9520df7580
Fix code style
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com >
2023-07-25 10:56:54 +01:00
1db78fa32a
Demonstrate algorithm agility
...
Define HALH_ALG to the desired PSA algorithm
to demostrate the ease of swapping algorithms
with the PSA API.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com >
2023-07-24 16:49:14 +01:00
f7348ae1fc
Improve program from first round review comments
...
Following an initial review:
- Swap printf for mbedtls_printf
- Remove MBEDTLS_xxx dependencies
- Demonstrate correct buffer sizing
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com >
2023-07-24 12:18:40 +01:00
209c9c9492
Bring code-style up-to-date
...
This PR was originally created before the code
style was changed. This commit updates the style.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com >
2023-07-18 14:59:45 +01:00
f8b9ebf297
Add example program for PSA hash
...
This commit adds the example program for PSA
hash as well as the relevant changes to
CMakeLists.txt and the Makefile.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com >
2023-07-18 13:55:36 +01:00
828b3acd6b
Merge pull request #7848 from valeriosetti/issue7749
...
driver-only ECC: EPCf.TLS testing
2023-07-18 10:33:21 +02:00
91d9daf2b3
Merge pull request #7925 from hasheddan/dtls-server-order
...
Fix order of steps in DTLS server example program
2023-07-17 09:41:43 +01:00
af2f7a6fcb
Fix order of steps in DTLS server example program
...
Fixes the numbered order of steps in the DTLS server example program.
Signed-off-by: Daniel Mangum <georgedanielmangum@gmail.com >
2023-07-14 12:00:33 -04:00
312b6df38a
Add a missing guard in cert_req.c
...
IP parsing requires x509_CRT_PARSE_C
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-07-10 08:45:30 -04:00
dda0019e2e
ssl_test_lib: fix rebase error
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-10 10:22:51 +02:00
5bdebb2004
ssl_test_lib: fix variable naming for curve group
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-10 09:13:57 +02:00
fb6356f003
ssl_test_lib: simplify function which prints supported curves
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-10 09:13:57 +02:00
deb676442d
ssl_test_lib: manage FFDH keys the same way as ECC ones
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-10 09:13:57 +02:00
acd32c005f
programs: add helper functions for supported EC curves
...
- get full list, or
- get TLS ID from name
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-10 09:13:57 +02:00
461d59b2f8
Merge pull request #7858 from mprse/ffdh_tls13_v2_f
...
Make use of FFDH keys in TLS 1.3 - follow-up
2023-07-07 16:19:35 +02:00
c4749b1c66
Merge pull request #7584 from gilles-peskine-arm/fuzz-file-open-fail
...
Fuzz programs: print an error if loading the reproducer fails
2023-07-07 11:51:59 +01:00
6bc7a38683
Support more SAN subtypes in cert_req.c
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-07-07 05:13:13 -04:00
77b0d645f5
Add gitignore anchors to denote generated files
...
These anchors encapsulate gitignore patterns which typically ignore
files generated, so that scripts can be used to comment and uncomment
these patterns for releases when we need the generated files in the
repository.
Signed-off-by: Agathiyan Bragadeesh <agabra02@e127300.arm.com >
2023-07-06 17:58:18 +01:00
68e7544de8
parse_groups: curve -> group adaptations
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-07-06 12:16:44 +02:00
45255e4c71
Adapt names (curves -> groups)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-07-05 09:26:26 +02:00
b078607f04
cert_write: Support write any for extended key usage
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com >
2023-07-04 17:30:21 +08:00
56b159a12a
Merge pull request #7627 from mprse/ffdh_tls13_v2
...
Make use of FFDH keys in TLS 1.3 v.2
2023-07-03 10:12:33 +02:00
c23d2222ea
Merge pull request #7728 from waleed-elmelegy-arm/crypt_and_hash-decrypt-fix
...
Fix crypt_and_hash decrypt issue when used with stream cipher
2023-06-30 11:42:35 +01:00
60de0b198a
Move the overallocation test to test suites
...
This way the compiler does not complain about
an overly large allocation made.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-27 09:26:08 -04:00
aae3208c29
Add an mbedtls_calloc(SIZE_MAX/2, SIZE_MAX/2) test
...
