de047b09fe
Add docstrings to pacify pylint
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-03-04 17:12:59 +01:00
8cbbc5f4e6
Tell ReadTheDocs to include framework submodule
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-03-04 17:12:59 +01:00
2aa63ea48c
Support Git submodules
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-03-04 17:12:59 +01:00
1c13aa78c2
Framework submodule: fix the libtestdriver1 build
...
`make -C tests libtestdriver1` copies `library/Makefile` to
`tests/libtestdriver1/library/Makefile`, where `../framework` does not point
to the framework submodule.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-03-04 17:12:59 +01:00
456a54da8e
Add framework submodule with makefiles
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-03-04 17:12:31 +01:00
40d4708f17
ssl: Added session getter for ciphersuite_id.
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-03-04 15:57:41 +00:00
358b448d72
ssl_ciphersuite: Added getter methods for ciphersuite id.
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-03-04 15:57:41 +00:00
716cf2d4e0
Merge branch 'development-restricted' into buffer_protection_for_cipher
...
Signed-off-by: Gábor Mezei <63054694+gabor-mezei-arm@users.noreply.github.com >
2024-03-04 15:38:05 +00:00
2c8c364ac2
ssl: Added getter methods for session id and len.
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-03-04 15:20:28 +00:00
634f4d6d7d
Merge pull request #8846 from gilles-peskine-arm/ecp-write-ext-3.6
...
Introduce mbedtls_ecp_write_key_ext
2024-03-04 14:56:55 +00:00
2bb537ec61
Merge pull request #1172 from davidhorstmann-arm/generate-random-buffer-protection
...
Add secure buffer copying to `psa_generate_random()`
2024-03-04 13:23:46 +00:00
987cf898db
ssl_helpers: Restore rng_seed incrementation
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-04 10:24:27 +01:00
fad79fcdd9
Merge remote-tracking branch 'development' into ecp-write-ext-3.6
...
Conflicts:
* library/pk.c: mbedtls_pk_wrap_as_opaque() changed in the feature branch
and was removed in the target branch.
2024-03-04 08:52:08 +01:00
79ee110446
Added changelog
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-03-04 02:22:01 +00:00
a83ada4eba
tests: Added test for mbedtls_x509_crt_get_ca_istrue()
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-03-04 02:22:01 +00:00
2abbac74dc
x509: Added mbedtls_x509_crt_get_ca_istrue() API accessor.
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-03-04 02:22:01 +00:00
3cfdd73dfa
Changelog: Added changelog for mbedtls_ecdh_get_grp_id.
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-03-02 09:14:13 +00:00
e93cd1b580
tests: ssl: Free write/read test buffers
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 19:30:00 +01:00
7c07aab72e
tests: write early data: Improve tls13_cli_max_early_data_size
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 19:07:40 +01:00
ae6f9a58a9
tests: write early data: Allocate buffer to write/read
...
Allocate the buffer to write/read early data. That
way in ASan builds. buffer overwrite/overread can
be detected.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 19:07:34 +01:00
ada2ec3482
psa_crypto_stubs/changelog: fix typos
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-03-01 18:04:14 +01:00
aab4a546bf
tests: Set the default conf then customize
...
Set the default conf then customize, not the
other way around.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 17:09:22 +01:00
10b040fa6f
tests: ssl_helpers: Rename rng_get to mbedtls_test_random
...
mbedtls_test_ as the prefix for test APIs
_random like in mbedtls_ctr/hmac_drbg_random
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 17:00:38 +01:00
e33b349c90
Merge pull request #8864 from valeriosetti/issue8848
...
Deprecate or remove mbedtls_pk_wrap_as_opaque
2024-03-01 15:54:32 +00:00
8a4df2293a
Adjust default unroll settings
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-03-01 15:12:59 +00:00
5dbfcceb81
tls13: cli: Fix error code not checked
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 15:15:30 +01:00
de9b03dcba
tls13: Rename early_data_count to total_early_data_size
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 15:14:17 +01:00
aad8523764
tests: ssl: Test enforcement of maximum early data size
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 15:10:22 +01:00
62f971aa60
tls13: cli: Enforce maximum size of early data
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 15:10:22 +01:00
a4f0a71a01
ssl: Add early_data_count field
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 15:10:22 +01:00
5c4fc9156b
tests: ssl: Add max_early_data_size option
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 15:10:22 +01:00
71fa1a94e7
Fix code style
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-03-01 12:32:18 +00:00
76ba26a542
Fixup: add peer_cert_digest_type to comment
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-03-01 12:03:35 +00:00
7335082ef6
Add ChangeLog entry for ssl serialization bitflags
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-03-01 11:31:03 +00:00
f686f1dc17
Fix naming inconsistencies in config bits
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-03-01 11:20:32 +00:00
fcbf776d06
tests: ssl: Restore write_early_data test function
...
For negative testing of early data (tests
related to max_early_data_size in this PR), restore
the test function to write early data that was
first introduced to be able to test the reading
of early data with the writing part and was
removed (as not used anymore) by the PR 8760.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 10:00:47 +01:00
25ad10a920
tests: ssl: Improve tls13_srv_max_early_data_size()
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 09:29:16 +01:00
19bfe0a631
tls13: Rename early_data_count to total_early_data_size
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 09:29:16 +01:00
70eab45ba6
tls13: generic: Fix log
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 09:29:16 +01:00
dc81b7343f
tests: srv max early data size: Add reach_max test arg
...
Add the reach_max flag argument for the
test13_srv_max_early_data_size test
function. Non zero value only valid in case
of TEST_EARLY_DATA_ACCEPTED scenario.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 09:29:16 +01:00
01d273d31f
Enforce maximum size of early data in case of HRR
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 09:29:16 +01:00
919e596c05
Enforce maximum size of early data when rejected
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 09:29:16 +01:00
2160bfe4e2
tests: ssl: Test enforcement of maximum early data size
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 09:29:16 +01:00
8571804382
tls13: srv: Enforce maximum size of early data
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 09:29:09 +01:00
c286519747
tls13: srv: Do not forget to include max_early_data_size in the ticket
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 09:03:51 +01:00
26a9811027
ssl: Add early_data_count field
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 09:03:51 +01:00
5d3036e6d5
tests: ssl: Add max_early_data_size option
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-01 09:03:51 +01:00
79aaaa46e9
Fix formatting
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 18:41:36 +00:00
531aca2810
Fix missing fields in ssl session struct comment
...
The endpoint and version were factorized out into the main session.
Update the session struct comment to reflect these new fields, as was
previously missed.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-29 18:14:28 +00:00
cb01b361e1
Move session descriptions into a single comment
...
Describe the TLS 1.2, TLS 1.3 and full session structs in the same
place for ease of reference.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-29 18:10:13 +00:00
