9bf1875146
Revert commit 33af72df in order to not depend on test code
...
Signed-off-by: Michael Schuster <michael@schuster.ms >
2024-08-06 12:09:13 +01:00
46a6e73285
Fix format-pedantic error in programs/test/metatest.c
...
Signed-off-by: Michael Schuster <michael@schuster.ms >
2024-08-06 12:09:13 +01:00
ff4d6aea04
Use correct conditionals in programs/ssl (fix unused-function errors)
...
Signed-off-by: Michael Schuster <michael@schuster.ms >
2024-08-06 12:09:13 +01:00
82984bc1be
Adjust spacing in sample programs
...
Signed-off-by: Michael Schuster <michael@schuster.ms >
2024-08-06 12:09:13 +01:00
6fa32fd12d
Fix missing-prototype errors in sample programs
...
Signed-off-by: Michael Schuster <michael@schuster.ms >
2024-08-06 12:09:13 +01:00
41a686bb9f
Fix missing-prototype error in programs/fuzz by moving LLVMFuzzerTestOneInput prototype to common.h
...
Signed-off-by: Michael Schuster <michael@schuster.ms >
2024-08-06 12:09:13 +01:00
3a4c43174c
Move print_buf into mbedtls_test_print_buf helper function in sample programs
...
Reduce code duplication and fix missing-prototype error for print_buf
Signed-off-by: Michael Schuster <michael@schuster.ms >
2024-08-06 12:09:13 +01:00
467775ef26
programs: fuzz: Fix comment
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-07-23 07:51:33 +02:00
848bccf1ce
Fix some typo for include folder
...
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
2024-07-12 11:38:53 +03:00
9c4dd4ee6f
Update paths pointing to tests/data_files
...
These now point to framework/data_files instead.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-07-08 15:36:46 +01:00
2b22b1e870
Add and update some .gitignore files
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-06-18 09:14:36 +02:00
7a312d7247
ssl_client2: Add Host to HTTP GET request
...
If an IP address shares multiple domain names with different SSL
certificates and makes a GET request without the remote server name
(host), it will fail with a 421 Misdirect Request.
Signed-off-by: Javier Tia <javier.tia@linaro.org >
2024-05-06 14:01:28 -06:00
41995bec9a
ssl_mail_client: Fix code style issue
...
Signed-off-by: Mingjie Shen <shen497@purdue.edu >
2024-04-30 13:00:35 +02:00
623812887a
ssl_mail_client: Check return value of mbedtls_snprintf
...
The return value of snprintf() is the number of characters (excluding
the null terminator) which would have been written to the buffer if
enough space had been available. Thus, a return value of size or more
means the output was truncated.
Signed-off-by: Mingjie Shen <shen497@purdue.edu >
2024-04-30 13:00:35 +02:00
6f216e4a73
ssl_mail_client: Replace snprintf with mbedtls_snprintf
...
Signed-off-by: Mingjie Shen <shen497@purdue.edu >
2024-04-30 13:00:34 +02:00
73d649e089
ssl_mail_client: Fix unbounded write of sprintf()
...
These calls to sprintf may overflow buf because opt.mail_from and opt.mail_to
are controlled by users. Fix by replacing sprintf with snprintf.
Signed-off-by: Mingjie Shen <shen497@purdue.edu >
2024-04-30 13:00:33 +02:00
9860056006
Revert "Autogenerated files for 3.6.0"
...
This reverts commit e8a6833b28minos.galanakis@arm.com >
2024-03-27 17:36:15 +00:00
e8a6833b28
Autogenerated files for 3.6.0
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-03-22 16:00:55 +00:00
b70f0fd9a9
Merge branch 'development' into 'development-restricted'
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-03-19 22:24:40 +00:00
74191a56e8
ssl_server2: Split early data enablement from max_early_data_size setting
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-14 20:00:42 +01:00
7b333f1e88
Merge pull request #8913 from ronald-cron-arm/tls13-ticket-lifetime
...
TLS 1.3: Enforce ticket maximum lifetime and discard tickets with 0 lifetime
2024-03-14 15:59:25 +00:00
50da462fc8
Merge pull request #8829 from paul-elliott-arm/add_framework_meta_tests
...
Add metatests for failing TEST_EQUAL and TEST_LE_*
2024-03-14 15:55:14 +00:00
93fa4e1b87
Merge branch 'development' into buffer-sharing-merge
2024-03-12 15:05:06 +00:00
7201bc6b05
ssl_client2: Fix early data log
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-08 16:03:09 +01:00
e33b349c90
Merge pull request #8864 from valeriosetti/issue8848
...
Deprecate or remove mbedtls_pk_wrap_as_opaque
2024-03-01 15:54:32 +00:00
9b4e964c2c
Merge pull request #8760 from ronald-cron-arm/tls13-write-early-data
...
