ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-11 09:22:05 +08:00
Code Issues Releases Wiki Activity
33,202 Commits 172 Branches 267 Tags
Commit Graph

33202 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
1782587af2
Merge pull request #10130 from valeriosetti/issue8154-development 
[development] Restrict MBEDTLS_X509_RSASSA_PSS_SUPPORT
 2025-05-07 14:22:34 +00:00
Valerio Setti
b8d5649ab6 tests: test_suite_x509: adapt RSA-PSS tests 
Parsing of CRT files with message's hash alg different from the MGF1 was
allowed in the past, but now it fails. So we need to move/adapt tests
relying on this feature, from a "verify" scope to a "parse" one.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-05-07 09:06:52 +02:00
Valerio Setti
7f6f4e6907 library: pass NULL options parameter to mbedtls_pk_verify_ext() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-05-07 09:06:52 +02:00
Valerio Setti
d24dfad7af library: x509: remove sig_opts from mbedtls_x509_sig_alg_gets() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-05-07 09:06:52 +02:00
Valerio Setti
68878ccdd0 library: x509: simplify RSA-PSS management 
- Do not store RSA-PSS signature options in CRL/CRT/CSR structures;
- During the parsing phase, just ensure that MGF1 hash alg is the same
  as the one used for the message.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-05-07 09:06:52 +02:00
Gilles Peskine
2439c4c14a
Merge pull request #10090 from valeriosetti/issue9618-development 
[development] MBEDTLS_PLATFORM_GET_ENTROPY_ALT in 4.0
 2025-05-06 22:35:03 +02:00
Valerio Setti
7f8b7b768b tf-psa-crypto: update reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-05-06 18:30:15 +02:00
Valerio Setti
55fa875574 framework: update reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-05-06 06:28:35 +02:00
Valerio Setti
1afedacfea tests: scripts: add new component to configuration-platform.sh 
Import component_test_platform_get_entropy_alt() from its counterpart
in TF-PSA-Crypto repo.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-05-06 06:28:35 +02:00
Gilles Peskine
5f6c6334f8
Merge pull request #10157 from diopoex/development 
Remove use of mbedtls_md_get_name() from ssl_context_info.c
 2025-04-30 07:00:01 +00:00
Paul Höhn
02c80e631f
Fix test and formatting in ssl_context_info 
Signed-off-by: Paul Höhn <paul.hoehn@icloud.com>
 2025-04-29 22:02:24 +02:00
Paul Höhn
e38041673f
fixed the tests 
Signed-off-by: Paul Höhn <paul.hoehn@icloud.com>
 2025-04-29 18:53:07 +02:00
Paul Höhn
5a7a5305e8
removed trailing whitespace 
Signed-off-by: Paul Höhn <paul.hoehn@icloud.com>
 2025-04-29 18:53:07 +02:00
Paul Höhn
da95274730
ssl context fix for 4.0 
Signed-off-by: Paul Höhn <paul.hoehn@icloud.com>
 2025-04-29 18:53:07 +02:00
Valerio Setti
0f0304d433 scripts: tests: fix component_test_full_cmake_clang 
Use the proper Clang C++ compiler to build C++ code otherwise the C
compiler will fail because std::cout() is unknown in
"cpp_dummy_build.cpp".

