ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-06-27 07:37:05 +08:00
Code Issues Releases Wiki Activity
33,346 Commits 173 Branches 268 Tags
Commit Graph

12421 Commits

Author SHA1 Message Date
Gilles Peskine
3b819cf22f
Merge pull request #10109 from mpg/merge-from-restricted 
Merge from restricted
 2025-04-07 14:04:06 +00:00
Ronald Cron
8bbe60a67f
Merge pull request #10102 from ronald-cron-arm/check-generated-files-follow-up 
Check generated files follow-up
 2025-04-02 20:55:45 +00:00
Manuel Pégourié-Gonnard
ed4a2b4f0a Merge branch 'development-restricted' into merge-from-restricted 
* development-restricted:
  Add missing credit for set_hostname issue
  Add changelog entry for TLS 1.2 Finished fix
  TLS1.2: Check for failures in Finished calculation
  ssl_session_reset: preserve HOSTNAME_SET flag
  Document the need to call mbedtls_ssl_set_hostname
  Improve documentation of mbedtls_ssl_set_hostname
  Changelog entries for requiring mbedls_ssl_set_hostname() in TLS clients
  Add a note about calling mbedtls_ssl_set_hostname to mbedtls_ssl_setup
  mbedtls_ssl_set_hostname tests: add tests with CA callback
  Call mbedtls_ssl_set_hostname in the generic endpoint setup in unit tests
  Require calling mbedtls_ssl_set_hostname() for security
  Create error code for mbedtls_ssl_set_hostname not called
  Keep track of whether mbedtls_ssl_set_hostname() has been called
  Access ssl->hostname through abstractions in certificate verification
  mbedtls_ssl_set_hostname tests: baseline
  Add a flags field to mbedtls_ssl_context
  Automate MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK dependency
  Make guards more consistent between X.509-has-certs and SSL-has-certs
  Fix Doxygen markup
  Make ticket_alpn field private

 Conflicts:
	programs/ssl/ssl_test_common_source.c
 2025-04-01 09:40:47 +02:00
Manuel Pégourié-Gonnard
e2359585e4
Merge pull request #10078 from bjwtaylor/pk_rsa_alt-removal 
Pk rsa alt removal
 2025-04-01 07:32:46 +00:00
Ronald Cron
444db895f7 Remove check-generated-files.sh 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-31 17:18:03 +02:00
Ronald Cron
5d9b9d244f Rename mbedtls-all.sh to just all.sh 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-29 10:06:38 +01:00
Ronald Cron
8e2d40dbec Remove all.sh wrapper 
Now that in TF-PSA-Crypto CI, the TF-PSA-Crypto
all.sh components are run in pure TF-PSA-Crypto
context, there is no need to run them as part of
mbedtls CI anymore. The all.sh wrapper wrapping
./tests/scripts/mbedtls-all.sh and
./tf-psa-crypto/tests/scripts/all.sh can be
removed.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-29 10:01:53 +01:00
Max Fillinger
1a1ec2fcce Fix up merge conflict resolution 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:54:08 +01:00
Max Fillinger
29f8f9a49d Fix dependencies for TLS-Exporter tests 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:08:12 +01:00
Max Fillinger
9f843332e8 Exporter: Add min. and max. label tests 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:08:12 +01:00
Max Fillinger
9c5bae5026 Fix max. label length in key material exporter 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:08:12 +01:00
Max Fillinger
d23579c746 Fix requirements for TLS 1.3 Exporter compat test 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:08:12 +01:00
Max Fillinger
4e21703bcf Add fixed compatibility test for TLS 1.3 Exporter 
When testing TLS 1.3, use O_NEXT_CLI.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:08:12 +01:00
Max Fillinger
7b97712164 Remove exporter compatibility test for TLS 1.3 
The openssl version in the docker image doesn't support TLS 1.3, so we
can't run the test.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:08:12 +01:00
Max Fillinger
6d53a3a647 Fix openssl s_client invocation 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:08:12 +01:00
Max Fillinger
f8059db4ee Print names of new tests properly 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:08:12 +01:00
Max Fillinger
92b7a7e233 ssl-opt.sh: Add tests for keying material export 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:08:12 +01:00
Max Fillinger
ee467aae69 mbedtls_test_ssl_do_handshake_with_endpoints: Zeroize endpoints 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-03-28 17:08:12 +01:00
Max Fillinger
d6e0095478 Exporter tests: Don't use unavailbable constant 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:08:12 +01:00
Max Fillinger
8e0b8c9d9f Exporter tests: Add missing depends-ons 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:08:10 +01:00
Max Fillinger
c6fd1a24d2 Use one maximum key_len for all exported keys 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:06:48 +01:00
Max Fillinger
a9a9e99a6b Exporter tests: Reduce key size in long key tests 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:06:48 +01:00
Max Fillinger
9dc7b19a6a Exporter tests: Free endpoints before PSA_DONE() 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:06:48 +01:00
Max Fillinger
364afea9d3 Exporter tests: Fix possible uninitialized variable use 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-03-28 17:06:48 +01:00
Max Fillinger
ea1e777c01 Coding style cleanup 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-03-28 17:06:48 +01:00
Max Fillinger
8a2d2adf8c Exporter tests: Initialize allocated memory 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-03-28 17:06:48 +01:00
Max Fillinger
8f12e31223 Exportert tests: Free endpoints and options 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-03-28 17:06:48 +01:00
Max Fillinger
3e1291866d Fix output size check for key material exporter 
HKDF-Expand can produce at most 255 * hash_size bytes of key material,
so this limit applies to the TLS 1.3 key material exporter.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:06:48 +01:00
Max Fillinger
28916ac8fe Increase allowed output size of HKDF-Expand-Label 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:06:48 +01:00
Max Fillinger
cf007ca8bb Add more tests for keying material export 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:06:47 +01:00
Max Fillinger
7b72220d42 Fix coding style 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-03-28 16:53:58 +01:00
Max Fillinger
c7986427d4 Add test for TLS-Exporter in TLS 1.3 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:57 +01:00
Ronald Cron
3189752b2f
Merge pull request #10073 from felixc-arm/remove-inject-entropy 
[development] Remove MBEDTLS_PSA_INJECT_ENTROPY
 2025-03-28 13:22:00 +00:00
Manuel Pégourié-Gonnard
064f68ec85
Merge pull request #10032 from valeriosetti/psasim-doc-update 
psasim: update README file
 2025-03-28 09:11:13 +00:00
Felix Conway
133f7aab2c Add MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES to ignore list for CI 
With the removal of the component_test_psa_inject_entropy test,
MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES is no longer set in any tests, and so
the CI will complain unless it is added to the ignore list.

Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-03-28 09:01:32 +01:00
Felix Conway
92efce2b84 [development] Remove code relating to MBEDTLS_PSA_INJECT_ENTROPY 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-03-28 09:01:05 +01:00
Manuel Pégourié-Gonnard
e57ea21a1c
Merge pull request #10042 from bjwtaylor/remove-ssl-conf 
Remove mbedtls_ssl_conf_rng()
 2025-03-27 14:05:42 +00:00
Ben Taylor
05a978752b Remove MBEDTLS_PK_RSA_ALT 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-27 09:53:46 +00:00
Ronald Cron
4cd8fbbb2d Use TF_PSA_CRYPTO_ROOT_DIR 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-26 21:19:28 +01:00
Ronald Cron
aa5c159e36 all.sh: check generated files: Use make_generated_files.py 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-26 21:19:28 +01:00
Ronald Cron
99226e9b9b cmake: Generate test_keys.h and test_certs.h in the build tree 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-26 21:19:28 +01:00
Ronald Cron
81a674eee8 Adapt to generate_config_tests.py changes 
Adapt builds and check-generated-files.sh to the fact
that generate_config_tests.py does not generate
test_suite_config.psa_boolean.data in Mbed TLS 4.x
context anymore.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-26 21:19:28 +01:00
Ben Taylor
602b2968ca pre-test version of the mbedtls_ssl_conf_rng removal 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-26 13:32:10 +00:00
Ben Taylor
47111a1cb1 initial remove of mbedtls_ssl_conf_rng 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-26 13:32:10 +00:00
Valerio Setti
b33e06c56f tests: psasim: remove references to mbedtls_psa_register_se_key() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-03-26 13:32:54 +01:00
Valerio Setti
9f2939c56d test: components: remove references to MBEDTLS_PSA_CRYPTO_SE_C 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-03-26 13:32:54 +01:00
Ben Taylor
440cb2aac2 Remove RNG from x509 and PK 
remove the f_rng and p_rng parameter from x509 and PK.

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-26 08:17:38 +00:00
Gabor Mezei
5ba9b57cbd
Convert test function to a static function 
The `resize_buffers` function is no more used as a test
function to convert it to a static function.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-20 17:55:35 +01:00
Gabor Mezei
1ac784c5a5
Fix test case migration 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-20 17:55:35 +01:00
Gabor Mezei
9ee58e43e1
Update test dependencies 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-20 17:55:30 +01:00