lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-12-15 16:35:43 +03:00
Code Activity
31,364 Commits 176 Branches 276 Tags
bdd16d4cb10c047c98b51cc7e6ad673324588ed9
Commit Graph

11596 Commits

Author SHA1 Message Date
Gilles Peskine
e00150df4a Declare the outputs from generate_psa_wrappers.py as generated files 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-15 19:16:13 +01:00
Gilles Peskine
6e4332cc24 Commit generated PSA wrappers 
Commit files generated by `tests/scripts/generate_psa_wrappers.py`. As of
this commit, the new code is neither useful (the wrappers just call the
underlying functions) nor used (the wrapper functions are not called from
anywhere). This will change in subsequent commits.

This is a deviation from our normal practice of generating
configuration-independent platform-independent files as part of the build in
the development branch. The PSA test wrappers will be committed to the
repository for some time for two reasons:

* In the short term, we will review the generated code but not fully review
  the generator script.
* The build scripts cannot yet accommodate a generated header file.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-15 19:12:05 +01:00
Gilles Peskine
5294bb347c PSA wrapper generator 
The new script `tests/scripts/generate_psa_wrappers.py` generates the
implementation of wrapper functions for PSA API functions, as well as a
header that defines macros that redirect calls to the wrapper functions. By
default, the wrapper functions just call the underlying library function.
With `--log`, the wrapper functions log the arguments and return values.

This commit only introduces the new script. Subsequent commits will
integrate the wrappers in the build.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-15 19:03:08 +01:00
Valerio Setti
4860a6c7ac test_suite_psa_crypto: revert known failing checks for [en|de]cryption with opaque keys 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-15 16:30:12 +01:00
Valerio Setti
62b6f10f64 test_driver_asymmetric_encryption: implement opaque [en/de]cryption functions 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-15 16:30:07 +01:00
Valerio Setti
66a827fc83 test_driver_key_management: make opaque [un]wrapping functions public 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-15 15:00:52 +01:00
Dave Rodgman
ae730348e9 Add tests for mbedtls_ctr_increment_counter 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-15 11:45:01 +00:00
Valerio Setti
f202c2968b test_suite_psa_crypto: test asymmetric encryption/decryption also with opaque keys 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-15 10:42:37 +01:00
Ronald Cron
c57f86e132 Add ticket creation time to TLS 1.2 session serialization 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-01-15 08:58:19 +01:00
Ronald Cron
7b1921ac57 Add endpoint in TLS 1.2 session serialization data 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-01-15 08:58:19 +01:00
David Horstmann
8174478f82 Use thread-local flag to enable memory poisoning 
Allow memory poisoning to be enabled and disabled at runtime using a
thread-local flag. This allows poisoning to be disabled whenever a PSA
function is called but not through the test wrappers, removing false
positive use-after-poisons.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-12 15:13:54 +00:00
Tom Cosgrove
f1ba1933cf Merge pull request #8526 from yanrayw/issue/7011/send_record_size_limit_ext 
TLS1.3: SRV/CLI: add support for sending Record Size Limit extension
 2024-01-12 13:39:15 +00:00
Waleed Elmelegy
4b09dcd19c Change renegotiation test to use G_NEXT_SRV 
Change renegotiation test to use G_NEXT_SRV
to avoid problems when sending TLS 1.3
extensions since we exceed the extension
limit in G_SRV.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-12 10:50:25 +00:00
Ryan Everett
a90378c425 Restore previous version of rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-12 10:24:00 +00:00
Kusumit Ghoderao
153586a3d5 change values to ULL 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-12 11:19:16 +05:30
Ryan Everett
d00a138075 Change test data for pkparse aes 
Test data generated using openSSL with:
openssl pkcs8 -topk8 -v2 $ENC -v2prf hmacWithSHA384 -inform PEM
-in $IN -outform PEM -out $OUT -passout "pass:PolarSSLTest"

