lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-27 12:15:33 +03:00
Code Activity
17,758 Commits 176 Branches 276 Tags
01ef723bbab53fa3004e7d7c1f7fb011e9c482cc
Commit Graph

17758 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Manuel Pégourié-Gonnard
65a7203119 Allow cmake to generate version_features.c 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2021-10-25 13:16:03 +01:00
Manuel Pégourié-Gonnard
cbdedc54b9 Allow cmake to generate error.c 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2021-10-25 13:16:03 +01:00
Jerry Yu
188468b5f4 Add reference link for Random definition 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:48:24 +08:00
Jerry Yu
ad3a113fc6 Remove MBEDTLS_SSL_EXPORT_KEYS 
It is always on now in `development`

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:46:43 +08:00
Jerry Yu
7a186a0cbf fix comment issue 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:29 +08:00
Jerry Yu
337d5318ae replace md_max_size with tls13_md_max_size 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:29 +08:00
Jerry Yu
745bb616a4 Fix format issue and enhance test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:29 +08:00
Jerry Yu
193f0e7449 fix build fail on tls1_3_md_max_size 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:29 +08:00
Jerry Yu
b85277e3af Address various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:29 +08:00
Jerry Yu
435208a949 Improve generate_handshake_keys 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:29 +08:00
Jerry Yu
f532bb2577 Change MD size for tls13 keys 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:29 +08:00
Jerry Yu
c068b6671e Rename tls13 prefix to fix coding issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:28 +08:00
Jerry Yu
4a1733831e fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:28 +08:00
Jerry Yu
f0ac2352d6 Refactor key_schedule_stage_handshake 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:28 +08:00
Jerry Yu
5ccfcd4ca1 Add local variable to represent handshake 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:28 +08:00
Jerry Yu
42920ec5a5 tls1_3:skip handshake msg test with PSA_CRYPTO 
tls1_3 hasn't implemented PSA version get transcript

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:28 +08:00
Jerry Yu
de4fb2cc34 Apply check read ptr macro 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:28 +08:00
Jerry Yu
fd532e506b fix set key exchange mode issue 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:28 +08:00
Jerry Yu
4ae2d62cce Improve tls13 handshake test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:28 +08:00
Jerry Yu
0b17784932 Add finalize function 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:28 +08:00
Jerry Yu
e1b9c297b9 Add read_server_hello 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:28 +08:00
Jerry Yu
1efa815db7 tls13: add ecdh_read_public 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:28 +08:00
Jerry Yu
a0650ebb9d tls13: add handshake key schedule 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:28 +08:00
Jerry Yu
61e35e0047 tls13: add generate handshake keys 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-25 10:41:28 +08:00
Gilles Peskine
f7946a6210 Merge pull request #5091 from gilles-peskine-arm/test_equal_verbose 
Show values when TEST_EQUAL fails
 2021-10-22 17:25:03 +02:00
Mateusz Starzyk
30bd7fa607 Change error code for MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-10-22 10:33:32 +02:00
Paul Elliott
e05e126933 Remove bash specific code 
Use case pattern matching instead of multiline split, given there is
only the well formatted PIDs to match on this should be safe.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-10-21 17:25:46 +01:00
Mateusz Starzyk
33d01ffe60 Remove redundant value assignemnt to olen. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-10-21 14:55:59 +02:00
Przemyslaw Stekiel
8132c2ff46 Address review comments 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2021-10-21 12:26:58 +02:00
Brett Warren
9e98573ca2 fix build fail with MBEDTLS_DEPRECATED 
When deprecated functions are allowed

Signed-off-by: Brett Warren <brett.warren@arm.com>
 2021-10-20 23:33:15 +01:00
Brett Warren
3a96d09898 export MBEDTLS_DEPRECATED from platform_util.h 
Since there are no longer any alternative
MBEDTLS_DEPRECATED definitions in the codebase,
MBEDTLS_DEPRECATED can now be exported without breaking
anything.

Signed-off-by: Brett Warren <brett.warren@arm.com>
 2021-10-20 23:33:15 +01:00
Gilles Peskine
788ad339b8 Move is-it-resend logic into a function 
Improve the code structure in case we want to add other similar conditions
later. Document better what we're doing, and document why we're doing it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-20 16:07:07 +02:00
Gilles Peskine
89615eefe7 Show values when TEST_EQUAL fails 
When TEST_EQUAL fails, show the two numerical values in the test log (only
with host_test). The values are printed in hexa and signed decimal.

