
a981a9605d
Merge pull request #3961 from shelib01/random_buf_fix
...
fix flow control check
2020-12-16 10:35:22 +02:00
Andrzej Kurek
38c7f2d32f
Refactor the immediate transmission feature
...
The original way or handling it did not cover
message fragmentation or retransmission.
Now, the messages are always appended
to the flight and sent immediately, using
the same function as normal flight
transmission.
Moreover, epoch handling is different for this feature,
with a possibility to perform the usual retransmission
using previous methods.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 18:17:31 -05:00
Andrzej Kurek
d886d9f93c
Fix freeing uninitialized fields from the ssl context
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Andrzej Kurek
9627202d3a
Move MBEDTLS_DELAYED_SERVER_CERT_VERIFICATION to baremetal config
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Andrzej Kurek
5ac3a50924
DTLS: disable datagram packing tests when immediate transmission is on
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Andrzej Kurek
c3dde3f2f9
Fix unreachable code error
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Andrzej Kurek
52e08cbcb2
Fix unused parameters and ifdefs
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Andrzej Kurek
777d4217f1
Fix define and function names to conform to Mbed TLS rules
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Andrzej Kurek
b22e64045b
Update generated files
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Andrzej Kurek
131512440e
Move the new config optimization defines to be optional
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Hannes Tschofenig
32846c62ac
Moving the ecdhe_computed variable into the handshake structure
2020-12-15 12:50:37 +01:00
Hannes Tschofenig
34630562cd
Making sure that the ECDHE pre-computation is only done once.
2020-12-15 12:33:45 +01:00
Shelly Liberman
699aebecb9
fix flow control check
...
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
2020-12-14 18:57:52 +02:00
Andrzej Kurek
cee7ee86af
Merge pull request #3956 from shelib01/aes_masking_fix
...
AES masking bug fix
2020-12-14 09:37:12 +01:00
Shelly Liberman
51701bb4af
aes masking bug fix
...
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
2020-12-13 18:32:09 +02:00
Andrzej Kurek
25d0202ac5
Merge pull request #3941 from AndrzejKurek/tinycrypt-ecdsa-signature
...
Add ECDSA signature generation tests to tinycrypt
2020-12-08 06:18:33 -05:00
Andrzej Kurek
3e80b1a657
Fix compilation errors when building sign_with_k test function
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-07 08:54:50 -05:00
Hannes Tschofenig
c162895030
Add call to mbedtls_x509_crt_free()
2020-12-07 11:04:09 +01:00
Andrzej Kurek
bef771bf50
Add ECDSA signature generation tests to tinycrypt
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-04 09:54:11 -05:00
Andrzej Kurek
fca6731ddd
Merge pull request #3934 from AndrzejKurek/tinycrypt-ecdsa-test-vectors
...
Add NIST CAVP FIPS 186-4 test vectors for tinycrypt ecdsa
2020-12-04 09:47:00 -05:00
Hannes Tschofenig
e151a3528a
Adding early ECDHE key generation to ssl_cli.c
2020-12-03 17:37:49 +01:00
Hannes Tschofenig
c34d9cf37a
Adding storage for public key to handshake_params
2020-12-03 17:37:06 +01:00
Hannes Tschofenig
77cddb3ef7
Adding early key computation config option
2020-12-03 17:36:00 +01:00
Hannes Tschofenig
3cb3db7961
Adding early key computation config check
2020-12-03 17:35:50 +01:00
Hannes Tschofenig
2279ffd2a0
Adding immediate message transmission
2020-12-03 15:52:35 +01:00
Hannes Tschofenig
dfa4bae320
Adding immediate transmission option
2020-12-03 15:49:35 +01:00
Hannes Tschofenig
cb6410c67d
Wrapper function for calling parse_certificate_verify
2020-12-03 15:48:55 +01:00
Hannes Tschofenig
635f86874f
Adding delayed server cert verification to client state machine
2020-12-03 15:48:32 +01:00
Hannes Tschofenig
4f8c88312c
Adding wrapper function for certificate verification function
2020-12-03 15:48:12 +01:00
Hannes Tschofenig
f336c7ea71
Adding delayed server cert verification config option
2020-12-03 15:47:47 +01:00
Hannes Tschofenig
c7f6d7f75c
Making sure that keep peer certificate option is set when server cert verification is used.
2020-12-03 15:47:31 +01:00
Andrzej Kurek
bbd1c38ad6
Add NIST CAVP FIPS 186-4 test vectors for tinycrypt ecdsa
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-02 11:44:54 -05:00
Andrzej Kurek
b0b1cdc059
Merge pull request #3932 from AndrzejKurek/tinycrypt-ecdh-test-vectors
...
Tinycrypt - ecdh test vectors
2020-12-02 11:43:35 -05:00