ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-22 16:39:56 +08:00
Code Issues Releases Wiki Activity
33,040 Commits 172 Branches 268 Tags
Commit Graph

33040 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ronald Cron
5e3c529614
Merge pull request #9172 from gilles-peskine-arm/test_suite_config-booleans 
Report configuration settings in the outcome file
 2024-07-03 13:09:07 +00:00
Elena Uziunaite
cf5e3dd9f0 Replace MBEDTLS_MD_CAN_SHA384 in md.h and ssl.h 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-03 10:20:48 +01:00
Elena Uziunaite
b476d4bf21 Replace MBEDTLS_MD_CAN_SHA384 with PSA_WANT_ALG_SHA_384 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-03 10:20:41 +01:00
Tom Cosgrove
fb2da6fb35
Merge pull request #9237 from valeriosetti/issue8968 
PSA client-server: support in the unit test framework
 2024-07-02 16:57:20 +00:00
Gilles Peskine
71b04a737a Force MBEDTLS_PSA_HMAC_DRBG_MD_TYPE based on CTR_DRBG 
If MBEDTLS_CTR_DRBG_C is enabled, force MBEDTLS_PSA_HMAC_DRBG_MD_TYPE to be
disabled. This resolves the former inconsistency in builds where
MBEDTLS_PSA_HMAC_DRBG_MD_TYPE is explicitly defined but MBEDTLS_CTR_DRBG_C
remains enabled, where PSA called the CTR_DRBG functions but other parts of
the code based assumed that HMAC was in use, in particular error code
conversions (leading to a test failure in test_suite_psa_crypto_init).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-07-02 16:31:28 +02:00
Gilles Peskine
868d2524b8 Document that MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not force HMAC 
MBEDTLS_PSA_HMAC_DRBG_MD_TYPE was documented and announced as causing the
PSA DRBG to be HMAC_DRBG. However, that was never actually implemented:
CTR_DRBG is prioritized if enabled.

Since there is a simple workaround of disabling MBEDTLS_CTR_DRBG_C if you
want to use HMAC_DRBG, we have decided to accept the actual behavior and fix
the documentation.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-07-02 16:31:28 +02:00
Valerio Setti
d8b59373a0 all.sh: psasim helper functions renaming 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-07-02 15:45:55 +02:00
Valerio Setti
1a49383694 all.sh: exclude some extra slow test suites from psasim testing 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-07-02 15:45:55 +02:00
Tom Cosgrove
caee58f559 psasim: add a bit of white-box testing to hash operations 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2024-07-02 15:45:55 +02:00
Valerio Setti
8473390bbb tests: fix guards in test suites to allow testing with PSASIM 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-07-02 15:45:55 +02:00
Valerio Setti
e134d0962a all.sh: remove old tests components on CRYPTO_CLIENT 
Now that we have PSASIM we can really test CRYPTO_CLIENT
functionality and those functions are not needed anymore.

Moreover new test suites that are going to rely on
CRYPTO_CLIENT && !CRYPTO_C would be tested from
test_default_psa_crypto_client_without_crypto_provider()
leading to failures due to stub functions being empty.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-07-02 15:45:55 +02:00
Valerio Setti
f67ded3488 psasim: update bash scripts 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-07-02 15:45:55 +02:00
Valerio Setti
9022f718b1 all.sh: add new component to run test suites with psasim 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-07-02 15:45:55 +02:00
Valerio Setti
0917265014 makefile: allow to build and link test suites against psasim 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-07-02 15:45:55 +02:00
Gilles Peskine
1b22dd8765 Merge remote-tracking branch 'dev' into test_suite_config-booleans 
Reconcile the framework submodule heads to the latest one.
 2024-07-02 14:24:27 +02:00
Tom Cosgrove
a7e6479a08
Merge pull request #9328 from valeriosetti/psasim-improvements 
psasim: some improvements to the core
 2024-07-02 12:03:20 +00:00
Elena Uziunaite
624488214c Replace MBEDTLS_MD_CAN_SHA224 in md.h 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-02 11:08:04 +01:00
Elena Uziunaite
fcc9afaf9d Replace MBEDTLS_MD_CAN_SHA224 with PSA_WANT_ALG_SHA_224 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-02 11:08:04 +01:00
Valerio Setti
6271004da9 psasim: remove sleep on server side to make test as fast as possible 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-07-02 11:40:48 +02:00
Tom Cosgrove
7cdb1dde60 psasim: invalidate operations on abort+finish 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2024-07-02 11:40:48 +02:00
Valerio Setti
7fe75ba72d psasim: minor fixes to the core 
- do not try to close a connection that was never started
- fix data chunks length for psa_write (prevent memcpy-ing
  to large blocks of data)

