TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / cf28009839be2bc5f9ed2de1f68180d71c64a3a1 / library / ssl_tls.c
  1. cf28009 Add function to retrieve the tls_prf type by Ron Eldor · 6 years ago
  2. 51d3ab5 Add public API for tls_prf by Ron Eldor · 6 years ago
  3. b7fd64c Add eap-tls key derivation in the examples. by Ron Eldor · 6 years ago
  4. f5cc10d Add an extra key export function by Ron Eldor · 6 years ago
  5. 3b35085 Have the temporary buffer allocated dynamically by Ron Eldor · 6 years ago
  6. a9f9a73 Zeroize secret data in the exit point by Ron Eldor · 6 years ago
  7. e699270 Add a single exit point in key derivation function by Ron Eldor · 6 years ago
  8. 1f10d76 Fix uninitialized variable access in debug output of record enc/dec by Hanno Becker · 6 years ago
  9. 22bf145 Adapt PSA code to ssl_transform changes by Hanno Becker · 6 years ago
  10. 78f839d Adapt record length value after encryption by Hanno Becker · 6 years ago
  11. b2ca87d Rename ssl_decrypt_buf() to mbedtls_ssl_decrypt_buf() in comment by Hanno Becker · 7 years ago
  12. 29800d2 Double check that record expansion is as expected during decryption by Hanno Becker · 7 years ago
  13. 1c0c37f Move debugging output after record decryption by Hanno Becker · 7 years ago
  14. a18d132 Add tests for record encryption/decryption by Hanno Becker · 8 years ago
  15. d56ed24 Reduce size of `ssl_transform` if no MAC ciphersuite is enabled by Hanno Becker · 8 years ago
  16. 8031d06 Remove code from `ssl_derive_keys` if relevant modes are not enabled by Hanno Becker · 8 years ago
  17. 2e24c3b Provide standalone version of `ssl_decrypt_buf` by Hanno Becker · 8 years ago
  18. 9eddaeb Provide standalone version of `ssl_encrypt_buf` by Hanno Becker · 8 years ago
  19. 52344c2 Correct space needed for MAC in case of NULL cipher by Hanno Becker · 8 years ago
  20. e694c3e Remove ciphersuite_info from ssl_transform by Hanno Becker · 8 years ago
  21. 88aaf65 Remove key length field from ssl_transform by Hanno Becker · 8 years ago
  22. 7a1c4eb Merge remote-tracking branch 'origin/pr/2567' into development by Jaeden Amero · 6 years ago
  23. fe71067 Merge remote-tracking branch 'origin/pr/2539' into development by Jaeden Amero · 6 years ago
  24. 4c8c7aa Don't use debug level 1 for informational messages by Hanno Becker · 6 years ago
  25. efb440a Add test exercising context-specific CRT callback to ssl-opt.sh by Hanno Becker · 6 years ago
  26. 8927c83 Implement context-specific verification callbacks by Hanno Becker · 6 years ago
  27. 9822c0d Fix name to function call by Jarno Lamsa · 6 years ago
  28. afd0b0a Make use of CA callback if present when verifying peer CRT chain by Hanno Becker · 6 years ago
  29. 5adaad9 Add X.509 CA callback to SSL configuration and implement setter API by Hanno Becker · 6 years ago
  30. 84d9d27 Fix unused variable warning in ssl_parse_certificate_coordinate() by Hanno Becker · 6 years ago
  31. 353a6f0 Fix typo in documentation of ssl_parse_certificate_chain() by Hanno Becker · 6 years ago
  32. accc599 Set peer CRT length only after successful allocation by Hanno Becker · 6 years ago
  33. 3acc9b9 Remove question in comment about verify flags on cli vs. server by Hanno Becker · 6 years ago
  34. 6b8fbab Free peer CRT chain immediately after verifying it by Hanno Becker · 6 years ago