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-04-29 11:01:46 +02:00
Valerio Setti
7fb7fdabd7 tests: scripts: fix component_test_no_platform() 
Use alternative implementation of mbedtls_platform_get_entropy() since
the default one lives in "platform.c" and that one is excluded in
this test component.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-04-29 11:01:46 +02:00
Valerio Setti
1971eab465 programs: test: add C++ specific commands to cpp_dummy_build 
Add C++ specific instructions to the generated *.cpp source file so
that the build will fail in case a C compiler is used.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-04-29 11:01:46 +02:00
Valerio Setti
b13d29ebb2 tests: scripts: fix test_cmake_out_of_source 
By default C++ code would be compiled with GNU while C with Clang and
this can create problems at link time. In order to prevent this we
use Clang for both.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-04-29 11:01:46 +02:00
Valerio Setti
7ac11845d0 configs: add PLATFORM_C to configs using ENTROPY_C 
This is necessary to let entropy being able to gather entropy data from
the native platform source.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-04-29 11:01:46 +02:00
Valerio Setti
3775c9b48f programs: selftest: remove direct call to mbedtls_platform_entropy_poll() 
The function is now internal so it cannot be referenced from programs.
A dummy alternative is used instead.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-04-29 11:01:46 +02:00
Valerio Setti
73bd210a94 tests: remove usage of MBEDTLS_NO_PLATFORM_ENTROPY 
Use MBEDTLS_PLATFORM_GET_ENTROPY_ALT instead.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-04-29 11:01:46 +02:00
Valerio Setti
405d4adff2 psasim: add timeout while waiting for psa_server to start 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-04-29 11:01:46 +02:00
Valerio Setti
c568688456 config.py: do not enable MBEDTLS_PLATFORM_GET_ENTROPY_ALT in full config 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-04-29 11:01:46 +02:00
Manuel Pégourié-Gonnard
0fe9277fec
Merge pull request #9983 from bjwtaylor/kw-api-rework 
Move NIST_KW to PSA API
 2025-04-29 08:53:51 +00:00
Ben Taylor
1948c94385 added dependencies to test scripts 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-04-29 07:43:37 +01:00
Ben Taylor
4695204872 remove mbedtls_nist_kw_self_test from selftests 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-04-29 07:43:37 +01:00
Gilles Peskine
748e24d78e
Merge pull request #10143 from diopoex/development 
Removed use of mbedtls_cipher_info from ssl_context_info.c
 2025-04-28 12:35:12 +00:00
David Horstmann
4f4a2b3fc3
Merge pull request #10146 from gilles-peskine-arm/pylint-check-str-concat-dev 
Pylint: Complain about a missing comma in multiline lists of strings
 2025-04-28 09:11:57 +00:00
David Horstmann
ad6953f788
Merge pull request #10114 from felixc-arm/switch-to-which-aes 
Switch all.sh components from selftest to which_aes
 2025-04-28 06:58:38 +00:00
Gilles Peskine
8893a8f33b Complain about a missing comma in multiline lists of strings 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-25 12:52:16 +02:00
Gilles Peskine
0f6dd1caf1 Prepare framework for pylint check-str-concat-over-line-jumps 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-25 12:52:13 +02:00
Gilles Peskine
4156c49342
Merge pull request #10122 from felixc-arm/move-public-headers 
Adjust build scripts to accommodate public header move
 2025-04-24 17:47:17 +00:00
Gilles Peskine
97c45bb2e0
Merge pull request #10120 from gilles-peskine-arm/test_suite_ssl-fix-ret-20250408 
Fix uncaught failure conditions in test_suite_ssl
 2025-04-23 16:42:20 +00:00
Felix Conway
f065c311d4 Update tf-psa-crypto pointer 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-04-22 10:52:18 +01:00
Felix Conway
6908580131 Use aesni_crypt_ecb and internal_aes_encrypt to check conditional compilation 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-04-22 10:45:28 +01:00
Felix Conway
ad7049407b Remove executable permissions and shebang from component-platforms.sh 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-04-22 10:45:28 +01:00
Felix Conway
8e13c8f018 Add shebang to fix CI error 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-04-22 10:35:52 +01:00
Felix Conway
9949f00930 Add tf-psa-crypto/programs/test/which_aes to Makefile 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-04-22 10:35:52 +01:00
Felix Conway
5081d6544d Switch all.sh components from selftest to which_aes 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-04-22 10:35:49 +01:00
diopoex
b12205ca7a
Removed use of mbedtls_cipher_info from ssl_context_info.c 
Signed-off-by: Paul Höhn <paul.hoehn@icloud.com>
 2025-04-22 11:18:34 +02:00
Felix Conway
0d4fca2456 Update submodule pointers 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-04-22 09:25:58 +01:00
David Horstmann
232da48471
Merge pull request #9421 from mfil/feature/implement_tls_exporter 
Implement TLS-Exporter
 2025-04-17 14:47:13 +00:00
Felix Conway
61bd2729b2 Check include/mbedtls exists before including from it 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-04-17 10:24:20 +01:00
Felix Conway
dc6f6ec354 Update framework pointer to merge commit 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-04-16 14:16:24 +01:00
Felix Conway
819bb4ae25 Reset crypto pointer to development 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-04-16 14:15:04 +01:00
Max Fillinger
dba07e152e Add missing ifdef for mbedtls_ssl_tls13_exporter 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 14:48:14 +02:00
Manuel Pégourié-Gonnard
8ab3d8c25d
Merge pull request #10074 from bjwtaylor/rng-documentation 
Add ChangeLog for rng
 2025-04-14 10:03:58 +00:00
Ronald Cron
a3d27b54fc
Merge pull request #10045 from gilles-peskine-arm/defragment-test-server-first-flight-dev 
Test coalesced or split handshake messages
 2025-04-11 10:26:16 +00:00
Manuel Pégourié-Gonnard
a5db6c14fd Fix record insertion 
We were not making enough room. We want to move everything from the
place where we are going to insert the new record.

This was not causing failures because the code does not look at the
content after the inserted record, because it correctly returns an error
when seeing the inserted record. But as a matter on principle, the test
code should be doing what it says: just insert a new record but leave
a valid fragment after it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-04-11 10:14:22 +02:00
Manuel Pégourié-Gonnard
7af97b60e5 Use HANDSHAKE_OVER in nominal test cases 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-04-10 10:18:44 +02:00