lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-20 16:42:59 +03:00
Code Activity
29,227 Commits 173 Branches 272 Tags
e093281a8b51a3d89e61c99b7ac28c7bae47fbfa
Commit Graph

29227 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paul Elliott
240240dfae Regenerate coverity scan token 
On the advice of travis support, try regenerating the coverity scan
token to see if that fixes the connection to coverity scan

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-08-30 18:06:50 +01:00
Gilles Peskine
03e9dea30b Merge remote-tracking branch 'development' into psa_crypto_config-in-full 
Conflicts:
* `include/psa/crypto_sizes.h`: the addition of the `u` suffix in this branch
  conflicts with the rework of the calculation of `PSA_HASH_MAX_SIZE` and
  `PSA_HMAC_MAX_HASH_BLOCK_SIZE` in `development`. Use the new definitions
  from `development`, and add the `u` suffix to the relevant constants.
 2023-08-30 18:32:57 +02:00
Janos Follath
0385c2815c Tighten thread safety requirements 
We shouldn't violate the requirement that the key identifier can be
reused. In practice, a key manager may destroy a key that's in use by
another process, and the privileged world containing the key manager and
the crypto service should not be perturbed by an unprivileged process.

With respect to blocking, again, a key manager should not be blocked
indefinitely by an unprivileged application.

These are desirable properties even in the short term.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-30 16:44:04 +01:00
Agathiyan Bragadeesh
a2423debcc Fix code style 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 16:24:31 +01:00
Agathiyan Bragadeesh
52af0d08b4 Fix unsafe behaviour in MBEDTLS_ASN1_IS_STRING_TAG 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 16:24:15 +01:00
Agathiyan Bragadeesh
de02ee268e Refactor parse_attribute_value_string 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 16:12:57 +01:00
Agathiyan Bragadeesh
1aece47e8c Make hexpair_to_int take a char pointer 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 16:05:24 +01:00
Agathiyan Bragadeesh
e9d1c8e1eb Reword and reformat comments 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 15:55:31 +01:00
Agathiyan Bragadeesh
ef6abd4062 Add blank lines after variable declarations 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 15:55:12 +01:00
Gilles Peskine
2c40b90598 ssl-opt.sh doesn't actually use OPENSSL_LEGACY: remove unused function 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-30 16:38:56 +02:00
David Horstmann
22ec2aefa9 Fix unnecessary header prefixes in tests 
Remove unnecessary "../library" prefix from test suite includes. This
makes the tests repo-agnostic between the mbedtls and psa-crypto repos.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-30 15:34:34 +01:00
Gilles Peskine
1a8ebe39bf Merge pull request #1050 from Mbed-TLS/update-restricted-2023-08-30 
Sync development-restricted with tip of development
 2023-08-30 15:47:22 +02:00
Waleed Elmelegy
21d7d85af7 Fix mbedtls_pkcs5_pbes test function failure 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-30 13:12:09 +01:00
Yanray Wang
63f0abe226 check_test_cases: add a comment to explain idx in walk_compat_sh 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-30 18:31:37 +08:00
Dave Rodgman
730bbee226 Merge remote-tracking branch 'origin/development' into update-restricted-2023-08-30 2023-08-30 11:22:00 +01:00
Dave Rodgman
29bf911058 Merge pull request #7839 from daverodgman/psa-sha3 
SHA-3 via PSA
 2023-08-30 08:51:36 +00:00
David Horstmann
8f3ec8ec9d Use '--target' instead of shortened '-t' 
This enables compatibility with older versions of CMake that do not have
the abbreviated switch.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-30 09:46:20 +01:00
Yanray Wang
ab717b5287 Merge remote-tracking branch 'origin/development' into 7094-collect-compatsh-test-cases 2023-08-30 10:38:28 +08:00
David Horstmann
3ed1871920 Disable pylint error for non-uppercase names 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 18:20:19 +01:00
Dave Rodgman
33e1f42307 Fix use of mbedtls_psa_safer_memcmp in test code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 18:17:29 +01:00
David Horstmann
9cc6b2f446 Add missing import in test_psa_compliance.py 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 17:36:35 +01:00
David Horstmann
fd9264e65b Fix pylint errors 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 16:21:15 +01:00
Gilles Peskine
f3a41685e7 Merge pull request #8126 from daverodgman/p256-m-aarch64 
Disable p256-m asm on aarch64
 2023-08-29 14:15:08 +00:00
Gilles Peskine
a878b663cf Merge pull request #8090 from silabs-Kusumit/PBKDF2_higher_cost_tests 
PBKDF2: tests with higher input costs
 2023-08-29 14:00:17 +00:00
David Horstmann
41c316d3b2 Move -B switch into a single argument 
This will prevent CMake from mistaking the build directory for the
source directory