The arguments of TEST_EQUAL must now be integers, not pointers or floats.
The current implementation requires them to fit in unsigned long long
Signed values no larger than long long will work too. The implementation
uses unsigned long long rather than uintmax_t to reduce portability
concerns. The snprintf function must support "%llx" and "%lld".

For this purpose, add room for two lines of text to the mbedtls_test_info
structure. This adds 154 bytes of global data.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-19 22:32:44 +02:00
Gilles Peskine
9202ba37b1 Merge pull request #4960 from mpg/cleanup-tls-cipher-psa-3.x 
Clean up some remnants of TLS pre-1.2 support
 2021-10-19 21:59:15 +02:00
Gilles Peskine
e7fc7ef38b Always set a build type for cmake when building for testing 
Set the build type to Release (-O2) when running CPU-intensive tests (ssl-opt,
or unit tests with debug features). A build type of Check (-Os) would be best
when the main objective of the build is to check for build errors or warnings
and there aren't many tests to run; in this commit there are no such test
cases to change. Only use cmake with no build type (which results in not
passing a -O option, and thus missing some GCC warnings) when exercising cmake
features.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-19 21:33:32 +02:00
Paul Elliott
58ed8a7594 Remove use of -p with lsof 
On machines with more modern kernels (>5.4 from testing so far) the
useage of -b seems to conflict with the usage of -p. Whilst the usage of
-b seems like a good idea to avoid blocks as we are tight looping on it,
the usage of -p seems to require the usage of stat() (specifically in
/proc) which -b forbids. All you get is a load of warnings
(suppressable by -w) but never a positive result, which means that all
servers are reported as "Failed to start". We are not keen on losing
-b, so instead parse the output of lsof (using -F to format it) to
check the if PIDs that it outputs match that we are looking for.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-10-19 18:23:47 +01:00
Gilles Peskine
f11d30ecda Retry if a test case fails because of an unexpected resend 
Palliative for https://github.com/ARMmbed/mbedtls/issues/3377. If a test
case fails due to an unexpected resend, allow retrying, like in the case of
a client timeout.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-19 18:00:10 +02:00
Gilles Peskine
0e3534c67b Move retry logic into check_test_failure 
This will allow having other retry conditions, in particular based on
run_test options.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-19 17:23:25 +02:00
Gilles Peskine
196d73bc1b Move the core loop of run_test into an auxiliary function 
No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-19 16:45:29 +02:00
Gilles Peskine
236bf98cfd Move some code of run_test into auxiliary functions 
No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-19 16:45:29 +02:00
Gilles Peskine
6210320215 Merge pull request #4989 from AndrzejKurek/remove-ssl-export-keys 
Remove MBEDTLS_SSL_EXPORT_KEYS, making it always on
 2021-10-18 17:53:56 +02:00
Gilles Peskine
e7997c494b Merge pull request #5085 from daverodgman/fix_naming 
Fix naming examples in TLS 1.3 style guide
 2021-10-18 17:52:07 +02:00
Gilles Peskine
bf21c07923 Merge pull request #5072 from mprse/issue_5065 
Use switch statement instead if-else in psa_aead_check_nonce_length() and psa_aead_set_lengths(). Fixes #5065
 2021-10-18 17:51:50 +02:00
Dave Rodgman
c8aaac89d0 Fix naming examples in TLS 1.3 style guide 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-10-18 13:00:51 +01:00
Gilles Peskine
7637ab0d8b Merge pull request #5037 from mprse/issue_4551 
Fix psa_generate_key(): return PSA_ERROR_INVALID_ARGUMENT for public key
 2021-10-18 10:39:21 +02:00
Gilles Peskine
0d4640ad90 Merge pull request #4984 from gilles-peskine-arm/check-names-files 
check_names.py: more robust handling of excluded files
 2021-10-15 13:33:50 +02:00
Przemyslaw Stekiel
316c4fa3ce Address review comments 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2021-10-15 08:04:53 +02:00
Gilles Peskine
2bb5e9c973 Merge pull request #4760 from gilles-peskine-arm/ecb-alt-ret-3.0 
Catch failures of mbedtls_aes_crypt_ecb and its DES equivalents
 2021-10-14 12:11:20 +02:00
Przemyslaw Stekiel
ed61c5e8b0 Add change-log file (issue #5065) 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2021-10-14 09:14:09 +02:00
Gilles Peskine
1c66bf8061 Merge pull request #5070 from mpg/fix-resumption-openssl-client-tests 
Use newer OpenSSL for tests failing with the old
 2021-10-13 21:05:15 +02:00