b488ca3497
Remove ChangeLog entry, style is not yet official
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-12-08 15:05:53 +00:00
2cf779ceff
Use constant for supported Uncrustify version
...
Define and report the supported Uncrustify version (and remove extra
newlines from version output).
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-12-08 15:05:53 +00:00
9711f4eeb4
Fix typo in code style script
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-12-08 15:05:53 +00:00
ca13c4f59f
Use helper function for error printing
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-12-08 15:05:53 +00:00
b7dab41315
Miscellaneous improvements to code style script
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-12-08 15:05:53 +00:00
69591e9207
Assemble changelog
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2022-12-08 14:59:54 +00:00
48223bc19e
Bump version to 3.3.0. No changes to .so versions.
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2022-12-08 14:43:19 +00:00
a5b2c52885
Merge remote-tracking branch 'restricted/development-restricted' into mbedtls-3.3.0rc0-pr
2022-12-08 14:10:59 +00:00
a6ca882943
Merge pull request #6752 from daverodgman/arm-build-changelog
...
Add Changelog for Arm compile fix
2022-12-08 14:09:47 +00:00
b74aa5a224
Add Changelog for Arm compile fix
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2022-12-08 13:43:08 +00:00
73defe4da0
Fix typo in library/entropy.c
...
Signed-off-by: Zachary Fleckenstein <ZachFleck42@Gmail.com >
2022-12-08 07:28:29 -05:00
6129268fee
Bignum: Implement mbedtls_mpi_mod_raw_inv_prime() and tests
...
Fixes #6023 .
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2022-12-08 09:44:10 +00:00
a7f0d7b029
mbedtls_mpi_core_exp_mod() ouuput may alias input A
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2022-12-08 08:46:28 +00:00
3e5d56e7d4
Remove duplicated test cases
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-07 22:57:54 +01:00
ae7fe7ee53
tls: pake: avoid useless psa_pake_abort in setting opaque password
...
Signed-off-by: Valerio Setti <vsetti@baylibre.com >
2022-12-07 17:36:59 +01:00
70d1fa538a
tls: pake: fix missing return values check
...
Signed-off-by: Valerio Setti <vsetti@baylibre.com >
2022-12-07 16:20:27 +01:00
f11e05a413
test: psa: minor improvements to test
...
Signed-off-by: Valerio Setti <vsetti@baylibre.com >
2022-12-07 16:02:45 +01:00
d5fa0bfb85
test: pake: check psa key validity before destroying it
...
Signed-off-by: Valerio Setti <vsetti@baylibre.com >
2022-12-07 16:02:42 +01:00
c689ed8633
tls: pake: minor adjustments
...
Signed-off-by: Valerio Setti <vsetti@baylibre.com >
2022-12-07 14:40:38 +01:00
90af1a10ab
Merge pull request #6734 from daverodgman/fix_test_dep_spelling
...
Fix spelling of test dependency
2022-12-07 09:06:29 +00:00
fbba0e9d75
Merge pull request #6537 from yuhaoth/pr/tls13-refactor-early-data-configuration-interface
...
TLS 1.3: Refactor early data configuration interface.
2022-12-07 09:42:12 +01:00
d45924d862
Merge pull request #6733 from tom-cosgrove-arm/issue-6293-mod_exp-memory
...
Have mbedtls_mpi_core_exp_mod() take a temporary instead of allocating memory
2022-12-07 08:32:31 +00:00
1d26d976e8
Merge pull request #6731 from tom-cosgrove-arm/issue-6293-mod_exp
...
Require input to mbedtls_mpi_core_exp_mod() to already be in Montgomery form
2022-12-07 08:31:49 +00:00
8781dd0e61
Fix overly large allocations of MPIs
...
The second argument of ASSERT_ALLOC is a number of array elements, not a
number of bytes.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-06 23:05:06 +01:00
de09ddd64e
Move tests of random-in-range functions to their own suite
...
The random-in-nrange test code has auxiliary functions that are common to all
the interfaces (core, mod_raw (upcoming), mod (upcoming), legacy), and does
some differential testing to check that all the layers consume the RNG in
the saame way. Test them all in the same test suite.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-06 22:50:11 +01:00
1fe45295d7
Merge pull request #6685 from gilles-peskine-arm/valgrind-cf-skip-tests
...
Rationalize Valgrind tests
2022-12-06 18:39:32 +00:00
92b5ac1a47
Add all.sh component to test with code style
...
