Valerio Setti 
							
						 
					 
					
						
						
							
						
						d38480b0e0 
					 
					
						
						
							
							test_suite_pk: reshape pk_psa_sign()  
						
						... 
						
						
						
						The behavior of the functions is kept intact. Changes concern:
- generate the initial PK context using PSA parameters only; this
  allows to remove 1 input parameter for the test function.
- add/fix comments.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no > 
						
						
					 
					
						2024-03-19 15:55:32 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						b2b9068264 
					 
					
						
						
							
							Merge pull request  #8942  from valeriosetti/fix-null-dereference  
						
						... 
						
						
						
						[Bugfix] Fix null dereference in `mbedtls_pk_verify_ext()` 
						
						
					 
					
						2024-03-19 10:47:29 +00:00 
						 
				 
			
				
					
						
							
							
								Valerio Setti 
							
						 
					 
					
						
						
							
						
						da47518554 
					 
					
						
						
							
							test_suite_pk: always test verify_ext with opaque keys in pk_psa_wrap_sign_ext()  
						
						... 
						
						
						
						Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no > 
						
						
					 
					
						2024-03-19 09:54:46 +01:00 
						 
				 
			
				
					
						
							
							
								Valerio Setti 
							
						 
					 
					
						
						
							
						
						d59caf4e51 
					 
					
						
						
							
							test_suite_pk: extend pk_psa_wrap_sign_ext()  
						
						... 
						
						
						
						Try to perform verify_ext() using the opaque context when the
key type is MBEDTLS_PK_RSASSA_PSS. This currently leads to a
crash while running the test suite and this will be fixed by
the next commit.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no > 
						
						
					 
					
						2024-03-18 16:20:14 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						d2cb7f4268 
					 
					
						
						
							
							all.sh: Add TLS 1.2 only component  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-18 13:07:00 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						46ac0658cf 
					 
					
						
						
							
							all.sh: Adapt/Fix some components  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-18 13:06:59 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						a3f385d1a8 
					 
					
						
						
							
							all.sh: Disable TLS 1.3 when pre-requisites are not meet  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-18 13:06:59 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						1053da8bf0 
					 
					
						
						
							
							Merge pull request  #8921  from gilles-peskine-arm/pk_import_into_psa-test-lifetime  
						
						... 
						
						
						
						pk_import_into_psa: test persistent keys 
						
						
					 
					
						2024-03-18 10:00:00 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Elliott 
							
						 
					 
					
						
						
							
						
						78064ac9e0 
					 
					
						
						
							
							Merge pull request  #8901  from paul-elliott-arm/make_psa_global_data_safe  
						
						... 
						
						
						
						Make PSA global_data thread safe 
						
						
					 
					
						2024-03-15 19:50:01 +00:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						a457633034 
					 
					
						
						
							
							Merge pull request  #8911  from waleed-elmelegy-arm/check-alpn-when-receiving-early-data  
						
						... 
						
						
						
						Check ALPN when receiving early data 
						
						
					 
					
						2024-03-15 15:29:28 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						62ac993d89 
					 
					
						
						
							
							Merge pull request  #8918  from ronald-cron-arm/improve-tls-srv-version-nego-testing  
						
						... 
						
						
						
						TLS: Improve server version negotiation testing 
						
						
					 
					
						2024-03-15 14:29:56 +00:00 
						 
				 
			
				
					
						
							
							
								Bence Szépkúti 
							
						 
					 
					
						
						
							
						
						567591eec7 
					 
					
						
						
							
							Merge pull request  #8923  from bensze01/drop-old-compilers  
						
						... 
						
						
						
						Drop Support for MSVC 2013, 2015 and Arm Compiler 5 
						
						
					 
					
						2024-03-15 12:56:21 +00:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						a69572b437 
					 
					
						
						
							
							pk_import_into_psa: test persistent keys  
						
						... 
						
