1
0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-14 20:01:00 +03:00
Commit Graph

28106 Commits

Author SHA1 Message Date
a765eaa33e test_driver_extension: fix acceleration support for CCM and CCM*
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:18:14 +01:00
51d5b196a1 all.sh: accelerate also CCM* in test_psa_crypto_config_accel_cipher_aead
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:16:46 +01:00
bdfecb6a83 all.sh: add test components for no-CCM and no-CCM*
The idea is to show that there is no more any dependency between
the two symbols:

- component_test_full_no_ccm() keeps ALG_CCM_STAR_NO_TAG enabled,
  disables ALG_CCM and ensures that the latter does not get
  re-enabled accidentally

- test_full_no_ccm_star_no_tag() keeps ALG_CCM enabled and disables
  ALG_CCM_STAR_NO_TAG and ensures that the latter does not get
  re-enabled accidentally

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:16:37 +01:00
c2d68f5611 adjust_legacy_from_psa: treat CCM and CCM* separately
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:16:37 +01:00
cab5eff98c adjust_config_synonyms: make CCM and CCM* indipendent
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:16:37 +01:00
bce640b7e3 Merge pull request #8499 from valeriosetti/issue8488
Clean up libtestdriver1 config: unconditonal removals
2023-11-15 04:25:14 +00:00
cba4091581 Merge pull request #8516 from mschulz-at-hilscher/fixes/divided-assembler-syntax-error-gcc493
Fixes invalid default choice of thumb assembler syntax.
2023-11-14 17:57:37 +00:00
752dd39a69 Merge pull request #8508 from valeriosetti/issue6323
[G3] Driver-only cipher+aead: TLS: ssl-opt.sh
2023-11-14 11:39:06 +00:00
e94525bd17 Updated comments.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-13 14:01:02 +01:00
35842f52f2 Simplified check.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-13 13:57:05 +01:00
04c85e146c ssl-opt: fix wrong CCM dependencies with GCM
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-13 10:54:05 +01:00
c747306848 all.sh: remove redundant make in test_psa_crypto_config_accel_cipher_aead()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-13 10:51:52 +01:00
ca8981c1ee Added proposed fixes
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-13 10:04:19 +01:00
cf582df426 Merge pull request #8498 from mpg/legacy-deps-psa-tests
Remove legacy dependencies from PSA tests
2023-11-13 08:16:30 +00:00
08ea9bfa1f Merge pull request #8487 from yanrayw/issue/6909/rename_tls13_conf_early_data
TLS 1.3: Rename early_data and max_early_data_size configuration function
2023-11-10 19:35:46 +00:00
b827eb25f1 Merge pull request #8502 from valeriosetti/issue8417
[G3] Disable cipher.c in the accel component
2023-11-10 09:58:36 +00:00
9f164f0103 all.sh: more comments in check_test_cases()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 10:16:06 +01:00
5c6f787caa all.sh: robustness improvement
The original pattern would catch any extension, which could include
things like editor backup files etc, that we'd rather ignore.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 10:04:22 +01:00
a742337ef6 all.sh: add diff to can_keep_going_after_failure
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 09:58:31 +01:00
73d053123f ssl-opt: set proper cipher dependencies in tests using ticket_aead parameters
Check either legacy or PSA symbols based on USE_PSA_CRYPTO

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:27:45 +01:00
38e75fb1a7 ssl_server2: remove usage of mbedtls_cipher_info_from_string()
This removes the dependency from cipher module and legacy key/modes
symbols which are used in cipher_wrap.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:27:39 +01:00
01c4fa3e88 ssl: move MBEDTLS_SSL_HAVE internal symbols to ssl.h
This is useful to properly define MBEDTLS_PSK_MAX_LEN when
it is not defined explicitly in mbedtls_config.h