TLS 1.3: Add mbedtls_ssl_write_early_data() API
2024-02-29 14:31:55 +00:00
90eca2adb0
ssl_test_lib: add guards for pk_wrap_as_opaque()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-28 10:45:43 +01:00
7541ebea52
programs: remove usage of mbedtls_pk_wrap_as_opaque() from tests
...
This is replaced with: mbedtls_pk_get_psa_attributes() +
mbedtls_pk_import_into_psa() + mbedtls_pk_setup_opaque().
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-27 10:44:33 +01:00
7f72a06e02
Remove cruft
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-22 18:41:25 +01:00
dd9cbf99c2
Benchmark only one side of ECDH, both static and ephemeral
...
Static ECDH is of interest to us as developers because it's a generic
scalar multiplication (as opposed to using the standard base point) and
it's useful to have that handy.
For reference the other operations of interest to developers are:
- multiplication of the conventional base point: ECDSA signing is almost
exactly that (just a few field ops on top, notably 1 inversion);
- linear combination: ECDSA verification is almost exactly that too.
Including ephemeral as well, because it's hopefully what's of interest
to most users.
Compared to the previous version, include only one side of the
operations. I don't think including both sides is of interest to anyone.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2024-02-22 12:29:06 +01:00
74589ba31c
ssl_context_info: explicitly note accesses to private fields
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-22 12:12:01 +01:00
72da8b3521
Don't authorize private access to fields where not actually needed
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-22 12:07:29 +01:00
abf0be392a
fuzz_dtlsserver: explicitly note the one access to a private field
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-22 12:07:09 +01:00
d5f68976e8
fuzz_pubkey, fuzz_privkey: no real need to access private fields
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-22 12:05:35 +01:00
7a3059ac92
Benchmark: not using private fields anymore
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-22 10:53:31 +01:00
984352d6f1
Benchmark: remove the legacy-context ECDH block
...
We have two blocks of code to benchmark ECDH. One uses the legacy context
structure, which is only enabled when MBEDTLS_ECP_RESTARTABLE is enabled.
That block doesn't convey any information that's specific to restartable
ECC, it exists only for historical reasons (it came first). The other block
uses only the implementation-agnostic API.
Remove the block that uses the legacy context. It doesn't provide much
extra information and most users won't even see it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-22 10:50:12 +01:00
0aead12706
ssl_client2: Improve loop writing early data
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-21 17:37:33 +01:00
b4fd47e897
ssl_client2: Default to library default for early data enablement
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-21 17:37:33 +01:00
0ecb5fd6f5
Merge pull request #8574 from ronald-cron-arm/ssl-tickets
...
Fix and align ticket age check in ssl_ticket.c for TLS 1.2 and TLS 1.3
2024-02-21 09:38:46 +00:00
028a38b7cb
Merge pull request #8661 from BensonLiou/use_init_api
...
use mbedtls_ssl_session_init() to init session variable
2024-02-19 15:49:34 +00:00
60bbfe63a1
Add metatests for failing TEST_EQUAL and TEST_LE_*
...
After getting caught with deadlock issues when these tests fail, add a
metatest to test them failing.
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2024-02-14 14:55:04 +00:00
3ea9450463
Merge pull request #8734 from valeriosetti/issue8564
...
Add test for driver-only HMAC
2024-02-14 13:43:40 +00:00
f6a9cfa5d2
adjust indentation
...
Signed-off-by: PiotrBzdrega <piotrbzdrega@yandex.com >
2024-02-11 09:41:56 +01:00
2b20ff62fc
move entropy init prior arguments number recognition
...
Signed-off-by: PiotrBzdrega <piotrbzdrega@yandex.com >
2024-02-11 02:15:03 +01:00
c3d17cde46
Merge pull request #8702 from minosgalanakis/update/dhm_context_in_programs_5015
...
[MBEDTLS_PRIVATE] Update dhm context in programs
2024-02-10 08:47:51 +00:00
54ad01efed
Merge remote-tracking branch 'upstream/development' into make_tests_thread_safe
2024-02-09 14:33:58 +00:00
7a28738205
Merge pull request #8636 from paul-elliott-arm/new_test_thread_interface
...
New test thread interface
2024-02-08 12:35:40 +00:00
1d7bc1ecdf
Merge pull request #8717 from valeriosetti/issue8030
...
PSA FFDH: feature macros for parameters
2024-02-07 10:06:03 +00:00
a5561893e7
ssl_client2: Add support for early data writing
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-07 08:06:46 +01:00
2fe0ec8c31
ssl_client2: Add buffer overflow check
...
Add buffer overflow check to build_http_request().
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-07 08:06:46 +01:00