						
						
						Test the behavior of mbedtls_pk_get_psa_attributes() and
mbedtls_pk_import_into_psa() with respect to lifetime. In particular, test
that they work with persistent keys as documented.
Test cases generated by the following script:
```
for old in [('transparent', '0:0:1'),
            ('opaque volatile [export]', '1:0:1'),
            ('opaque volatile [copy]', '1:0:0'),
            ('opaque persistent [export]', '1:1:1'),
            ('opaque persistent [copy]', '1:1:0')]:
    for to_public in [('pair', '0'),
                      ('public', '1')]:
        for to_persistent in [('volatile', '0'),
                              ('persistent', '1')]:
            depends = ('\ndepends_on:MBEDTLS_USE_PSA_CRYPTO'
                       if old[0].startswith('opaque')
                       else '')
            print(f"""\
PSA import into PSA: {old[0]} -> {to_persistent[0]} {to_public[0]}{depends}
pk_import_into_psa_lifetime:{old[1]}:{to_public[1]}:{to_persistent[1]}
""")
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-03-15 13:25:28 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						0edef1cf6d 
					 
					
						
						
							
							Merge pull request  #8914  from ronald-cron-arm/resumption-early-data-compat-tests  
						
						... 
						
						
						
						TLS 1.3: Resumption and early data compatibility tests 
						
						
					 
					
						2024-03-15 12:22:25 +00:00 
						 
				 
			
				
					
						
							
							
								Waleed Elmelegy 
							
						 
					 
					
						
						
							
						
						4dfb0e7c90 
					 
					
						
						
							
							Add ALPN checking when accepting early data  
						
						... 
						
						
						
						Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com > 
						
						
					 
					
						2024-03-15 12:12:15 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Elliott 
							
						 
					 
					
						
						
							
						
						44ccc8764b 
					 
					
						
						
							
							Merge pull request  #8924  from Ryan-Everett-arm/threading-same-key-tests  
						
						... 
						
						
						
						Add testing for concurrently loading/using/destroying the same key 
						
						
					 
					
						2024-03-15 10:24:44 +00:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						6bee910dbd 
					 
					
						
						
							
							Merge pull request  #8858  from waleed-elmelegy-arm/add_alpn_to_session  
						
						... 
						
						
						
						Add ALPN information in session tickets 
						
						
					 
					
						2024-03-15 09:50:24 +00:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						dd2dc1578a 
					 
					
						
						
							
							ssl-opt.sh: Add m->m resumption and early data tests  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-15 10:21:40 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						e739892cf8 
					 
					
						
						
							
							ssl-opt.sh: Rework m->m resumption tests  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-15 10:21:35 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						3cf41457ee 
					 
					
						
						
							
							ssl-opt.sh: Move m->m resumption tests  
						
						... 
						
						
						
						Move m->m resumption tests just
before resumption and early data tests
against GnuTLS and OpenSSL.
Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-15 09:41:03 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						820199a2ef 
					 
					
						
						
							
							ssl-opt.sh: Rework O->m placeholder test  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-14 20:04:07 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						1ccd7a72c8 
					 
					
						
						
							
							ssp-opt.sh: Expand G->m resumption and early data tests  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-14 20:04:07 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						854df135ab 
					 
					
						
						
							
							ssl-opt.sh: Group TLS 1.3 resumption and early data G->m tests  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-14 20:04:07 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						00fa13bf78 
					 
					
						
						
							
							ssl-opt.sh: Rework m->O resumption and early data tests  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-14 20:04:07 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						47d4a52483 
					 
					
						
						
							
							ssl-opt.sh: Remove m->O early data test based on external PSK  
						
						... 
						
						
						
						Eventually we do not support early data with
external PSK thus no point to do a positive
test on that basis.
Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-14 20:04:07 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						05210086c0 
					 
					
						
						
							
