0fe6631486
Merge pull request #6291 from gilles-peskine-arm/platform.h-unconditional-3.2
...
Include platform.h unconditionally
2022-10-13 10:19:22 +02:00
28af501cae
Fix the ticket_lifetime equal to 0 issue
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-13 08:18:19 +00:00
072fad12d9
Disable MBEDTLS_SSL_TICKET_C in aead driver test.
...
MBEDTLS_SSL_TICKET_C depends now on: MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C.
All features are disabled in this config.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-10-13 09:59:52 +02:00
2aa5af9bec
Merge pull request #6403 from mpg/print-failed-suites
...
Print the list of failed suites in verbose mode
2022-10-13 09:59:45 +02:00
126bf8e4d7
Address some comments
...
Delete reference immediately after shallow copy
Fix format issues
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-13 02:57:15 +00:00
7dbfed3b44
Improve wording re: PSA Crypto
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2022-10-12 17:27:32 +01:00
b319684bca
Additional updates to docs links
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2022-10-12 16:47:08 +01:00
7c195160df
Update documentation links
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2022-10-12 16:27:14 +01:00
997669aeeb
Fix heap use-after-free corruption issue
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 14:30:27 +00:00
307a7303fd
Rebase and replace session_negotiate
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:14:32 +00:00
baa4764d77
Fix typo issues
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:06:51 +00:00
8730644da1
Move ticket and hostname set code just after shallow-copy
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:06:51 +00:00
ed3afcd6c3
Fix various typo and macro guards issues
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:06:51 +00:00
ed0620cb13
Refine code base on comments
...
Move code to proper macro guards protection
Fix typo issues
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:06:51 +00:00
03409290d2
Add MBEDTLS_SSL_SESSION_TICKETS guard to server name check
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:06:51 +00:00
d7adc374d3
Refine the server name compare logic
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:06:51 +00:00
a3b451f950
Adress kinds of comments base on review
...
Rename function name to mbedtls_ssl_session_set_hostname
Add two extra check cases for server name
Fix some coding styles
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:06:51 +00:00
2f9efd3038
Address comments base on review
...
Change function name to ssl_session_set_hostname()
Remove hostname_len
Change hostname to c_string
Update test cases to multi session tickets
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:06:49 +00:00
bc663a0461
Refine code based on commnets
...
Change code layout
Change hostname_len type to size_t
Fix various issues
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:06:01 +00:00
adf84a4a8c
Remove public api mbedtls_ssl_reset_hostname()
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:05:11 +00:00
fb8ac46add
Change the name of servername when re-connect
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:03:44 +00:00
be98f96de2
Remove useless hostname check in server side
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:03:44 +00:00
6af2a6da74
Fix session save-load overflow issue
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:03:44 +00:00
ecd7528c7f
Address some comments
...
Hostname_len has at least one byte
Change structure serialized_session_tls13
Fix various issues
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:03:44 +00:00
281fd1bdd8
Add server name check when proposeing pre-share key
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2022-10-12 11:03:41 +00:00
8fd3254cfc
Merge pull request #6374 from mprse/enc_types
...
Test TLS 1.2 builds with each encryption type
2022-10-12 12:45:50 +02:00
78317c832b
Merge pull request #6327 from yuhaoth/pr/tls13-psk-after-session-tickets
...
TLS 1.3: PSK and NewSessionTicket: Add support for sending PSK and Ticket together.
2022-10-12 12:39:51 +02:00
ea37bb2403
Add changelog entry
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-10-12 11:17:41 +02:00
ee1bb4145f
Make sure that disabled features are not included in image and fix test config
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-10-12 10:15:59 +02:00
fcee740b83
Automatically enable PK_PARSE for RSA in PSA
...
PSA crypto currently needs MBEDTLS_PK_PARSE_C to parse RSA keys to do almost
anything with them (import, get attributes, export public from private, any
cryptographic operations). Force it on, for symmetry with what we're doing
for MBEDTLS_PK_WRITE_C. Fixes #6409 .