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 14:57:23 +01:00
Waleed Elmelegy
4ac8619282 Improve mbedtls_pkcs5_pbes2_ext changelog description 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-29 14:56:15 +01:00
Waleed Elmelegy
79b6e26b1b Improve mbedtls_pkcs5_pbes2_ext function test data 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-29 14:55:03 +01:00
Dave Rodgman
787011542b Fully replace mbedtls_psa_safer_memcmp 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 14:20:18 +01:00
David Horstmann
b48822c816 Appease pylint by renaming variables 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 14:12:53 +01:00
David Horstmann
beaee2604f Test PSA compliance: Build only the crypto target 
Use CMake's -t option to build only the crypto target. Parameterize the
crypto target to have the right name depending on whether this is Mbed
TLS or PSA Crypto.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 14:01:52 +01:00
David Horstmann
c69074dcf6 Tidy up reference to Mbed TLS in help message 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 13:46:11 +01:00
Dave Rodgman
024a3b3f04 Disable p256-m asm on aarch64 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 13:21:43 +01:00
David Horstmann
2ba89bece6 Disable pylint error in CMake command 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 10:37:29 +01:00
David Horstmann
3b8984af5c Remove or qualify references to Mbed TLS 
Either remove exclusive references to Mbed TLS or accompany them with
references to "PSA Crypto".

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 10:32:26 +01:00
David Horstmann
f757069269 Rename 'mbedtls_dir' -> 'root_dir' 
This makes it more repo-agnostic

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 10:27:13 +01:00
David Horstmann
98af198a30 Correctly detect presence of the built library 
Use the repo-specific test not just the Mbed TLS specific one.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 10:25:54 +01:00
David Horstmann
58cf7c6c38 Use repo detection functions at start of all.sh 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 10:15:05 +01:00
David Horstmann
d02b5f8f56 Separate directory discernment into 2 functions 
Have separate in_mbedtls_repo() and in_psa_crypto_repo() functions

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 09:55:56 +01:00
David Horstmann
2fde99962d Improve directory coverage in PSA repo detection 
Check for the 'drivers' and 'programs' directories additionally to the
ones that are already there.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 09:50:16 +01:00
Dave Rodgman
e97de40e7b Typo fix 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:47:35 +01:00
Dave Rodgman
6d5261e38f Fix typo in doxygen for mbedtls_ct_memcpy_offset 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman
b69239c604 Improve docs in mbedtls_mpi_lt_mpi_ct 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman
d44dd96132 Improve docs re duplicate declarations 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman
0cf9dd1056 Whitespace - tidy up asm and make it more consistent 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman
81673bba77 Add x86 const-time assembly 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman
664fea481c Add x86-64 const-time assembly 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Gilles Peskine
1783870681 compat.sh: add --preserve-logs option 
Similar to ssl-opt.sh.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-28 17:36:52 +02:00
Dave Rodgman
d395590597 Merge pull request #7579 from daverodgman/safer-ct-asm 
Arm assembly implementation of constant time primitives
 2023-08-28 08:26:29 +00:00
Jerry Yu
f65f71eef3 improve various issues 
- duplicate definition
- wrong comments
- redundant include statement

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-28 10:58:24 +08:00
Yanray Wang
044eb16379 pkwrite: zeroize buf containing info of private key 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-28 10:35:41 +08:00