  35. 0056eab Parse peer's CRT chain in-place from the input buffer by Hanno Becker · 6 years ago
  36. b9d4479 Correct compile-time guards for ssl_clear_peer_cert() by Hanno Becker · 6 years ago
  37. e682457 Guard mbedtls_ssl_get_peer_cert() by new compile-time option by Hanno Becker · 6 years ago
  38. b6c5eca Adapt mbedtls_ssl_parse_certificate() to removal of peer_cert field by Hanno Becker · 6 years ago
  39. 13c327d Adapt ssl_clear_peer_cert() to removal of `peer_cert` field by Hanno Becker · 6 years ago
  40. 6d1986e Adapt mbedtls_ssl_session_copy() to removal of `peer_cert` field by Hanno Becker · 6 years ago
  41. a274753 Make a copy of peer's raw public key after verifying its CRT chain by Hanno Becker · 6 years ago
  42. 7517312 Add field for peer's raw public key to TLS handshake param structure by Hanno Becker · 6 years ago
  43. 3dad311 Parse and verify peer CRT chain in local variable by Hanno Becker · 6 years ago
  44. 177475a Mitigate triple handshake attack by comparing digests only by Hanno Becker · 6 years ago
  45. 6bbd94c Compute digest of peer's end-CRT in mbedtls_ssl_parse_certificate() by Hanno Becker · 6 years ago
  46. 9198ad1 Extend mbedtls_ssl_session by buffer holding peer CRT digest by Hanno Becker · 6 years ago
  47. 52055ae Give ssl_session_copy() external linkage by Hanno Becker · 6 years ago
  48. c7bd780 Allow passing any X.509 CRT chain to ssl_parse_certificate_chain() by Hanno Becker · 6 years ago
  49. 6863619 Introduce helper function for peer CRT chain verification by Hanno Becker · 6 years ago
  50. fcd9e71 Don't progress TLS state machine on peer CRT chain parsing error by Hanno Becker · 6 years ago
  51. 28f2fcd Add helper function to check whether a CRT msg is expected by Hanno Becker · 6 years ago
  52. 7177a88 Introduce helper function to determine whether suite uses server CRT by Hanno Becker · 6 years ago
  53. 2148993 Use helper macro to detect whether some ciphersuite uses CRTs by Hanno Becker · 6 years ago
  54. 6bdfab2 Unify state machine update in mbedtls_ssl_parse_certificate() by Hanno Becker · 6 years ago
  55. 7a955a0 Clear peer's CRT chain outside before parsing new one by Hanno Becker · 6 years ago
  56. 4a55f63 Introduce helper to check for no-CRT notification from client by Hanno Becker · 6 years ago
  57. a028c5b Introduce CRT counter to CRT chain parsing function by Hanno Becker · 6 years ago
  58. 1294a0b Introduce helper function to clear peer CRT from session structure by Hanno Becker · 6 years ago
  59. f852b1c Break overly long line in definition of mbedtls_ssl_get_session() by Hanno Becker · 6 years ago
  60. 60848e6 Don't reuse CRT from initial handshake during renegotiation by Hanno Becker · 6 years ago
  61. 86016a0 Merge remote-tracking branch 'origin/pr/2338' into development by Jaeden Amero · 6 years ago
  62. 461bd3d Merge remote-tracking branch 'origin/pr/2454' into development by Jaeden Amero · 6 years ago
  63. 9f47f82 Merge remote-tracking branch 'origin/pr/2391' into development by Jaeden Amero · 6 years ago
  64. 3497323 Initialize PSA Crypto operation contexts by Jaeden Amero · 6 years ago
  65. 4a63ed4 Implement ClientKeyExchange writing in PSA-based ECDHE suites by Hanno Becker · 7 years ago
  66. 46f34d0 Fix style issue and wording by Hanno Becker · 6 years ago
  67. c1e18bd Fix memory leak by Hanno Becker · 7 years ago
  68. e2734e2 Improve formatting of ssl_parse_certificate_chain() by Hanno Becker · 7 years ago