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:12:07 +01:00
dd43d7b3a4 ssl-opt: set proper dependencies on tests with encrypted server5 key
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:12:07 +01:00
f941455e3b all.sh: enable ssl-opt testing in psa_crypto_config_[accel/reference]_cipher_aead
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:12:07 +01:00
ec9b25877f all.sh: disable CIPHER_C in test_psa_crypto_config_accel_cipher_aead
Extra features that depend on CIPHER_C are disabled also in the
reference component in order to get test parity.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:08:43 +01:00
2e068cef09 fixes invalid default choice of thumb assembler syntax.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-09 15:25:52 +01:00
7d7ce0e66a Merge pull request #8495 from lpy4105/issue/6322/driver-only-cipher_aead-tls
[G3] Driver-only cipher+aead: TLS: main test suite
2023-11-09 11:10:34 +00:00
6cdfe9d51f tls1.3: early data: rephrase ChangeLog
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-09 16:00:39 +08:00
4dec9ebdc2 Merge pull request #8378 from mschulz-at-hilscher/fixes/issue-8377
Fixes "CSR parsing with critical fields fails"
2023-11-08 18:07:04 +00:00
c75ee77dbb Merge pull request #8439 from yuhaoth/pr/add-test-suite-parameter-to-ssl-opt
Add test-suite parameter to filter tests
2023-11-08 18:05:44 +00:00
b97058e2d5 Merge pull request #8496 from ronald-cron-arm/remove-cocci-files
Remove unused *.cocci files
2023-11-08 18:05:13 +00:00
0d22539de0 Merge pull request #8468 from daverodgman/mbedtls-3.5.1-pr
Mbed TLS 3.5.1
2023-11-08 18:01:32 +00:00
b9015385fd test_driver_extension: use same def/undef pattern for all accelerated symbols
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-08 13:11:10 +01:00
3e1d39b332 Add check about legacy dependencies in PSA tests
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:54:02 +01:00
9eb2abd1e0 Add docs re Everest license
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:17 +00:00
9f747537cf Update BRANCHES
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:11 +00:00
28d40930ae Restore bump version
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:08 +00:00
39b2a38076 Restore 3.5.1 ChangeLog
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:04 +00:00
a2d14ef764 Merge remote-tracking branch 'origin/development' into mbedtls-3.5.1-pr
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:39:53 +00:00
47854e638b Revert back to v3.5.0
git revert v3.5.0..v3.5.1
git rebase to combine the resulting revert commits

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:38:57 +00:00
edb8fec988 Add docs re Everest license
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
v3.5.1 mbedtls-3.5.1
2023-11-08 11:36:00 +00:00
1d6de4ceb7 No more limitations accelerated algorithms using a built-in hash
It used to be the case that when an algorithm that uses a hash inside was
accelerated through a PSA driver, it might end up calling a hash algorithm
that is not available from the driver. Since we introduced MBEDTLS_MD_LIGHT,
this no longer happens: PSA accelerated hashes are available to callers of
the MD module, so the test driver can use all available hash algorithms.
Hence the workaround to skip testing certain accelerated cases is no longer
needed.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-08 12:30:52 +01:00
fcc5f31bb8 Rm unjustified MD_C dependencies in PSA test
RSA will auto-enable MD_LIGHT, we don't need to list MD_C as a
dependency here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:30:52 +01:00
af302b9e5d Rm unjustified PK_C dependencies in PSA tests
Some are about raw or AES keys where PK seems really unrelated.

The others are about RSA where PK may be relevant, but the necessary
bits of PK are auto-enabled when RSA key types are requested, so we
shouldn't need to list them as dependencies in tests.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:30:52 +01:00
433150e8f2 Rm redundant ECC dependencies in psa_crypto tests
Since _DERIVE can't be accelerated now, in
config_adjust_legacy_from_psa.h we will notice and auto-enable ECP_LIGHT
as well as the built-in version of each curve that's supported in this
build. So, we don't need to list those as dependencies here - and they
would cause issues when we add support for _DERIVE drivers.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:30:51 +01:00
59a8b41ca3 Fix incorrect RSA dependencies in psa_crypto tests
There's no reason the tests would depend specifically on our built-in
implementation and not work with drivers, so replace the RSA_C
dependency with the correct PSA_WANT dependencies.

Those 6 cases use two different test functions, but both of those
functions only do `psa_import()`, so all that's needed is PUBLIC_KEY or
KEYPAIR_IMPORT (which implies KEYPAIR_BASIC) depending on the kind of
key being tested.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:30:51 +01:00
0d9a3618bd Rm unneeded dep on PK_PARSE_C in psa crypto tests
Most of them were removed in 7162, not sure how these ones slipped in.

There's no reason deterministic ECDSA verification would need PK parse
more than the other tests. The following finds no match:

    grep -i pk_parse library/ecdsa.c library/psa_crypto_ecp.c

Even if PK parse was actually needed for this, the right way would be to
auto-enable it based on PSA_WANT symbols, and then only depend on
PSA_WANT symbols here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:30:51 +01:00
65f7653bdd tls1.3: early data: rephrase ChangeLog
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-08 18:48:33 +08:00
f95b678729 Remove unused *.cocci files
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-11-08 10:08:09 +01:00
c27a4ce3dd Merge pull request #8429 from gilles-peskine-arm/fix-test_suite_constant_time_hmac-not-executed
Fix test suite never executed due to an undefined symbol
2023-11-08 09:05:12 +00:00