lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-12-17 04:42:20 +03:00
Code Activity
32,997 Commits 176 Branches 276 Tags
aa5c159e36b74b4e037a494f96ea9ebda2682bc2
Commit Graph

12273 Commits

Author SHA1 Message Date
Minos Galanakis
135ebd3241 ssl-opt: Removed mock-tests from HS renegotiation. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
87be69a3fc sll-opt: Added refence fix for the Mock HS Defrag test using renegotitiation delay 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
05009c736c Added Mock Renegotiation negative test for testing. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
529188f30b ssl-opt: Added fragmented HS tests for server-initiated renegotiation. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
5aaa6e048b ssl-opt: Added fragmented HS tests for client-initiated renegotiation. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
daa14a4212 ssl-opt: Added fragmented HS tests for SSL_VARIABLE_BUFFER_LENGTH. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Bence Szépkúti
906d3cdff5 Merge pull request #10020 from bensze01/msvc-format-size-macros 
Fix preprocessor guards for C99 format size specifiers
 2025-03-13 10:09:06 +00:00
Bence Szépkúti
24f11a366d Use an array of strings instead of pointer smuggling 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-03-12 19:14:50 +01:00
Bence Szépkúti
46e0b1cac9 Use dummy typedef instead of macro 
Use a dummy definition of mbedtls_ms_time_t in builds without
MBEDTLS_HAVE_TIME.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-03-12 17:11:46 +01:00
Minos Galanakis
a2a0c2cbe7 Merge remote-tracking branch 'origin/features/tls-defragmentation/development' into feature_merge_defragmentation_dev 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-12 15:25:06 +00:00
Bence Szépkúti
58bb7ecd94 Disable fatal assertions in Windows printf tests 
The Windows CRT treats any invalid format specifiers passed to the CRT
as fatal assertion failures. Disable thie behaviour temporarily while
testing if the format specifiers we use are supported.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-03-12 16:16:20 +01:00
Bence Szépkúti
154066d118 Add testcase for MBEDTLS_PRINTF_MS_TIME 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-03-12 16:16:20 +01:00
Bence Szépkúti
c6a8bf0f8e Test handling of format macros defined in debug.h 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-03-12 16:16:20 +01:00
Bence Szépkúti
122105269a Run test_suite_debug without MBEDTLS_SSL_TLS_C 
Move the suite's global dependency on MBEDTLS_SSL_TLS_C to the
individual test cases.

Add an preprocesor guard around string_debug to prevent warning about unused
functions.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-03-12 16:16:20 +01:00
Valerio Setti
6408113fe2 tests: move component_test_tf_psa_crypto_cmake_as_package to tf-psa-crypto 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-03-10 12:44:49 +01:00
Ronald Cron
2d1f26037f Merge pull request #9954 from gabor-mezei-arm/9753_migrate_RSA_key_exchange_tests 
Migrate RSA-decryption test cases
 2025-03-07 14:46:27 +00:00
Gabor Mezei
8829aa336c Fix code style 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-07 13:21:37 +01:00
Gabor Mezei
149509362b TLS context serialization needs an AEAD ciphersuite 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-06 16:06:42 +01:00
Gilles Peskine
e85ece6584 Handshake defragmentation: reassemble incrementally 
Reassemble handshake fragments incrementally instead of all at the end. That
is, every time we receive a non-initial handshake fragment, append it to the
initial fragment. Since we only have to deal with at most two handshake
fragments at the same time, this simplifies the code (no re-parsing of a
record) and is a little more memory-efficient (no need to store one record
header per record).

This commit also fixes a bug. The previous code did not calculate offsets
correctly when records use an explicit IV, which is the case in TLS 1.2 with
CBC (encrypt-then-MAC or not), GCM and CCM encryption (i.e. all but null and
ChachaPoly). This led to the wrong data when an encrypted handshake message
was fragmented (Finished or renegotiation). The new code handles this
correctly.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-05 17:02:18 +01:00
Gabor Mezei
ea4df49272 Update test dependencies 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-05 12:18:47 +01:00
Gabor Mezei
dcbe4ce9db Update dependencies 
Pre-existing but not having TLS 1.3 in the build does not seem to be
necessary actually. These test functions set the dtls flag when
calling `test_resize_buffers` and then `test_resize_buffers` sets the
`options.dtls` flag which eventually forces the TLS 1.2 version of the
protocol (in `mbedtls_test_ssl_endpoint_init()` call of
`mbedtls_ssl_config_defaults()` with `MBEDTLS_SSL_TRANSPORT_DATAGRAM`
as the transport).