Run the main test suites after running code style correction to check
that code style correction does not break these tests.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-12-06 17:44:30 +00:00
556e8a3219
Fix additional mis-spelling
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2022-12-06 16:31:25 +00:00
6e5bc03311
Add ChangeLog entry for code style script
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-12-06 16:09:17 +00:00
1b84781184
Disable code style correction in check_config.h
...
Code style correction currently messes up check_names.py
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-12-06 16:09:17 +00:00
fa928f1c44
Add script to run Uncrustify
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-12-06 15:04:37 +00:00
92011eef34
Merge pull request #6717 from tom-cosgrove-arm/fix-typos-2212
...
Fix typos prior to release
2022-12-06 15:00:34 +00:00
e6cb118d56
Add configuration file for Uncrustify
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-12-06 14:46:29 +00:00
614688711d
Fix spelling of test dependency
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2022-12-06 14:44:08 +00:00
0a0ddedfb7
Have mbedtls_mpi_core_exp_mod() take a temporary instead of allocating memory
...
Last PR needed for #6293
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2022-12-06 14:37:18 +00:00
98be95563d
Merge pull request #6689 from gilles-peskine-arm/changelog-20221129-pre-3.3
...
Changelog improvements for 3.3
2022-12-06 13:37:24 +00:00
21d459d26a
Add type annotations
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2022-12-06 12:36:00 +00:00
c240600f24
Separate out to_montgomery and from_montgomery for bignum tests
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2022-12-06 12:20:43 +00:00
3f2999ad25
Rename test_suite_bignum_mod.data for consistency
...
Use the same naming convention as bignum and bignum_core now that test
data is generated.
Signed-off-by: Werner Lewis <werner.lewis@arm.com >
2022-12-06 11:55:32 +00:00
93a31c9efd
Re-enable pylint unused warnings
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com >
2022-12-06 11:55:32 +00:00
e1b6b7c0ac
Implement mbedtls_mpi_mod_add()
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com >
2022-12-06 11:55:32 +00:00
977c53f00a
Merge pull request #6704 from tom-cosgrove-arm/issue-6020-mod_sub
...
Implement mbedtls_mpi_mod_sub()
2022-12-06 11:53:41 +00:00
ecda186893
Require input to mbedtls_mpi_core_exp_mod() to already be in Montgomery form
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2022-12-06 10:46:30 +00:00
ba22c9c1ff
test: pake: remove useless check in ssl_ecjpake_set_password()
...
Signed-off-by: Valerio Setti <vsetti@baylibre.com >
2022-12-06 11:42:33 +01:00
2e1e43fb82
test: pake: fix error in ssl_ecjpake_set_password()
...
Signed-off-by: Valerio Setti <vsetti@baylibre.com >
2022-12-06 11:41:57 +01:00
77d3057c6d
More grammar fixes
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-06 11:25:09 +01:00
ad27b8074f
Declare ECP_RESTARTABLE and USE_PSA compatible
...
This is only the beginning:
- some test failures in test_suite_pk, test_suite_x509 and ssl-opt.sh
will be fixed in the next few commits;
- then the interactions between those options will be documented and
tested.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2022-12-06 11:05:28 +01:00
6ee56aa18f
Add default values for conf->*early_data*
...
- early_data default to disable
- max_early_data_size default to built-in value
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-12-06 18:00:47 +08:00
2b7ad6472b
Document all effects of MBEDTLS_ECP_RESTARTABLE
...
It might not be obvious that this option goes beyond adding new
functions, but also automagically modifies the behaviour of TLS
in some circumstances. Moreover, the exact modifications and
circumstances were not documented anywhere outside the ChangeLog.
Fix that.
While at it, adjust the test that checks no restartable behaviour with
other key exchanges, to use a key exchange that allows cert-based client
authentication so that we can check that this is not restartable either.
We don't have any automated test checking that the server is never
affected. That would require adding an ec_max_ops command-line option to
ssl_server2 that never has any effect, just to check that it indeed
doesn't. I'm not sure that's worth it. I tested manually and could
confirm that the server never has restartable behaviour, even for the
parts that are shared between client and server such as cert chain
verification.
Note (from re-reading the code): all restartable behaviour is controlled
by the flag ssl->handshake->ecrs_enabled which is only client-side with
the ECDHE-ECDSA key exchange (TLS 1.2).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2022-12-06 10:54:35 +01:00
39da9857df
remove limitation of max_early_data_size
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-12-06 16:58:36 +08:00
