lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00
Code Activity
23,954 Commits 174 Branches 272 Tags
1ac7f6b09de944c6d005d7f5b8a3346163a5524c
Commit Graph

23954 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
136d25c416 Explicitly disable all DTLS options in tls13-only.h 
This makes no difference when starting from the default configuration. It
allows tls13-only.h to be used with other base configurations such as `full`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-01 19:49:58 +01:00
Gilles Peskine
7d3186d18a Disable MBEDTLS_SSL_RENEGOTIATION in tls13-only configuration 
There's no renegotiation in TLS 1.3, so this option should have no effect.
Insist on having it disabled, to avoid the risk of accidentally having
different behavior in TLS 1.3 if the option is enabled (as happened in
https://github.com/Mbed-TLS/mbedtls/issues/6200).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-01 19:47:23 +01:00
Dave Rodgman
f4385faa6f Merge pull request #7188 from paul-elliott-arm/interruptible_sign_hash_complete_after_start_fail 
Interruptible {sign|verify} hash - Call complete() after start() failure.
 2023-03-01 17:18:08 +00:00
Gabor Mezei
aeadc2d731 Apply naming convention 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-03-01 16:53:03 +01:00
Gabor Mezei
931fd646ff Use lower case hex number 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-03-01 16:50:00 +01:00
Dave Rodgman
6d6a720603 Protect against possible macro redefinition warning 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-01 15:09:40 +00:00
Paul Elliott
42585f678b Merge pull request #7176 from paul-elliott-arm/interruptible_sign_hash_verify_test_improvements 
Interruptible {sign|verify} hash verification test improvements
 2023-03-01 15:00:45 +00:00
Paul Elliott
ebf2e38662 Merge pull request #7177 from paul-elliott-arm/interruptible_sign_hash_improve_num_ops_testing 
Interruptible sign hash improve num ops testing
 2023-03-01 14:59:44 +00:00
Paul Elliott
de7c31e082 Improve comment wording 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-03-01 14:43:52 +00:00
Paul Elliott
d1cddff71a Merge pull request #7189 from daverodgman/armcc-fix 
Fix macro redefinition warning from armclang
 2023-03-01 11:59:26 +00:00
Przemek Stekiel
f5dcb8886a Rework pake input getters tests 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-01 12:28:21 +01:00
Gilles Peskine
1eae11565d Merge pull request #6949 from bensze01/replace_pkcs7_fuzzer_tests 
Replace fuzzer-generated PKCS #7 memory management tests
 2023-03-01 10:46:22 +01:00
Gilles Peskine
802ff1b116 Merge pull request #7147 from paul-elliott-arm/interruptible_sign_hash_codestyle_drivers 
Remove driver entry points for psa_{get|set}_max_ops()
 2023-03-01 10:46:09 +01:00
Dave Rodgman
914c632646 Whitespace 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-01 09:30:14 +00:00
Pengyu Lv
c6298ad46a Use parentheses to avoid executing the output 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-03-01 10:31:29 +08:00
Pengyu Lv
c2b1864ceb Revert "Check if the license server is available for armcc" 
This reverts commit 55c4fa4f41.

After discussion, We decided not to check the availability
of the license server for the impacts on CI and user usages.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-03-01 10:25:08 +08:00
Gabor Mezei
620f0dc850 Fix for 32-bit 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-28 18:42:33 +01:00
Gabor Mezei
08a94953e1 Apply naming convention for p224 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-28 18:40:57 +01:00
Dave Rodgman
e47899df20 Fix macro redefinition warning from armcc 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-28 17:39:03 +00:00
Paul Elliott
7c17308253 Add num_ops tests to sign and verify interruptible hash 
This is the only test usable for non-deterministic ECDSA, thus needs this
code path testing as well.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-28 17:23:29 +00:00
Paul Elliott
8359c14c14 Add hash corruption test to interruptible verify test 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-28 17:23:29 +00:00
Paul Elliott
c1e0400bac Add test to check not calling get_num_ops() 
Make sure that not calling get_num_ops() inbetweeen calls to complete() does
not mean that ops get lost (Regression test for previous fix).

