TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / b6163ef175588c88e36f89c55f9f362ab7aa0da1 / library / ssl_tls.c
  1. b6163ef Document internal serialisation format by Manuel Pégourié-Gonnard · 6 years ago
  2. 569ed6b Implement usage checks in context_save() by Manuel Pégourié-Gonnard · 6 years ago
  3. a3024ee Save Hello random bytes for later use by Manuel Pégourié-Gonnard · 6 years ago
  4. feb1cee Merge remote-tracking branch 'origin/pr/602' into baremetal by Simon Butcher · 6 years ago
  5. c1096e7 Allow hardcoding single supported elliptic curve by Hanno Becker · 6 years ago
  6. ee24f8c Remove unnecessary check for presence of supported EC list by Hanno Becker · 6 years ago
  7. a4a9c69 Introduce helper macro for traversal of supported EC TLS IDs by Hanno Becker · 6 years ago
  8. 33b9b25 Remove SSL version configuration API if versions are hardcoded by Hanno Becker · 6 years ago
  9. 0a92b81 Remove mbedtls_ssl_transform::minor_ver if the version is hardcoded by Hanno Becker · 6 years ago
  10. 7b628e5 Make mbedtls_ssl_read/write_version static inline by Hanno Becker · 6 years ago
  11. 2881d80 Introduce getter function for max/min SSL version by Hanno Becker · 6 years ago
  12. e965bd3 Allow hardcoding of min/max minor/major SSL version at compile-time by Hanno Becker · 6 years ago
  13. fabfb85 Merge remote-tracking branch 'origin/pr/603' into baremetal by Simon Butcher · 6 years ago
  14. 14a4a44 Remove mbedtls_ssl_conf_dbg() if !MBEDTLS_DEBUG_C by Hanno Becker · 6 years ago
  15. 272063a Don't store debug func ptr cb + ctx in SSL config if !DEBUG_C by Hanno Becker · 6 years ago
  16. 73f4cb1 Rename XXX_SINGLE_CIPHERSUITE -> XXX_CONF_SINGLE_CIPHERSUITE by Hanno Becker · 6 years ago
  17. e02758c Remove ciphersuite from SSL session if single suite hardcoded by Hanno Becker · 6 years ago
  18. 6ace465 Remove ciphersuite from SSL config if single suite hardcoded by Hanno Becker · 6 years ago
  19. df64596 Remove ciphersuite from handshake params if single suite hardcoded by Hanno Becker · 6 years ago
  20. 473f98f Introduce ciphersuite handle type by Hanno Becker · 6 years ago
  21. 5455afd Merge pull request #599 from ARMmbed/baremetal-ec-preparation by Manuel Pégourié-Gonnard · 6 years ago
  22. d3b2fcb Don't store client-supported ECs in heap-allocated buffer by Hanno Becker · 6 years ago
  23. 0ae6b24 Allow compile-time configuration of timer callbacks by Hanno Becker · 6 years ago
  24. a58a896 Allow compile-time configuration of I/O function pointers by Hanno Becker · 6 years ago
  25. ece325c Allow compile-time configuration of PRNG in SSL module by Hanno Becker · 6 years ago
  26. b391766 Fix unused variable that happened during merge by Manuel Pégourié-Gonnard · 6 years ago
  27. de8869c Merge remote-tracking branch 'restricted/pr/608' into baremetal-proposed by Manuel Pégourié-Gonnard · 6 years ago
  28. 44ba6b0 Merge remote-tracking branch 'restricted/pr/594' into baremetal-proposed by Manuel Pégourié-Gonnard · 6 years ago
  29. 37261e6 Merge remote-tracking branch 'restricted/pr/601' into baremetal-proposed by Manuel Pégourié-Gonnard · 6 years ago
  30. 417d2ce Merge remote-tracking branch 'restricted/pr/584' into baremetal-proposed by Manuel Pégourié-Gonnard · 6 years ago
  31. c2cfdaa Allow config'n of incl of CertificateReq CA list Y/N at compile-time by Hanno Becker · 6 years ago
  32. 2d9623f Allow configuration of endpoint (cli/srv) at compile-time by Hanno Becker · 6 years ago
