1f10807837
Disable pk in the PSA service config build
...
It's not needed as a feature. It gets reenabled automatically in
build_info.h like pk_write and pk_parse, but that's an implementation
detail.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-10-25 21:02:56 +02:00
78bffd1ff5
Fix spelling of a disabled option
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-10-25 21:02:33 +02:00
93dcb1ba8d
Update TLS 1.3 support document
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2022-10-25 20:02:09 +02:00
eac00ad2a6
tls13: server: Note down client not being authenticated in SSL context
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2022-10-25 20:02:03 +02:00
744fd37d23
Merge pull request #6467 from davidhorstmann-arm/fix-unusual-macros-0
...
Fix unusual macros
2022-10-25 19:55:29 +02:00
a709a0f2c6
tls13: Declare PSK ephemeral key exchange mode first
...
In the PSK exchange modes extension declare first
PSK ephemeral if we support both PSK ephemeral
and PSK. This is aligned with our implementation
giving precedence to PSK ephemeral over pure PSK
and improve compatibility with GnuTLS.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2022-10-25 19:05:26 +02:00
93003d87a9
Split out testing of core_add and core_add_if per Janos' request
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2022-10-25 17:01:19 +01:00
37ca3a9acd
Moved tests from test_suite_bignum to test_suite_bignum_core
...
This patch moves the following tests to test_suite_bignum_core:
* `mbedtls_mpi_core_get_mont_r2_unsafe_neg()`
* `mbedtls_mpi_core_get_mont_r2_unsafe()`
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2022-10-25 16:56:08 +01:00
dd0c8f9c26
tls13-kex-modes.sh: Remove unnecessary GnuTLS option
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2022-10-25 17:35:50 +02:00
6469fdfb0a
Fix whitespace issue spotted in review
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2022-10-25 16:29:58 +01:00
82f131063a
Update documentation following review comment
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2022-10-25 16:29:58 +01:00
eee0d6ce6b
Extend the unit tests for mbedtls_mpi_core_add_if() to also test mbedtls_mpi_core_add()
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2022-10-25 16:29:58 +01:00
af7d44b4d2
Tidy up, remove MPI_CORE(), apply the naming convention, and use the new mbedtls_mpi_core_add()
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2022-10-25 16:29:58 +01:00
c98871339d
Extract MPI_CORE(add) from the prototype
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2022-10-25 16:29:58 +01:00
a081c51cd3
Renamed mpi_core_get_mont_R2_unsafe_neg -> mpi_core_get_mont_r2_unsafe_neg
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2022-10-25 15:12:38 +01:00
51d638baf6
bignum_core: Style update
...
'mbedtls_mpi_core_get_mont_R2_unsafe' aligns const
keyword to match the style of the rest of the module.
Documentation is also updated to remove
`MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED`.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2022-10-25 15:12:38 +01:00
ae4fb671b4
mbedtls_mpi_core_get_mont_R2_unsafe: Removed NULL input checking
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2022-10-25 15:12:38 +01:00
e1913a8da8
test_suite_bignum: Updated test cases for mbedtls_mpi_core_get_mont_R2_unsafe
...
This patch adds tests for 192 and 2048 bits inputs.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2022-10-25 15:12:31 +01:00
b9243ef231
test_suite_bignum: Fixed whitespace issues
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2022-10-25 15:12:23 +01:00
b85506e250
bignum_core.h: Comment update for mbedtls_mpi_core_get_mont_R2_unsafe
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2022-10-25 15:12:23 +01:00
4f43f61c6a
Renamed mbedtls_mpi_get_montgomery_constant_unsafe to mpi_core_get_mont_R2_unsafe
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2022-10-25 15:12:23 +01:00
1a1b175554
test_suite_bignum: Added tests for mpi_get_montgomery_constant_unsafe()
...
This patch adds the test for the method calculating the RR. The input/expected
data are generated manually using the following Python3 snippet:
~~~~~
import math
title="mpi_get_montgomery_constant_unsafe"
tt = title + " #{}"
in_data = [ "0f", ... ]
def limb_no(number, bil=64):
return int(math.ceil(int.bit_length(number)/(bil * 1.0)))
def calc_rr(number, bil=64 ):
return '{:x}'.format(pow(pow(2, limb_no(number, bil) * bil), 2, number))
def calc_rr_str(number, prefix=""):
rr64 = calc_rr(number)
rr32 = calc_rr(number, bil=32)
return '{}:"{:x}":"{}":"{}"'.format(prefix,number, rr32, rr64)
print("\n\n".join(["{}\n{}".format(tt.format(in_data.index(v)+1), calc_rr_str(int(v,base=16), title)) for v in in_data]))
~~~~~
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2022-10-25 15:12:01 +01:00
ec440f2397
bignum_mod_raw: Ported mbedtls_mpi_get_montgomery_constant_unsafe from prototype
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2022-10-25 15:08:08 +01:00
383b0bbea0
Merge pull request #6461 from tom-cosgrove-arm/fix-mbedtls_mpi_mod_modulus_init-calls-in-tests
...