  69. 84879e3 Add compile-time guards around helper routine by Hanno Becker · 7 years ago
  70. def9bdc Don't store the peer CRT chain twice during renegotiation by Hanno Becker · 7 years ago
  71. 8a2e97c Merge development-psa commit 80b5662 into development-psa-merged branch by Andrzej Kurek · 6 years ago
  72. 80b5662 Merge remote-tracking branch 'origin/pr/2386' into development-psa by Jaeden Amero · 6 years ago archive/development-psa development-psa
  73. 65408c5 Merge remote-tracking branch 'origin/pr/2355' into development-psa by Jaeden Amero · 6 years ago
  74. de5a007 Merge development commit f352f7 into development-psa by Andrzej Kurek · 7 years ago
  75. c470b6b Merge development commit 8e76332 into development-psa by Andrzej Kurek · 7 years ago
  76. 2ad2297 ssl_tls: add psa_hash_abort when reseting checksum by Andrzej Kurek · 7 years ago
  77. 972fba5 ssl_tls: rename sha_512_psa to sha_384_psa by Andrzej Kurek · 7 years ago
  78. eb34224 ssl_tls: use PSA to compute running handshake hash for TLS 1.2 by Andrzej Kurek · 7 years ago
  79. 2d4faa6 ssl_tls: remove redundant status check by Andrzej Kurek · 7 years ago archive/iotssl-2690-tls-prf-generic iotssl-2690-tls-prf-generic
  80. 2f76075 ssl_tls: adjust to the new key policy initialization and key allocation by Andrzej Kurek · 7 years ago
  81. ac5dc34 Fix key allocation for tls_prf_generic by Andrzej Kurek · 7 years ago
  82. 3317126 ssl_tls: add missing return brackets by Andrzej Kurek · 7 years ago
  83. 70737ca ssl_tls: add key destruction upon generator failure by Andrzej Kurek · 7 years ago
  84. c929a82 Implement tls_prf_generic using the PSA API by Andrzej Kurek · 7 years ago
  85. 5615dab ssl_tls: remove line breaks from a debug message by Andrzej Kurek · 7 years ago archive/iotssl-2689-psa-tls1_2-get-key-exchange iotssl-2689-psa-tls1_2-get-key-exchange
  86. e85414e ssl-opt: add a check for PSA computation of digest of ServerKeyExchange by Andrzej Kurek · 7 years ago
  87. 814feff Whitespace, logging and documentation fixes by Andrzej Kurek · 7 years ago
  88. d6db9be Adapt mbedtls_ssl_get_key_exchange_md_tls1_2 to PSA hashing by Andrzej Kurek · 7 years ago
  89. 36e89b5 Fix #2370, minor typos and spelling mistakes by Antonin Décimo · 7 years ago
  90. 2349c4d Adapt to the new key allocation mechanism by Andrzej Kurek · 7 years ago
  91. e1b1a2c Merge remote-tracking branch 'upstream-public/pr/2181' into development by Jaeden Amero · 7 years ago
  92. 3fbdada SSL: Make use of the new ECDH interface by Janos Follath · 7 years ago
  93. a0a96a0 Merge branch 'psa_cipher_integration' into development-psa-proposed by Hanno Becker · 7 years ago
  94. cb1cc80 Use PSA-based ciphers for record protections in TLS-1.2 only by Hanno Becker · 7 years ago
  95. f704bef Setup PSA-based cipher context in mbedtls_ssl_derive_keys() by Hanno Becker · 7 years ago
  96. 7390c71 Share code for PSK identity configuration by Hanno Becker · 7 years ago
  97. a63ac3f Safe-guard `ssl_conf_remove_psk()` for simultaneous raw-opaque PSKs by Hanno Becker · 7 years ago
  98. f9ed7d5 Don't use 48 as a magic number in ssl_derive_keys() by Hanno Becker · 7 years ago
  99. 7d0a569 Implement PSA-based PSK-to-MS derivation in mbedtls_ssl_derive_keys by Hanno Becker · 7 years ago
  100. 35b23c7 Simplify master secret derivation in mbedtls_ssl_derive_keys() by Hanno Becker · 7 years ago