Gilles Peskine
cac5536b45
Merge pull request #3823 from gabor-mezei-arm/3818_MBEDTLS_AES_SETKEY_DEC_ALT_excludes_MBEDTLS_CIPHER_MODE_XTS
...
Make the aes xts methods independent from MBEDTLS_AES_SETKEY_DEC_ALT
2020-11-09 20:44:08 +01:00
Gilles Peskine
e3994d7269
Merge pull request #3836 from bensze01/ecb_iv_fix
...
Do not set iv size for ECB mode ciphers
2020-11-06 18:00:50 +01:00
Bence Szépkúti
a8e40ddfc9
Do not set IV size for ECB mode ciphers
...
ECB mode ciphers do not use IVs
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2020-11-06 09:40:21 +01:00
Janos Follath
46f35849b1
Merge pull request #3845 from d3zd3z/fix3801
...
cmake: Avoid using target_properties for old cmake
2020-11-05 11:56:45 +00:00
Gilles Peskine
6b87993142
Merge pull request #3609 from gilles-peskine-arm/aes-zeroize-less
...
Remove a useless zeroization
2020-11-04 23:43:35 +01:00
Ronald Cron
efcf52d521
Merge pull request #3614 from gilles-peskine-arm/ssl-opt-gnutls-printf-development
...
Fix printf escape errors in shell scripts
2020-11-04 17:55:42 +01:00
David Brown
381c1078fc
cmake: Avoid using target_properties for old cmake
...
CMake versions less than 3.0 do not support the `target_sources`
command. In order to be able to support v2.8.12.2 of cmake, directly
set the SOURCES property instead of using the target_sources command.
A future patch could reverse this, if the project decides to forgo
support for cmake versions less than 3.0.
Fixes #3801
Signed-off-by: David Brown <david.brown@linaro.org>
2020-11-03 15:38:38 -07:00
Gilles Peskine
db6e33e12a
Merge pull request #3826 from frestr/test/chachapoly_vector
...
PSA Crypto: Add zero-length input test vectors for ChaChaPoly
2020-11-03 23:17:00 +01:00
Gilles Peskine
a455e71588
Merge pull request #3780 from stevew817/feature/validate_key_in_driver
...
Add validate_key hooks and tests
2020-11-02 11:37:42 +01:00
Steven Cooreman
40120f6b76
Address review comments
...
* zero key buffer on failure
* readability improvements
* psa_finish_key_creation adjustment after removing import_key_into_slot
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-10-30 10:20:01 +01:00
Gilles Peskine
52f32c913e
Merge pull request #3787 from bensze01/iv_nonce_size
...
PSA: Add support macros for IV/nonce sizes
2020-10-30 09:45:11 +01:00
Gilles Peskine
2da4292dc1
Merge pull request #3790 from peter-toft-greve/development
...
Add fix for cmake control of CMAKE_BUILD_TYPE only if mbedtls is the root project
2020-10-30 09:44:29 +01:00
Gilles Peskine
868906cd06
Merge pull request #3235 from jeannotlapin/pr1813
...
Add Dtls Srtp support (RFC5764)
2020-10-29 22:21:56 +01:00
Steven Cooreman
162ec8758f
Detecting bit size is no longer required
...
Storage format has been changed to always store the key's bit size
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-10-29 12:04:31 +01:00
Steven Cooreman
c4813a6e80
Rename 'keygen' to 'key management'
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-10-29 12:04:31 +01:00
Bence Szépkúti
423d3e7fcf
Update support macros for IV/nonce sizes
...
This commit defines the following new macros added to the PSA Crypto API
between versions 1.0 beta 3 and 1.0.0 final:
PSA_AEAD_NONCE_LENGTH
PSA_AEAD_NONCE_MAX_SIZE
PSA_CIPHER_IV_LENGTH
PSA_CIPHER_IV_MAX_SIZE
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2020-10-29 11:07:39 +01:00
Johan Pascal
5fbe9e7ac0
remove useless parentheses
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 10:50:54 +01:00
Johan Pascal
c3ccd98a91
Check transport in the extension parser/writer
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:50 +01:00
Johan Pascal
5ef72d214f
Style and typos
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:50 +01:00
Johan Pascal
2258a4f481
Do not return a structure, use a return parameter
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:50 +01:00
Johan Pascal
0dbcd1d3f0
Make API safer
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:50 +01:00
Johan Pascal
275874bc47
Fix previous commit
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:50 +01:00
Johan Pascal
20c7db3a67
API modified so server side can get mki value
...
+ client side discards self mki if server does not support it
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:50 +01:00
Johan Pascal
adbd9449ec
More minor fix
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:50 +01:00
Johan Pascal
76fdf1d60e
Minor fix and improvements
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:50 +01:00
Johan Pascal
104031547f
style
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:50 +01:00
Johan Pascal
9bc50b0122
Test check the key material exported match
...
- include interop with openssl client
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:50 +01:00
Johan Pascal
39cfd3b96e
interop test: openssl generate the DTLS-SRTP keys
...
Missing a command in the test script to compare with peer's output
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:50 +01:00
Johan Pascal
d387aa0586
style + missing cast
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:50 +01:00
Johan Pascal
842d671316
Update include/mbedtls/config.h
...
Co-authored-by: Hanno Becker <hanno.becker@arm.com>
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
77696eedac
Add bound check in the client ssl_write_use_srtp_ext
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
aae4d22b16
Improve code readability
...
+micro optimization
+style
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
e79c1e8121
style
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
a455cd9a47
mbedtls_ssl_get_srtp_profile_as_string declared and defined in ssl.h
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
f6417ecf60
mki length feats in a uint16_t
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
253d0263a6
set protection profile API gets a MBEDTLS_TLS_SRTP_UNSET terminated list
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
43f9490a52
SRTP profiles definition use macros only
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
4f099264b5
use_srtp extension shall not interfere in the handshake settings
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
d576fdb1d6
Style + fix bound check in write_use_srt_ext
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
9bc97ca19d
SRTP-DTLS protection profile configuration list not copied into ssl_config
...
+ improve test
+ minor style fix
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
8f70fba988
Check the server hello output buffer size when writing the use_srtp ext
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
042d456832
Improve client Hello use_srtp parsing
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
a89ca8679f
The client shall not enforce the use of client certificate with use_srtp extension
...
This is server's task to request it if needed
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
8526957cd5
Minor style modifications
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
48f62e98a8
Fix ssl_client2 after rebase
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
1d957e61eb
Fix build warning
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
b64eab7656
fix style
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Johan Pascal
44c0a0a60a
Stick to ChangeLog rules
...
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Ron Eldor
8f284c1b05
Add the SRTP configuration to query_config
...
Add the DTLS_SRTP configuration to `query_config`.
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Ron Eldor
65b56ef87f
Change key derivation for srtp
...
Use the export keys functionality, to call the public API
`mbedtls_ssl_tls_prf()`, and remove the function
`mbedtls_ssl_get_dtls_srtp_key_material()`.
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00