Hanno Becker
Hanno Becker
Add test to `ssl-opt.sh` and/or `compat.sh` exercising the NewSessionTicket extension parsing introduced in https://github.com/hannestschofenig/mbedtls/pull/213.
In upstream Mbed TLS, there has been a major code restructuring regarding the example programs: A lot of shared code between `ssl_client2` and `ssl_server2` has been moved into a new...
This is issue is about going through all the macros and compile-time options introduced by the prototype and making sure they live in appropriate namespaces. For most options, it will...
The purpose of this task is to review the following functions and prepare them for upstreaming: * `mbedtls_ssl_generate_handshake_traffic_keys()` * `mbedtls_ssl_tls1_3_derive_master_secret()` * `mbedtls_ssl_generate_resumption_master_secret()` * `mbedtls_ssl_generate_application_traffic_keys()` * `mbedtls_ssl_generate_early_data_keys()` * `mbedtls_ssl_create_binder()` Those are...
This issue it to track the review and potential rework of the client-side 0-RTT writing state in preparation for upstreaming. Things to look for: * Security * Functional correctness *...
Some extension writing functions return `void`, some return `int`. Study them and unify the signature.
This issue it to track the review and potential rework of the client-side NewSessionTicket parsing state in preparation for upstreaming. Things to look for: * Security * Functional correctness *...
This issue it to track the review and potential rework of the server-side 0-RTT parsing state in preparation for upstreaming. Things to look for: * Security * Functional correctness *...
`MBEDTLS_ERR_MPS_RETRY` signals that the last API call should be retried. It's different from `MBEDTLS_ERR_SSL_WANT_READ` in that is does _not_ imply that more data is required from the underlying transport. In...
This issue it to track the review and potential rework of the client-side HelloVerifyRequest state in preparation for upstreaming. Things to look for: * Security * Functional correctness * Clarity...