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-07-02 11:40:48 +02:00
Ronald Cron
76ac620d70
Merge pull request #9299 from ronald-cron-arm/move-mbedtls-crypto-headers 
Move mbedtls crypto headers
 2024-07-01 14:34:32 +00:00
Gilles Peskine
3bf375cf25 Update framework after merge of #28 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-07-01 15:33:33 +02:00
Ronald Cron
af732955d8 Update framework submodule to the merge of PR30 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-07-01 14:59:35 +02:00
Ronald Cron
fa7e15d76b Fix typo 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-07-01 14:59:35 +02:00
Ronald Cron
fb3e1596cf Adapt include dir paths in test_psa_compliance.py 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-07-01 14:59:35 +02:00
Ronald Cron
b50d30f338 Adapt cipher.h path in depends.py 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-07-01 14:59:35 +02:00
Ronald Cron
71609eb4a8 Adapt check_names.py 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-07-01 14:59:35 +02:00
Ronald Cron
f4606d489e Adjust more paths to Mbed TLS crypto headers 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-07-01 14:59:35 +02:00
Ronald Cron
52cc858aec Adapt libtestdriver1 build 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-07-01 14:59:35 +02:00
Ronald Cron
05ba9124b7 Adapt libraries installation 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-07-01 14:59:35 +02:00
Ronald Cron
d6d7f3ce64 Adapt make cscope 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-07-01 14:59:35 +02:00
Ronald Cron
09de583a8a Adapt make apidoc 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-07-01 14:59:35 +02:00
Ronald Cron
3d817add46 Adjust build systems 
Adjust build systems such as we can built
Mbed TLS in the default and full configuration.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-07-01 14:59:35 +02:00
Ronald Cron
550a18d4d6 Move Mbed TLS crypto headers 
Move all the header files (roughly the crypto
and platform ones) necessary to build the
crypto library to
tf-psa-crypto/drivers/builtin/include/mbedtls.

Exceptions:
. some configuration related files that will not
be necessary anymore when the work on the
configuration file(s) is completed.
. build_info.h as TF-PSA-Crypto will have its
own when we had its CMake build system.

For the time being all headers are kept public
but eventually all headers in
tf-psa-crypto/drivers/builtin/include/mbedtls
will be private and the ones that remain
public (e.g. lms.h, pk.h probably ...) will be
moved to tf-psa-crypto/include/tf-psa-crypto/.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-07-01 14:59:35 +02:00
Janos Follath
57c6651bfc
Merge pull request #1248 from eleuzi01/issue-1234 
Clean up constant-flow memsan testing
 2024-07-01 10:42:23 +01:00
Elena Uziunaite
66ea31ccd0 Clean up constant-flow memsan testing 
Disable asm in memsan constant-flow testing and adjust
test_suit_bignum_core.function accordingly

Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-06-28 14:54:09 +01:00
Sam Berry
4beeb0ce66 Add TLS: password protected... to ignored_tests list 
Signed-off-by: Sam Berry <sam.berry@arm.com>
 2024-06-28 14:46:35 +01:00
Gilles Peskine
a9e7ac9811 Improve description of who is affected 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-06-27 10:59:55 +02:00
Gilles Peskine
db81d7efb0 More diversified sizes in tests 
Test the minimum size that caused an overflow in all configurations,
and also a mostly arbitrary larger size.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-06-27 10:47:47 +02:00
Gilles Peskine
6bba0a8355 Fix stack buffer overflow in ECDSA signature format conversions 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-06-27 08:55:56 +02:00
Sam Berry
8121879b3a Reverted requires_cipher_enabled AES 
Signed-off-by: Sam Berry <sam.berry@arm.com>
 2024-06-26 13:53:47 +01:00
Tom Cosgrove
c4dfc08464
Merge pull request #9310 from valeriosetti/psasim_more_aut_tests 
psasim: complete support of PSA functions in `psasim` and add basic "smoke test" applications
 2024-06-26 11:46:25 +00:00
Gilles Peskine
7b6ddfcd25 psa_cipher_decrypt CCM*: fix rejection of messages shorter than 3 bytes 
Credit to Cryptofuzz. Fixes #9314.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-06-26 13:16:33 +02:00
Janos Follath
d1615b814a
Merge pull request #1241 from Mbed-TLS/change-mpi-exp-mod-to-constant-time 
Change mbedtls_mpi_core_exp_mod() to constant time
 2024-06-26 11:54:08 +01:00
Ronald Cron
f0481f562a
Merge pull request #9258 from tom-daubney-arm/drop_padlock_support 
Drop support for VIA Padlock
 2024-06-26 07:36:04 +00:00
Waleed Elmelegy
e2a6aa5369 Improve comments explaining legacy_methods_compression handling 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-06-25 18:16:16 +01:00
Thomas Daubney
e92adafd2d Remove mention of driver from ChangeLog 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-06-25 16:48:04 +01:00
Thomas Daubney
f57a352a9d Remove superfluous brackets 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-06-25 15:23:57 +01:00
Thomas Daubney
4e5d183d78 Correct pluralisation errors in comments 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-06-25 15:21:48 +01:00