mbedtls

mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-10-23 00:58:55 +08:00

Author	SHA1	Message	Date
Ronald Cron	b91117c32f	Merge pull request #10402 from ronald-cron-arm/remove-legacy-crypto-options Remove legacy crypto options	2025-09-17 18:46:05 +00:00
Valerio Setti	91c0945def	tests: fix alg and usage for some ECDHE-ECDSA opaque key tests Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-09-16 16:12:07 +02:00
Ronald Cron	feb5e26619	Cleanup following the removal of MBEDTLS_ECP_DP_.*_ENABLED options Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2025-09-16 15:53:43 +02:00
Valerio Setti	d0d0791aed	remove usage of secp192[k\|r]1 curves Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-08-06 09:15:35 +02:00
Valerio Setti	70a4a31cb5	remove secp224[k\|r]1 curves Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-08-06 09:15:35 +02:00
Ben Taylor	4bb98be277	initial remove of MBEDTLS_USE_PSA_CRYPTO Signed-off-by: Ben Taylor <ben.taylor@linaro.org>	2025-07-30 07:55:13 +01:00
Ben Taylor	361ce2b484	Rename mbedtls_pk_setup_opaque to mbedtls_pk_wrap_psa Signed-off-by: Ben Taylor <ben.taylor@linaro.org>	2025-07-24 08:25:28 +01:00
Felix Conway	858b829436	Add define to fuzz/common.c and ssl/ssl_test_lib.c Signed-off-by: Felix Conway <felix.conway@arm.com>	2025-03-25 10:06:53 +00:00
Gabor Mezei	e99e591179	Remove key exchange based on encryption/decryption Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2025-03-20 17:53:07 +01:00
Gilles Peskine	bc7c523420	Remove uses of secp244k1 Remove all code guarded by `PSA_WANT_ECC_SECP_K1_224`, which is not and will not be implemented. (It would be K1_225 anyway, but we don't intend to implement it anyway.) Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2025-01-08 16:51:23 +01:00
Gabor Mezei	c15ef93aa5	Replace `MBEDTLS_MD_CAN_SHA512` with `PSA_WANT_ALG_SHA_512` Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2024-08-28 18:20:25 +02:00
Elena Uziunaite	0916cd702f	Replace MBEDTLS_MD_CAN_SHA256 with PSA_WANT_ALG_SHA_256 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-11 11:13:35 +03:00
Valerio Setti	90eca2adb0	ssl_test_lib: add guards for pk_wrap_as_opaque() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-28 10:45:43 +01:00
Valerio Setti	7541ebea52	programs: remove usage of mbedtls_pk_wrap_as_opaque() from tests This is replaced with: mbedtls_pk_get_psa_attributes() + mbedtls_pk_import_into_psa() + mbedtls_pk_setup_opaque(). Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-27 10:44:33 +01:00
Gilles Peskine	72da8b3521	Don't authorize private access to fields where not actually needed Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-02-22 12:07:29 +01:00
Paul Elliott	54ad01efed	Merge remote-tracking branch 'upstream/development' into make_tests_thread_safe	2024-02-09 14:33:58 +00:00
Janos Follath	7a28738205	Merge pull request #8636 from paul-elliott-arm/new_test_thread_interface New test thread interface	2024-02-08 12:35:40 +00:00
Valerio Setti	e8683ce9ef	ssl_test_lib: add guards for enabled DH groups Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-17 15:56:30 +01:00
Paul Elliott	17c119a5e3	Migrate to threading_helpers.h Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-01-05 21:04:52 +00:00
Paul Elliott	4580d4d829	Add accessor helpers for mbedtls_test_info Step one of being able to control access to mbedtls_test_info with a mutex. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-01-05 19:13:43 +00:00
Paul Elliott	f25d831123	Ensure mutex test mutex gets free'd Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-11-23 18:49:43 +00:00
Dave Rodgman	16799db69a	update headers Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-02 19:47:20 +00:00
Valerio Setti	dda0019e2e	ssl_test_lib: fix rebase error Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 10:22:51 +02:00
Valerio Setti	5bdebb2004	ssl_test_lib: fix variable naming for curve group Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 09:13:57 +02:00
Valerio Setti	fb6356f003	ssl_test_lib: simplify function which prints supported curves Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 09:13:57 +02:00
Valerio Setti	deb676442d	ssl_test_lib: manage FFDH keys the same way as ECC ones Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 09:13:57 +02:00
Valerio Setti	acd32c005f	programs: add helper functions for supported EC curves - get full list, or - get TLS ID from name Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 09:13:57 +02:00
Przemek Stekiel	68e7544de8	parse_groups: curve -> group adaptations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-06 12:16:44 +02:00
Przemek Stekiel	45255e4c71	Adapt names (curves -> groups) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-05 09:26:26 +02:00
