ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-07-17 04:45:51 +08:00
Code Issues Releases Wiki Activity
32,047 Commits 174 Branches 272 Tags
Commit Graph

32047 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
f0daff971b
Merge pull request #10151 from gilles-peskine-arm/union-initialization-gcc15-preliminaries-3.6 
Backport 3.6: Test with GCC 15
 2025-05-07 14:22:28 +00:00
Gilles Peskine
15bb8e04bf Improve comments 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-30 16:58:00 +02:00
David Horstmann
3bd433d38a
Merge pull request #10150 from gilles-peskine-arm/pylint-check-str-concat-3.6 
Backport 3.6: Pylint: Complain about a missing comma in multiline lists of strings
 2025-04-28 16:53:39 +00:00
Gilles Peskine
88f6ce195e Update framework 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-25 19:06:50 +02:00
Gilles Peskine
df065720da Allow gcc-15 to be in $PATH 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-25 18:59:45 +02:00
Gilles Peskine
2eab9fd92a Enable drivers when testing with GCC 15 
The goal of testing with GCC 15 is to validate fixes for
https://github.com/Mbed-TLS/mbedtls/issues/9814 . The bug is present in
multiple places, and some of them affect third-party drivers but not our
built-in implementation. (The bug is that driver contexts might not be
zero-initialized, but some of our built-in implementations happen not to
care about this.) Thus, enable the test drivers in the test component that
uses GCC 15, to gain the extra checks performed in the driver wrappers.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-25 18:59:42 +02:00
Gilles Peskine
bf90dc9c71 GCC 15: Silence -Wunterminated-string-initialization 
This is a new warning in GCC 15 that our code base triggers in many places.
Silence it for the time being.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-25 18:58:33 +02:00
Gilles Peskine
94c1b9a4c3 Test with GCC 15 
Non-regression for https://github.com/Mbed-TLS/mbedtls/issues/9814

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-25 18:57:33 +02:00
Gilles Peskine
451b9ada27 Disable warning from gcc -pedantic on dlsym/dlopen 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-25 18:49:56 +02:00
Gilles Peskine
ebd0888cf0 Move persistent key tests to a separate .data file 
They can cause specific challenges when debugging, so move them out for
maintainers' convenience.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-25 18:48:59 +02:00
Gilles Peskine
f5f15aa9e2 Move concurrent tests to a separate .data file 
They can cause specific challenges when debugging, so move them out for
maintainers' convenience.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-25 18:48:52 +02:00
Gilles Peskine
cdb37812e5 Update obsolete section title 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-25 18:48:36 +02:00
Gilles Peskine
ae18357880
Merge pull request #10138 from XavierChapron/xch/constify-mbedtls_cipher_base_lookup_table-3.6 
Constify cipher_wrap:mbedtls_cipher_base_lookup_table
 2025-04-24 17:49:03 +00:00
Gilles Peskine
cc4649dd7f Complain about a missing comma in multiline lists of strings 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-24 19:37:58 +02:00
Gilles Peskine
0dd76e0470 Prepare framework for pylint check-str-concat-over-line-jumps 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-24 19:37:41 +02:00
Gilles Peskine
84442115ff
Merge pull request #10137 from gilles-peskine-arm/test_suite_ssl-fix-ret-20250408-3.6 
Backport 3.6: Fix uncaught failure conditions in test_suite_ssl
 2025-04-23 16:42:17 +00:00
Gilles Peskine
74383ab137
Merge pull request #10132 from valeriosetti/issue157-3.6 
[3.6] Make demo_common.sh usable on its own
 2025-04-18 11:11:11 +00:00
Valerio Setti
309ca525ac framework: update reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-04-18 10:31:28 +02:00
Xavier Chapron
afedef5eea Constify cipher_wrap:mbedtls_cipher_base_lookup_table 
This structure is initialized during the compilation and there is no
reason it changes.
Making it const allows the compiler to put it in .rodata section instead
of .data one.