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-11 17:23:15 +00:00
Paul Elliott
3519cfb3d8 Merge pull request #8639 from bensze01/release_components 
Set OpenSSL/GnuTLS variables when running release components
 2024-01-11 15:38:35 +00:00
Ronald Cron
7c14afcaaa Merge pull request #8595 from yanrayw/issue/8593/srv-CH-fix-version-check 
TLS1.3: SRV: check `min_tls_version` when parsing ClientHello
 2024-01-11 13:34:09 +00:00
Waleed Elmelegy
e83be5f639 Change renegotiation tests to work with TLS 1.2 only 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 23:39:54 +00:00
Ryan Everett
1f935f5027 Add AES tests to test_suite_pkparse 
Test data generated using openssl:
openssl genpkey -algorithm rsa -out $OUT -$ALG

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-10 19:34:18 +00:00
Ryan Everett
ae0b4bd04c Add more details to comments 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-10 19:19:10 +00:00
Ryan Everett
4cfd6a6bc6 Fix dependencies in pkcs5 aes-128-cbc tests 
These tests do not specify a hash function. This is an optional parameter
with default value hmacWithSHA1, so these test cases are dependant on SHA-1
and not SHA-256

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-10 19:15:45 +00:00
Kusumit Ghoderao
a7c55d5a14 fix depends on condition 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-11 00:43:48 +05:30
Paul Elliott
f149cd1a3a Merge pull request #8688 from jwinzig-at-hilscher/development 
Fix bug in mbedtls_x509_set_extension
 2024-01-10 16:57:16 +00:00
Kusumit Ghoderao
179f33a1ea add test cases with different hash algs 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:10 +05:30
Kusumit Ghoderao
7d4db631cf add depends on for capacity tests and fix code style 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
f4351c1a61 correct test data 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
83455ebcc0 disable pbkdf2_hmac set max capacity test 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
d3ae165adb Add tests for derive_full for hkdf_extract, hkdf_expand and ecjpake_to_pms 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
1da06da398 Add tests for derive_set_capacity for pbkdf and ecjpake_to_pms 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
604e1cbbe7 Change error status for invalid HKDF alg 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
2c4264bd41 Add hkdf_extract, hkdf_expand and ecjpake_to_pms cases 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
9ffd397e4c Increase input parameter type and buffer size 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
4aa6b36a35 add tests for derive_full and derive_set_capacity 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Waleed Elmelegy
1487760b55 Change order of checking of record size limit client tests 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
a3bfdea82b Revert "Make sure record size limit is not configured without TLS 1.3" 
This reverts commit 52cac7a3e6782bbf46a76158c9034afad53981a7.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
7ae74b74cc Make sure record size limit is not configured without TLS 1.3 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
e840263f76 Move record size limit testing to tls13 component 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
2fa99b2ddd Add tests for client complying with record size limit 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
f501790ff2 Improve comments across record size limit changes 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
9457e67afd update record size limit tests to be more consistent 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
3a37756496 Improve record size limit tests 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
598ea09dd5 TLS1.3: SRV/CLI: add support for sending Record Size Limit extension 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:27 +00:00
Waleed Elmelegy
47d2946943 tls13: server: write Record Size Limit ext in EncryptedExtensions 
- add the support in library
- update corresponding test cases.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:27 +00:00
Yanray Wang
42017cd4c9 tls13: cli: write Record Size Limit ext in ClientHello 
- add the support in library
- update corresponding test case

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2024-01-10 16:17:27 +00:00
Manuel Pégourié-Gonnard
3eb9025275 Merge pull request #8680 from mpg/ciphers-wrapup 
Driver-only ciphers wrapup
 2024-01-10 12:04:50 +00:00
Paul Elliott
0710ac4ec8 Add ability to exclude mutex from tests 
We need to be able to exclude mbedtls_test_info_mutex() from the normal
tests, as this mutex has to be locked to report mutex errors, and also
reports as leaked, due to where it is initialised / free'd.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-01-09 18:01:58 +00:00
Paul Elliott
65064265c2 Protect test info access with mutex 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-01-09 18:01:58 +00:00
Paul Elliott
c7a1e9936a Move bignum flag for negative zero into test_info 
Add accessors ready for protection with test_info mutex.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-01-09 18:01:58 +00:00
Jonathan Winzig
315c3ca9e5 Add required dependency to the testcase 
Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com>
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
 2024-01-09 18:31:11 +01:00