Przemek Stekiel	7d42c0d0e5	Code cleanup #2 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-13 12:30:40 +02:00
Przemek Stekiel	75a5a9c205	Code cleanup Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-13 09:57:23 +02:00
Przemek Stekiel	ff9fcbcace	ssl_client2, ssl_server2: code optimization + guards adaptation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:53:40 +02:00
Przemek Stekiel	da4fba64b8	Further code optimizations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	e7db09bede	Move FFDH helper functions and macros to more suitable locations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:08 +02:00
Manuel Pégourié-Gonnard	bef824d394	SSL: use MD_CAN macros Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:29:31 +01:00
Gilles Peskine	449bd8303e	Switch to the new code style Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-01-11 14:50:10 +01:00
Ronald Cron	50969e3af5	ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 15:57:57 +02:00
Przemek Stekiel	cb20d202d2	Further code optimization - key_opaque_set_alg_usage(): set alg/usage in loop - key_opaque_set_alg_usage(): add key paramteter to set default alg/usage if it is not specified by command line parameters - unify default alg/usage for client and server - optimize opaque code on client and server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-06 09:34:30 +02:00
Przemek Stekiel	76a41f5a52	ssl_test_lib: fix compilation flags for default config Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	01396a16da	ssl_test_lib: add function translate given opaque algoritms to psa Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	77fc9ab1ba	Fix typos and code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	85d692d1c4	ssl client/server: add parsing function for key_opaque_algs command line option Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Raoul Strackx	9ed9bc9377	programs/ssl: Fix compile errors when MBEDTLS_HAVE_TIME is not defined Signed-off-by: Raoul Strackx <raoul.strackx@fortanix.com> [dja: add some more fixes, tweak title] Signed-off-by: Daniel Axtens <dja@axtens.net>	2022-03-04 05:07:45 -05:00
Mateusz Starzyk	6c2e9b6048	Add MBEDTLS_ALLOW_PRIVATE_ACCESS to test programs Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-05-21 18:10:44 +02:00
Gilles Peskine	e374b95fe1	Detect and report mutex usage errors in SSL test programs Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-02-22 19:24:03 +01:00
Gilles Peskine	53dea743d5	SSL test programs: allow for test hooks init and error reports Create utility functions to set up test hooks and report errors that the test hooks might detect. Call them in ssl_client2 and ssl_server2. Test hooks are potentially enabled by compiling with MBEDTLS_TEST_HOOKS. This commit only sets up the functions. It doesn't make them do anything yet. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-02-22 19:24:03 +01:00
Gilles Peskine	8eb2943705	Support mbedtls_psa_get_random() in SSL test programs The SSL test programs can now use mbedtls_psa_get_random() rather than entropy+DRBG as a random generator. This happens if the configuration option MBEDTLS_USE_PSA_CRYPTO is enabled, or if MBEDTLS_TEST_USE_PSA_CRYPTO_RNG is set at build time. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-02-16 15:39:48 +01:00
Gilles Peskine	aaedbdcfd6	Refuse reproducible mode with MBEDTLS_USE_PSA_CRYPTO With MBEDTLS_USE_PSA_CRYPTO, some of the randomness for the TLS connection is generated inside the PSA crypto subsystem, which has no reproducible mode. Whether there is a nonzero amount of randomness coming from inside the PSA subsystem rather than from the random generator set by mbedtls_ssl_conf_rng() depends on the choice of cipher suite and other connection parameters as well as the level of support for MBEDTLS_USE_PSA_CRYPTO. Rather than give unreliable results, conservatively abort with a clear error message. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-02-03 13:55:22 +01:00
Gilles Peskine	ba74904c48	SSL test programs: support HMAC_DRBG Support HMAC_DRBG in ssl_client2 and ssl_server2, in addition to CTR_DRBG. CTR_DRBG is still used if present, but it's now possible to run the SSL test programs with CTR_DRBG disabled. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-01-13 20:30:03 +01:00
Gilles Peskine	535fb37870	SSL test programs: abstract CTR_DRBG away In ssl_client2 and ssl_server2, to generate random data, go through a level of indirection provided by ssl_test_lib. This way the programs don't depend on a particular choice of RNG implementation, and only ssl_test_lib.{h,c} explicitly reference CTR_DRBG. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-01-13 20:18:32 +01:00

1 2

56 Commits