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-05 12:18:47 +01:00
Gabor Mezei
92e49e1bca Update comment 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-05 12:18:47 +01:00
Gabor Mezei
c27757b1eb Add new test component 
New test component added to run test cases with ECDHE_ECDSA ciphersuits and
without TLS 1.3.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-05 12:18:47 +01:00
Gabor Mezei
8adcfc8240 Add ECDSA ciphersuite support for resize_buffer tests 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-05 12:18:47 +01:00
Gabor Mezei
ab02cd5e7b Revert "Delete test cases" 
This reverts commit ecc5d31139dc6877f135e8090e805c250e32a31d.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-05 12:18:46 +01:00
Gabor Mezei
cdd34742cf Fix test case name 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-05 12:18:46 +01:00
Gabor Mezei
973a712dd8 Migrate to a usable ciphersuite 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-05 12:18:46 +01:00
Gabor Mezei
ff9b2e742a Delete test cases 
Only RSA cipgersuits are accepted for these tests and there is no ECDHE-RSA
alternative for AES-128-CCM so delete them.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-05 12:18:46 +01:00
Gabor Mezei
dd7c0f1e66 Fix ciphersuit 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-05 12:18:46 +01:00
Gabor Mezei
9d7fd3dfe1 Migrate the RSA key exchage tests 
Migrate to ECDHE-ECDSA instead of PSK

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-05 12:18:46 +01:00
Gabor Mezei
00ab71035e Delete SSL async decryption tests 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-05 12:18:46 +01:00
Gabor Mezei
fc42c22c7b Migrate RSA key exchange tests 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-05 12:18:30 +01:00
Valerio Setti
461899e382 analyze_outcomes.py: remove exceptions for MBEDTLS_DHM_C 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-03-05 10:11:22 +01:00
Valerio Setti
eb63eb2a6a etests: remove MBEDTLS_DHM_C/DHM occurrencies 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-03-05 10:11:22 +01:00
Gilles Peskine
e0bd20bd58 Generate handshake defragmentation test cases: update analyze_outcomes 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-04 18:24:52 +01:00
Gilles Peskine
f89bc27603 Switch to generated handshake tests 
Replace `tests/opt-testcases/handshake-manual.sh` by
`tests/opt-testcases/handshake-generated.sh`. They are identical except for
comments.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-03 16:13:19 +01:00
Gilles Peskine
5071a25320 Normalize requirements in defragmentation test cases 
Be more uniform in where certificate authentication and ECDSA are explicitly
required. A few test cases now run in PSK-only configurations where they
always could. Add a missing requirement on ECDSA to test cases that are
currently skipped.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-03 16:13:19 +01:00
Gilles Peskine
46cb8a2aa9 Normalize messages in defragmentation test cases 
Make some test case descriptions and log patterns follow more systematic
patterns.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-03 16:13:19 +01:00
Gilles Peskine
aaab090ad8 Normalize whitespace in defragmentation test cases 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-03 16:13:19 +01:00
Gilles Peskine
b40d33b7c8 Move most TLS handshake defragmentation tests to a separate file 
Prepare for those test cases to be automatically generated by a script.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-03 16:13:19 +01:00
Gilles Peskine
4773333dc6 New generated file: tests/opt-testcases/handshake-generated.sh 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-03 16:13:19 +01:00
Valerio Setti
1027c4cc3c psasim: add support for psa_can_do_hash() 
This commit also includes regenerated C and H files.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-03-03 15:36:14 +01:00
Valerio Setti
886fa8d71a psasim: add support for psa_export_public_key_iop 
This commit also includes regenerated C and H files.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-03-03 15:35:47 +01:00
Gilles Peskine
5df993dcc9 Merge remote-tracking branch 'development' into tls-defragmentation-merge-development-20250303 2025-03-02 21:15:58 +01:00
Minos Galanakis
4354dc646f ssl-opt: Re-introduce certificate dependency for HS negative tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 22:40:37 +00:00
Minos Galanakis
0dd57a9913 ssl-opt: Removed dependencies for HS defrag negative tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 18:05:48 +00:00
Minos Galanakis
d01ac30cfa ssl-opt: Adjusted reference hs defragmentation tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:11:21 +00:00
Minos Galanakis
76957cceab ssl-opt: Minor typos and documentation fixes. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:11:21 +00:00
Minos Galanakis
19dbbe0958 analyze_outcomes: Temporary disabled 3 HS Degragmentation tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 11:46:36 +00:00
Minos Galanakis
17170a5ed2 ssl-opt: Updated documentation of HS-Defrag tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 11:40:33 +00:00