  33. 1f835fa Allow configuration of read timeouts at compile-time by Hanno Becker · 6 years ago
  34. e0200da Allow configuration of ConnectionID at compile-time by Hanno Becker · 6 years ago
  35. b0b2b67 Allow compile-time configuration of legacy renegotiation by Hanno Becker · 6 years ago
  36. acd4fc0 Allow compile-time configuration of authentication mode by Hanno Becker · 6 years ago
  37. de67154 Allow compile-time configuration of DTLS badmac limit by Hanno Becker · 6 years ago
  38. 7b80c64 Fix compile-time guard for optional field in struct by Manuel Pégourié-Gonnard · 6 years ago
  39. 29f2dd0 Address review comments by Jarno Lamsa · 6 years ago
  40. 59bd12b Add new config MBEDTLS_SSL_SESSION_RESUMPTION by Jarno Lamsa · 6 years ago
  41. 7be1406 Add config MBEDTLS_SSL_SESSION_CACHE by Jarno Lamsa · 6 years ago
  42. abd929c Merge branch 'mbedtls-2.16' into baremetal-2.16-01_07_19 by Hanno Becker · 6 years ago
  43. 2224ccf Don't use assertion for failures of mbedtls_x509_crt_x_acquire() by Hanno Becker · 6 years ago
  44. c6d1c3e Remove frame/pk parameter from mbedtls_x509_crt_xxx_release() by Hanno Becker · 6 years ago
  45. 8c13ee6 Make use of CRT acquire/release in ssl_parse_certificate_verify() by Hanno Becker · 6 years ago
  46. 7f376f4 Allow compile-time configuration of DTLS anti replay by Hanno Becker · 6 years ago
  47. f765ce6 Remove ExtendedMS configuration API if hardcoded at compile-time by Hanno Becker · 6 years ago
  48. a49ec56 Introduce getter function for `extended_ms` field in HS struct by Hanno Becker · 6 years ago
  49. aabbb58 Exemplify harcoding SSL config at compile-time in example of ExtMS by Hanno Becker · 6 years ago
  50. 393338c Merge pull request #586 from ARMmbed/remove_peer_crt_after_handshake_no_digest-baremetal by Manuel Pégourié-Gonnard · 6 years ago
  51. 79cf74a Merge pull request #583 from ARMmbed/remove_peer_crt_after_handshake-baremetal by Manuel Pégourié-Gonnard · 6 years ago
  52. cc3b7cc Merge pull request #579 from Patater/bm-dont-use-non-existent-encrypt-then-mac by Manuel Pégourié-Gonnard · 6 years ago
  53. 7f132cc Merge remote-tracking branch 'origin/pr/2714' into mbedtls-2.16 by Jaeden Amero · 6 years ago
  54. 16529b2 ssl_tls: Enable Suite B with subset of ECP curves by Jaeden Amero · 6 years ago
  55. 5882dd0 Remove CRT digest from SSL session if !RENEGO + !KEEP_PEER_CERT by Hanno Becker · 6 years ago
  56. 0528f82 Clarify documentation of serialized session format by Hanno Becker · 6 years ago
  57. 17daaa5 Move return statement in ssl_srv_check_client_no_crt_notification by Hanno Becker · 6 years ago
  58. 2326d20 Validate consistency of certificate hash type and length in session by Hanno Becker · 6 years ago
  59. fd5dc8a Fix unused variable warning in ssl_parse_certificate_coordinate() by Hanno Becker · 6 years ago
  60. 42de8f8 Fix typo in documentation of ssl_parse_certificate_chain() by Hanno Becker · 6 years ago
  61. 9d64b78 Set peer CRT length only after successful allocation by Hanno Becker · 6 years ago
  62. 257ef65 Remove question in comment about verify flags on cli vs. server by Hanno Becker · 6 years ago
  63. 34106f6 Free peer CRT chain immediately after verifying it by Hanno Becker · 6 years ago
  64. 0cc7af5 Parse peer's CRT chain in-place from the input buffer by Hanno Becker · 6 years ago
  65. 1757247 Correct compile-time guards for ssl_clear_peer_cert() by Hanno Becker · 6 years ago
  66. bfab9df Guard mbedtls_ssl_get_peer_cert() by new compile-time option by Hanno Becker · 6 years ago