							ssl-opt.sh: Expand m->G resumption and early data tests  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-14 20:04:07 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						c893779bb5 
					 
					
						
						
							
							ssl-opt.sh: Remove redundant early data test  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-14 20:04:07 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						c8d604d0a1 
					 
					
						
						
							
							ssl-opt.sh: Group TLS 1.3 resumption and early data m->G tests  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-14 20:04:07 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						f1ad73f6ca 
					 
					
						
						
							
							ssl-opt.sh: Group TLS 1.3 resumption and early data compat tests  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-14 20:04:05 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						74191a56e8 
					 
					
						
						
							
							ssl_server2: Split early data enablement from max_early_data_size setting  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-14 20:00:42 +01:00 
						 
				 
			
				
					
						
							
							
								Ryan Everett 
							
						 
					 
					
						
						
							
						
						e1b50f38e4 
					 
					
						
						
							
							Document unsupported concurrency scenario in psa_exercise_key  
						
						... 
						
						
						
						Signed-off-by: Ryan Everett <ryan.everett@arm.com > 
						
						
					 
					
						2024-03-14 17:51:09 +00:00 
						 
				 
			
				
					
						
							
							
								Ryan Everett 
							
						 
					 
					
						
						
							
						
						6de38ac91c 
					 
					
						
						
							
							Add missing PSA_ASSERT in mbedtls_test_psa_raw_key_agreement_with_self  
						
						... 
						
						
						
						Signed-off-by: Ryan Everett <ryan.everett@arm.com > 
						
						
					 
					
						2024-03-14 17:50:39 +00:00 
						 
				 
			
				
					
						
							
							
								Ryan Everett 
							
						 
					 
					
						
						
							
						
						3de040f62d 
					 
					
						
						
							
							Use TEST_FAIL in threaded tests  
						
						... 
						
						
						
						Signed-off-by: Ryan Everett <ryan.everett@arm.com > 
						
						
					 
					
						2024-03-14 17:50:06 +00:00 
						 
				 
			
				
					
						
							
							
								Ryan Everett 
							
						 
					 
					
						
						
							
						
						6c488709d6 
					 
					
						
						
							
							Fix typo in thread_import_key  
						
						... 
						
						
						
						Signed-off-by: Ryan Everett <ryan.everett@arm.com > 
						
						
					 
					
						2024-03-14 17:49:44 +00:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						7b333f1e88 
					 
					
						
						
							
							Merge pull request  #8913  from ronald-cron-arm/tls13-ticket-lifetime  
						
						... 
						
						
						
						TLS 1.3: Enforce ticket maximum lifetime and discard tickets with 0 lifetime 
						
						
					 
					
						2024-03-14 15:59:25 +00:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						1c5ebf4352 
					 
					
						
						
							
							Merge pull request  #8697  from BensonLiou/random_bye_on_hrr  
						
						... 
						
						
						
						Do not generate new random number while receiving HRR 
						
						
					 
					
						2024-03-14 15:59:21 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						e7c08af465 
					 
					
						
						
							
							Merge pull request  #8575  from lpy4105/issue/wrong-suite-name-in-check_test_cases_py  
						
						... 
						
						
						
						Fix wrong suite name in check_test_cases.py 
						
						
					 
					
						2024-03-14 15:31:27 +00:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						0a8abdea8b 
					 
					
						
						
							
							Update wrapper generation script and regenerate  
						
						... 
						
						
						
						Update the guards generated by the wrapper generation script to use
!MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS and regenerate the PSA test
wrappers.
Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2024-03-14 14:47:48 +00:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						4a48becdba 
					 
					
						
						
							
							Invert and rename config option  
						
						... 
						
						
						
						Replace MBEDTLS_PSA_COPY_CALLER_BUFFERS with inverse:
!MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS. This ensures that buffer
protection is enabled by default without any change to the Mbed TLS
config file.
Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2024-03-14 14:47:48 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						93071cfeec 
					 
					
						
						
							