Signed-off-by: Xavier Chapron <chapron.xavier@gmail.com>
 2025-04-18 09:24:36 +02:00
David Horstmann
e08edcc494
Merge pull request #9469 from mfil/feature/backport36_implement_tls_exporter 
[Backport 3.6] Implement TLS-Exporter
 2025-04-17 14:47:20 +00:00
Gilles Peskine
0e6032dd94 Fix some test helper functions returning 0 on some failures 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-17 10:35:04 +02:00
Gilles Peskine
1ff12810e5 Check the status of mbedtls_ssl_set_hostname() 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-04-17 10:35:03 +02:00
Max Fillinger
1b0e2e903b Add missing ifdef for mbedtls_ssl_tls13_exporter 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 14:35:24 +02:00
Max Fillinger
40c202461f Add label_len argument to non-PSA tls_prf_generic 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:50 +02:00
Max Fillinger
820e5cc29b Fix dependencies for TLS-Exporter tests 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:50 +02:00
Max Fillinger
0b65a91eea Fix doxygen for MBEDTLS_SSL_KEYING_MATERIAL_EXPORT 
Error was introduced while resolving a merge conflict.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:50 +02:00
Max Fillinger
5122dc6219 Fix mistake in previous comment change 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:50 +02:00
Max Fillinger
7833b18008 Fix HkdfLabel comment 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:50 +02:00
Max Fillinger
529931a34a Allow maximum label length in Hkdf-Expand-Label 
Previously, the length of the label was limited to the maximal length
that would be used in the TLS 1.3 key schedule. With the keying material
exporter, labels of up to 249 bytes may be used.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:50 +02:00
Max Fillinger
6a64f0f171 Exporter: Add min. and max. label tests 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:50 +02:00
Max Fillinger
76bb753054 Fix max. label length in key material exporter 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:50 +02:00
Max Fillinger
97a287953f Document BAD_INPUT_DATA error in key material exporter 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:50 +02:00
Max Fillinger
c361064dee Fix requirements for TLS 1.3 Exporter compat test 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:50 +02:00
Max Fillinger
6f7cf0e402 Use mbedtls_calloc, not regular calloc 
Also fix the allocation size.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:50 +02:00
Max Fillinger
2310c1970b Add fixed compatibility test for TLS 1.3 Exporter 
When testing TLS 1.3, use O_NEXT_CLI.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:50 +02:00
Max Fillinger
e009158d71 Remove exporter compatibility test for TLS 1.3 
The openssl version in the docker image doesn't support TLS 1.3, so we
can't run the test.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:50 +02:00
Max Fillinger
0faf5d19a7 Fix openssl s_client invocation 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:49 +02:00
Max Fillinger
d22493f86b Print names of new tests properly 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:49 +02:00
Max Fillinger
a442aea2be Fix memory leak in example programs 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:49 +02:00
Max Fillinger
9c3a7ba6da ssl-opt.sh: Add tests for keying material export 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:49 +02:00
Max Fillinger
c8f936e746 mbedtls_test_ssl_do_handshake_with_endpoints: Zeroize endpoints 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-04-16 11:24:49 +02:00
Max Fillinger
ede294ea42 Exporter tests: Don't use unavailbable constant 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:49 +02:00
Max Fillinger
2c2a6ac64c Exporter tests: Add missing depends-ons 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:24:47 +02:00
Max Fillinger
8ee21410f1 Use one maximum key_len for all exported keys 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:23:42 +02:00
Max Fillinger
fb7e578689 Exporter tests: Reduce key size in long key tests 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:23:42 +02:00
Max Fillinger
20e4ac8b3e Exporter tests: Free endpoints before PSA_DONE() 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-04-16 11:23:42 +02:00
Max Fillinger
81b41d40dc Exporter tests: Fix possible uninitialized variable use 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-04-16 11:23:42 +02:00
Max Fillinger
538ed71ecb Coding style cleanup 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-04-16 11:23:42 +02:00
Max Fillinger
e825110391 Exporter tests: Initialize allocated memory 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-04-16 11:23:42 +02:00
Max Fillinger
436cc20378 Exportert tests: Free endpoints and options 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-04-16 11:23:41 +02:00