mbedtls_mpi_mod_modulus_init() must be called before any 'goto exit' in tests
2022-10-25 13:40:17 +02:00
3a334c2edc
Minor improvements to ssl_tls12_server.c
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-10-25 10:53:44 +01:00
7aee0ec0ba
Minor improvements in ssl_client.c
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-10-25 10:38:25 +01:00
6e11687ba5
Minor improvements to ecp.c changes
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-10-25 10:32:08 +01:00
9b0eb90131
Rename ARIA_SELF_TEST_IF_FAIL
...
Change to ARIA_SELF_TEST_ASSERT
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-10-25 10:23:34 +01:00
059848ff23
Minor changes to asn1write.c
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-10-25 10:16:45 +01:00
65fc0de894
Improve the prerequisites for early data
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-25 09:08:57 +00:00
e5a715e8c0
Merge pull request #6449 from gilles-peskine-arm/bignum-core-shift_r
...
Bignum core: shift_r
2022-10-25 10:40:39 +02:00
af8ea3f738
Merge pull request #6468 from gilles-peskine-arm/bignum-test-suite-names
...
Rename test_suite_bignum for consistency
2022-10-25 10:40:29 +02:00
d69d06fffa
Improve format issue
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-25 06:51:25 +00:00
95a0730f17
Change prerequisites of MBEDTLS_SSL_EARLY_DATA and add related check
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-25 05:34:48 +00:00
72de95dcf5
Move function mbedtls_ssl_tls13_conf_early_data to ssl_tls.c
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-25 05:34:25 +00:00
600804b0e7
Remove useless early data related macros for the time being
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-25 03:00:18 +00:00
54413b10c2
Add early data support preparatory work
...
Add MBEDTLS_SSL_EARLY_DATA configuration option
Define early_data_enabled field in mbedtls_ssl_config
Add function mbedtls_ssl_conf_early_data
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-25 03:00:18 +00:00
2c7993c456
depends.py: add a config option to unset MBEDTLS_USE_PSA
...
This lets us perform any test without MBEDTLS_USE_PSA
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-10-24 15:56:10 -04:00
409248a73a
mbedtls_ssl_get_handshake_transcript is unusable without hashes
...
Mark unused variables when compiling without
SHA256 and SHA384. In future a proper dependency
will be added to TLS 1.2 to enforce either of these hashes
to be on.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-10-24 15:56:10 -04:00
57d1063db9
Fix tls_prf generic dependencies
...
One version was already surrounded by the USE_PSA define,
so the VIA_XX_OR_XX macros were removed;
Second version is when USE_PSA is undefined, so MBEDTLS_
macros can be used.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-10-24 15:56:10 -04:00
468c50656e
Fix key exchange dependencies for ssl_parse_server_ecdh_params
...
Resulting from particular configs in which this code is used.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-10-24 15:55:18 -04:00
2012361ae6
Merge pull request #6448 from ronald-cron-arm/tls13-kex-build-options
...
TLS 1.3 Introduce and use key exchange mode config options
2022-10-24 15:21:37 +02:00
3f44e5b11a
Refactor macro-spanning if in ssl_server2.c
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-10-24 13:12:19 +01:00
f160ef1dd1
Refactor macro-spanning if in ssl_client2.c
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-10-24 13:11:38 +01:00
ab0451bc2c
Fix build command in test_psa_crypto_config_reference_hash_use_psa
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-10-24 11:29:35 +02:00
72ef7c0390
Merge pull request #6463 from AndrzejKurek/fix-crypo-typo
...
Fix a typo and dependencies in test_suite_cipher.[aes|gcm|ccm]
2022-10-24 11:06:22 +02:00
4c89542086
Merge pull request #6465 from mpg/pr-template-changelog
...
Make ChangeLog more visible in PR template
2022-10-24 10:46:31 +02:00
c86dedfdc1
Fix code style
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-10-24 09:16:04 +02:00
58bbc23ca3
Use coverage analyze as default task
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-10-24 08:10:10 +02:00
7f9ddb584a
Merge branch 'Mbed-TLS:development' into ssl_client2-add-build-version
2022-10-24 12:19:39 +08:00