							Merge pull request  #8920  from valeriosetti/issue8919  
						
						... 
						
						
						
						Generalize some PK functions from MBEDTLS_PSA_CRYPTO_C to MBEDTLS_PSA_CRYPTO_CLIENT 
						
						
					 
					
						2024-03-14 11:32:23 +00:00 
						 
				 
			
				
					
						
							
							
								BensonLiou 
							
						 
					 
					
						
						
							
						
						719c2ed9cb 
					 
					
						
						
							
							Bugfix  
						
						... 
						
						
						
						* In TLS 1.3 clients, fix an interoperability problem due to the client
     generating a new random after a HelloRetryRequest. Fixes  #8669 .
Signed-off-by: BensonLiou <momo1208@gmail.com > 
						
						
					 
					
						2024-03-14 11:47:38 +08:00 
						 
				 
			
				
					
						
							
							
								BensonLiou 
							
						 
					 
					
						
						
							
						
						3720809d19 
					 
					
						
						
							
							Merge branch 'development' into random_bye_on_hrr  
						
						... 
						
						
						
						Signed-off-by: BensonLiou <momo1208@gmail.com > 
						
						
					 
					
						2024-03-14 11:44:21 +08:00 
						 
				 
			
				
					
						
							
							
								BensonLiou 
							
						 
					 
					
						
						
							
						
						368debd384 
					 
					
						
						
							
							Merge branch 'development' of  https://github.com/Mbed-TLS/mbedtls  into random_bye_on_hrr  
						
						
						
						
					 
					
						2024-03-14 11:42:25 +08:00 
						 
				 
			
				
					
						
							
							
								Waleed Elmelegy 
							
						 
					 
					
						
						
							
						
						5bc5263b2c 
					 
					
						
						
							
							Add code improvments and refactoring in dealing with ALPN  
						
						... 
						
						
						
						Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com > 
						
						
					 
					
						2024-03-13 16:50:01 +00:00 
						 
				 
			
				
					
						
							
							
								Waleed Elmelegy 
							
						 
					 
					
						
						
							
						
						883f77cb08 
					 
					
						
						
							
							Add mbedtls_ssl_session_set_alpn() function  
						
						... 
						
						
						
						Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com > 
						
						
					 
					
						2024-03-13 16:50:01 +00:00 
						 
				 
			
				
					
						
							
							
								Waleed Elmelegy 
							
						 
					 
					
						
						
							
						
						2824a209bc 
					 
					
						
						
							
							Add ALPN information in session tickets  
						
						... 
						
						
						
						Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com > 
						
						
					 
					
						2024-03-13 16:50:01 +00:00 
						 
				 
			
				
					
						
							
							
								Ryan Everett 
							
						 
					 
					
						
						
							
						
						f111f35478 
					 
					
						
						
							
							Add test cases for concurrently_use_same_persistent_key  
						
						... 
						
						
						
						There is a 1-1 correlation between these test cases and the test cases for import_and_exercise_key.
Signed-off-by: Ryan Everett <ryan.everett@arm.com > 
						
						
					 
					
						2024-03-13 14:31:11 +00:00 
						 
				 
			
				
					
						
							
							
								Ryan Everett 
							
						 
					 
					
						
						
							
						
						50619991c8 
					 
					
						
						
							
							Add test function for concurrently using the same persistent key  
						
						... 
						
						
						
						The thread functions can also be used in future tests for other key types
and other test scenarios
Signed-off-by: Ryan Everett <ryan.everett@arm.com > 
						
						
					 
					
						2024-03-13 14:31:11 +00:00 
						 
				 
			
				
					
						
							
							
								Ryan Everett 
							
						 
					 
					
						
						
							
						
						fbf815d9cb 
					 
					
						
						
							
							Add key_destroyable parameter to key export smoke tests  
						
						... 
						
						
						
						These are only called from mbedtls_test_psa_exercise_key
Signed-off-by: Ryan Everett <ryan.everett@arm.com > 
						
						
					 
					
						2024-03-13 14:31:11 +00:00 
						 
				 
			
				
					
						
							
							
								Ryan Everett 
							
						 
					 
					
						
						
							
						
						73e4ea37f4 
					 
					
						
						
							
							Add key_destroyable parameter to non-raw key agreement smoke tests  
						
						... 
						
						
						
						All current usages have this parameter set to 0 (this means the tests are unchanged).
Remove the GENERIC_ERROR return behaviour, in favour of returning the actual status.
Signed-off-by: Ryan Everett <ryan.everett@arm.com > 
						
						
					 
					
						2024-03-13 14:31:11 +00:00