  67. 81d11aa Adapt mbedtls_ssl_parse_certificate() to removal of peer_cert field by Hanno Becker · 6 years ago
  68. 5062897 Adapt ssl_clear_peer_cert() to removal of `peer_cert` field by Hanno Becker · 6 years ago
  69. d5258fa Adapt mbedtls_ssl_session_copy() to removal of `peer_cert` field by Hanno Becker · 6 years ago
  70. cf291d6 Make a copy of peer's raw public key after verifying its CRT chain by Hanno Becker · 6 years ago
  71. 3bf8cdf Add field for peer's raw public key to TLS handshake param structure by Hanno Becker · 6 years ago
  72. 2e6d347 Remove peer CRT from mbedtls_ssl_session if !KEEP_PEER_CERT by Hanno Becker · 6 years ago
  73. 4a2f8e5 Add peer CRT digest to session tickets by Hanno Becker · 6 years ago
  74. e4aeb76 Parse and verify peer CRT chain in local variable by Hanno Becker · 6 years ago
  75. df75938 Mitigate triple handshake attack by comparing digests only by Hanno Becker · 6 years ago
  76. 3008d28 Compute digest of peer's end-CRT in mbedtls_ssl_parse_certificate() by Hanno Becker · 6 years ago
  77. 9fb6e2e Extend mbedtls_ssl_session by buffer holding peer CRT digest by Hanno Becker · 6 years ago
  78. 58fccf2 Give ssl_session_copy() external linkage by Hanno Becker · 6 years ago
  79. 35e4177 Allow passing any X.509 CRT chain to ssl_parse_certificate_chain() by Hanno Becker · 6 years ago
  80. 3cf5061 Introduce helper function for peer CRT chain verification by Hanno Becker · 6 years ago
  81. a7c1df6 Don't progress TLS state machine on peer CRT chain parsing error by Hanno Becker · 6 years ago
  82. 6b9a6f3 Add helper function to check whether a CRT msg is expected by Hanno Becker · 6 years ago
  83. 5097cba Introduce helper function to determine whether suite uses server CRT by Hanno Becker · 6 years ago
  84. b71e90a Use helper macro to detect whether some ciphersuite uses CRTs by Hanno Becker · 6 years ago
  85. 613d490 Unify state machine update in mbedtls_ssl_parse_certificate() by Hanno Becker · 6 years ago
  86. a46c287 Clear peer's CRT chain outside before parsing new one by Hanno Becker · 6 years ago
  87. b8a0857 Introduce helper to check for no-CRT notification from client by Hanno Becker · 6 years ago
  88. 8794fd9 Introduce CRT counter to CRT chain parsing function by Hanno Becker · 6 years ago
  89. 2214159 Introduce helper function to clear peer CRT from session structure by Hanno Becker · 6 years ago
  90. 933b9fc Break overly long line in definition of mbedtls_ssl_get_session() by Hanno Becker · 6 years ago
  91. 1332f35 Don't reuse CRT from initial handshake during renegotiation by Hanno Becker · 6 years ago
  92. f2ef573 Merge remote-tracking branch 'origin/pr/598' into baremetal by Simon Butcher · 6 years ago
  93. 889bbc7 Fix unreachable code warnings with armc5 by Manuel Pégourié-Gonnard · 6 years ago
  94. cc71c77 Fix typos, grammar and wording in documentation by Manuel Pégourié-Gonnard · 6 years ago
  95. d87601e Declare and document ssl_context_save()/load() by Manuel Pégourié-Gonnard · 6 years ago
  96. c725e4b Merge remote-tracking branch 'origin/pr/590' into baremetal by Simon Butcher · 6 years ago
  97. 01a8eb2 Merge remote-tracking branch 'origin/pr/585' into baremetal by Simon Butcher · 6 years ago
  98. ec1c222 Fix a few style issues by Manuel Pégourié-Gonnard · 6 years ago
  99. 8794a42 Clarify a few more comments and documentation by Manuel Pégourié-Gonnard · 6 years ago
  100. 18b9a49 Disable the enforce flag by default by Jarno Lamsa · 6 years ago