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-28 17:20:14 +00:00
Paul Elliott
9e8819f356 Move 'change max_ops' test into ops tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-28 17:20:14 +00:00
Paul Elliott
5770224ef3 Rename max ops tests to ops tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-28 17:20:14 +00:00
Gilles Peskine
7e677fa2c5 Merge pull request #6389 from gilles-peskine-arm/ecdsa-use-psa-without-pkwrite 
Remove pkwrite dependency in pk using PSA for ECDSA
 2023-02-28 18:17:16 +01:00
Gilles Peskine
b52b788e55 Merge pull request #6895 from yuhaoth/pr/add-aes-with-armv8-crypto-extension 
Add AES with armv8 crypto extension
 2023-02-28 18:16:37 +01:00
Paul Elliott
587e780812 Test calling complete() after {sign|verify}_hash_start fails 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-28 17:13:39 +00:00
Gilles Peskine
e4616830b3 Merge pull request #7137 from lpy4105/issue/1785/ssl-test-script-fail 
compat.sh: Skip static ECDH cases if unsupported in openssl
 2023-02-28 18:11:39 +01:00
Dave Rodgman
17152df58d Merge pull request #7175 from paul-elliott-arm/interruptible_sign_hash_test_comments 
Interruptible sign hash test comments
 2023-02-28 17:09:43 +00:00
Gilles Peskine
ebb63420cc Merge pull request #7124 from oberon-microsystems/fix-test-output-length-on-success-only 
Fix test to check output length on PSA_SUCCESS only
 2023-02-28 18:09:33 +01:00
Bence Szépkúti
35d674a6ee Replace usage of echo -e in pkcs7 data Makefile 
This use of the shell builtin is not portable.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-02-28 17:01:21 +01:00
Dave Rodgman
ffb4dc38c8 Merge pull request #7183 from paul-elliott-arm/interruptible_sign_hash_test_max_ops_0 
Interruptible {sign|verify} hash : Change max_ops=min tests to use a value of zero.
 2023-02-28 15:56:01 +00:00
Bence Szépkúti
4a2fff6369 Fix expected error code 
This was overlooked during the rebase.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-02-28 16:40:27 +01:00
Paul Elliott
6a459f5de5 Merge pull request #7143 from paul-elliott-arm/interruptible_sign_hash_codestyle_wipeout 
Update psa_wipe_output_buffer() and change name to psa_wipe_tag_output_buffer()
 2023-02-28 15:34:06 +00:00
Paul Elliott
148903ca7d Merge pull request #7185 from paul-elliott-arm/interruptible_sign_hash_pacify_clang 
Interruptible {sign|verify} hash - Pacify Clang 15
 2023-02-28 15:31:15 +00:00
Jerry Yu
608e1093de Improve comment about conflicts between aesce and sha512-crypto 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-02-28 12:50:00 +08:00
Paul Elliott
15d7d43904 Pacify Clang 15 
Changes for interruptible {sign|verify} hash were not merged at the time of the
previous clang 15 /retval fixes, thus this fixes code added at that time.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-27 17:25:57 +00:00
Dave Rodgman
dd4427cc5b Merge pull request #7169 from AndrzejKurek/mpi-window-size 
Reduce the default MBEDTLS_ECP_WINDOW_SIZE value from 6 to 2
 2023-02-27 17:12:38 +00:00
Gabor Mezei
5afb80e00a Fix coding style issues 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-27 17:00:34 +01:00
Gabor Mezei
804cfd32ea Follow the naming convention 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-27 16:50:09 +01:00
Gabor Mezei
bf506361c4 Revert the illustration and remove unnecessary code 
This reverts commit 73e8553273.
Removes the second round of carry reduction from p224.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-27 16:37:32 +01:00
Gabor Mezei
73e8553273 Add comments to illustrate the second round of carry reduction is unnecessary 
The first round of carry reduction can not generate a carry thus the
secound round is not needed. The comments illustrating when the
carry is 1. The reduction is simmetric so the case when the carry is
-1 is similar.
The illustration is trying to calculate the input value starting with
setting the carry to 1 before the second round of the carry reduction.
It calculates backwords and tries to determine the value range of
each word. It ends up with a contradiction that A10 must have the
value of 0 and UINT32_MAX.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-27 16:32:42 +01:00
Gabor Mezei
98791e7781 Add more test cases for P224 testing 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-27 15:59:34 +01:00
Gabor Mezei
a835d20cde Add documentation 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-27 15:58:30 +01:00
Paul Elliott
ac2251dad1 Merge pull request #7076 from mprse/parse_RFC822_name 
Add parsing of x509 RFC822 name + test
 2023-02-27 14:16:13 +00:00
Paul Elliott
cd7e8bce03 Change max_ops=min tests to use zero 
Zero is the minimum value defined by the spec, just because the internal
implementation treats zero and one as the same thing does not mean that other
implementations will also do so.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-27 12:21:36 +00:00
Stephan Koch
5819d2c141 Feedback from Arm: guarantee that output_length <= output_size even on error, to reduce the risk that a missing error check 
escalates into a buffer overflow in the application code

Signed-off-by: Stephan Koch <koch@oberon.ch>
 2023-02-27 11:49:13 +01:00
oberon-sk
10c0f770ce asymmetric_encrypt: check output length only if return code is PSA_SUCCESS. 
Signed-off-by: Stephan Koch <koch@oberon.ch>
 2023-02-27 11:48:51 +01:00
Jerry Yu
fc2e128fc9 Fix grammar issues and remove useless code 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-02-27 11:16:56 +08:00
Paul Elliott
c2033502f5 Give edge case tests a better name 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-26 18:47:58 +00:00