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-10-11 21:15:24 +02:00
aef1ba679d
Add build with a typical configuration for a PSA crypto service
...
Disable non-crypto features that can't be called through the PSA API, as
well as algorithms that have no PSA interface.
This serves as a non-regression test for #6408 and #6409 .
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-10-11 21:09:21 +02:00
fd94304f9d
PSA RSA needs pk_write
...
The PSA crypto code needs mbedtls_pk_write_key_der() and
mbedtls_pk_write_pubkey() when using RSA without drivers. We were already
forcing MBEDTLS_PK_WRITE_C when MBEDTLS_USE_PSA_CRYPTO is enabled. Do so
also when MBEDTLS_PSA_CRYPTO_C is enabled as well as MBEDTLS_RSA_C, even
without MBEDTLS_USE_PSA_CRYPTO. Fixes #6408 .
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-10-11 21:09:12 +02:00
58e5d804ee
test_suite_pk: Add missing dependencies on MBEDTLS_PEM_PARSE_C
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-10-11 20:57:38 +02:00
d23d8dee24
test_suite_dhm: Add missing dependencies on MBEDTLS_PEM_PARSE_C
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-10-11 20:57:21 +02:00
9624a5932e
Add mbedtls_dhm_parse_dhmfile test case with DER input
...
dh.optlen.der is the result of converting dh.optlen.pem from PEM to DER.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-10-11 20:52:34 +02:00
301e866f55
Merge pull request #6398 from gilles-peskine-arm/bignum-mbedtls_test_read_mpi_core-char
...
mbedtls_test_read_mpi_core: support an odd number of hex digits
2022-10-11 15:08:06 +01:00
c79742303d
Remove unnecessary empty line and fix format issue
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-10-11 21:22:33 +08:00
74b748dafe
Merge pull request #6401 from gilles-peskine-arm/config.py-python-version-development
...
Add a note that config.py must remain compatible with Python 3.4
2022-10-11 12:57:19 +02:00
22c18c1432
Add NULL check in prepare hello
...
`session_negotiate` is used directly in `ssl_prepare_client_hello`
without NULL check. Add the check in the beggining to avoid segment
fault.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-10-11 18:07:19 +08:00
c2bfaf00d9
fix wrong typo
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-10-11 18:07:19 +08:00
ac6c67053d
Print the list of failed suites in verbose mode
...
In verbose mode, the full output of each failing suite is printed out,
which for some suites runs in the 1000s of lines. If you didn't redirect
output to a file, this is a lot to scroll and can make it hard to
quickly identify which test suites failed.
So, let's print out that information at the end. This is useful
information for starting to figure out what went wrong.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2022-10-11 10:48:32 +02:00
d61a4d3d1a
Fix missing guard and double-space
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-10-11 09:40:40 +02:00
b50e433b66
Test mbedtls_mpi_core_bitlen
...
Copy the test data for mbedtls_mpi_bitlen except for 0-length and negative cases.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-10-10 23:03:47 +02:00
e943283f2f
More mbedtls_mpi_bitlen test cases
...
* with leading zero limb
* with trailing zero limb
* negative
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-10-10 23:03:47 +02:00
24baa81043
Improve mbedtls_mpi_bitlen test descriptions
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-10-10 23:03:47 +02:00
c5772a194e
mbedtls_test_read_mpi_core: allow odd number of hex digits
...
Test functions must now take a char* argument rather than data_t*. This does
not affect existing test data.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-10-10 23:03:47 +02:00
cf42536d4e
Add a note that config.py must remain compatible with Python 3.4
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-10-10 22:52:30 +02:00
6eaa75a79d
fixed docstring sentence
...
Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com >
2022-10-10 19:55:40 +02:00
1b5c85c75b
Merge pull request #6386 from gilles-peskine-arm/bignum-mbedtls_test_read_mpi_core
...
Introduce mbedtls_test_read_mpi_core
2022-10-10 15:14:46 +01:00
4f77ecf409
disable session resumption when ticket expired
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-10-10 22:10:08 +08:00