It should return NULL and not a valid pointer.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-27 09:26:08 -04:00
e35f3a23be
Add a calloc selftest for more than a page
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-27 09:26:08 -04:00
ecaf6fb8b2
Documentation and cosmetic fixes
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-27 09:26:08 -04:00
9032711dc7
Move the calloc buffer initialization test to selftest.c
...
This way it's more in line with the 2.28 version.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-27 09:26:08 -04:00
39a0a76fcc
SSL programs: improve command-line error reporting
...
Every now and then, I see of these programs failing with a super-long
usage message that gives no clue as to what went wrong. (Recently it
happened with a test case in ssl-opt.sh with a fairly long command line
that was entirely correct, except some options were not valid in this
config - the test should have been skipped but wasn't due to some other
bug. It took me longer to figure out than it should have, and could have
if the program had simply reported which param was not recognized.)
Also, have an explicit "help" command, separate "help_ciphersuites", and
have default usage message that's not multiple screens long.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-06-27 09:28:24 +02:00
3eea9a461c
SSL programs: allow invoking without arguments
...
All options have reasonable default so the programs don't need arguments
to do something useful.
It is widely accepted for programs that can work without arguments need
not insist on the user passing arguments, see 'ls', 'wc', 'sort', 'more'
and any number of POSIX utilities that all work without arguments.
It is also the historical behaviour of those programs, and something
relied one by at least a few team members.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-06-26 11:29:35 +02:00
0b74434e2a
SSL programs: group options processing in 1 place
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-06-26 11:28:00 +02:00
458b96b1a7
Merge pull request #7638 from AndrzejKurek/cert-apps-use-ips
...
Use better IP parsing in x509 apps
2023-06-20 17:21:04 +01:00
7d42c0d0e5
Code cleanup #2
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-13 12:30:40 +02:00
75a5a9c205
Code cleanup
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-13 09:57:23 +02:00
46549cb5fa
Replace function calls in crypt_and_hash program with locals
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com >
2023-06-12 14:53:02 +01:00
7d39cc410c
Fix crypt_and_hash decrypt issue when used with stream cipher
...
crypt_and_hash decryption fails when used with a stream cipher
mode of operation due to the input not being multiple of block
size, this only applies to block cipher modes and not stream
ciphers.This change exempts CTR, CFB & OFB modes from this check.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com >
2023-06-09 16:58:23 +01:00
05d71ffe5b
Merge remote-tracking branch 'origin/development' into sha3-updated
2023-06-07 18:02:04 +01:00
0624e460fb
Add a guard for IP parsing in cert_req app
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-07 08:54:35 -04:00
cd17ecfe85
Use better IP parsing in x509 programs
...
Remove unnecessary duplicated code.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-07 08:50:05 -04:00
ff9fcbcace
ssl_client2, ssl_server2: code optimization + guards adaptation
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-06 12:53:40 +02:00
da4fba64b8
Further code optimizations
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-06 12:31:09 +02:00
316c19ef93
Adapt guards, dependencies + optimizations
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-06 12:31:09 +02:00
e7db09bede
Move FFDH helper functions and macros to more suitable locations
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-06 12:31:08 +02:00
6d7da5ee1e
Add FFDH support in client2, server2 applications
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-06 12:31:08 +02:00
84b547b5ee
Merge pull request #7400 from AndrzejKurek/cert-write-sans
...
Add a possibility to generate certificates with a Subject Alternative Name
2023-06-05 15:38:38 +02:00
f994bc51ad
Refactor code in cert_write.c
...
This way is more robust.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-02 05:10:17 -04:00
7f97675b64
Merge pull request #5237 from davidhorstmann-arm/demo-out-of-tree
2023-05-19 21:27:24 +01:00
5eebfb8fd0
Enable escaping ';' in cert_write.c SANs
...
This might get used in URIs.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-05-17 15:23:56 -04:00
446e53d401
Fix a code style issue
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-05-17 15:23:56 -04:00
f70f460e5f
Fix temporary IP parsing error
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-05-17 15:23:56 -04:00
