1
0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-06-10 16:43:47 +08:00

3388 Commits

Author SHA1 Message Date
Gabor Mezei
f13fd1e272
Use PSA macros for the pkalgs domain
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2025-05-09 14:51:54 +02:00
Gilles Peskine
2439c4c14a
Merge pull request #10090 from valeriosetti/issue9618-development
[development] MBEDTLS_PLATFORM_GET_ENTROPY_ALT in 4.0
2025-05-06 22:35:03 +02:00
Valerio Setti
1afedacfea tests: scripts: add new component to configuration-platform.sh
Import component_test_platform_get_entropy_alt() from its counterpart
in TF-PSA-Crypto repo.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-05-06 06:28:35 +02:00
Valerio Setti
0f0304d433 scripts: tests: fix component_test_full_cmake_clang
Use the proper Clang C++ compiler to build C++ code otherwise the C
compiler will fail because std::cout() is unknown in
"cpp_dummy_build.cpp".

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-04-29 11:01:46 +02:00
Valerio Setti
7fb7fdabd7 tests: scripts: fix component_test_no_platform()
Use alternative implementation of mbedtls_platform_get_entropy() since
the default one lives in "platform.c" and that one is excluded in
this test component.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-04-29 11:01:46 +02:00
Valerio Setti
b13d29ebb2 tests: scripts: fix test_cmake_out_of_source
By default C++ code would be compiled with GNU while C with Clang and
this can create problems at link time. In order to prevent this we
use Clang for both.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-04-29 11:01:46 +02:00
Valerio Setti
7ac11845d0 configs: add PLATFORM_C to configs using ENTROPY_C
This is necessary to let entropy being able to gather entropy data from
the native platform source.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-04-29 11:01:46 +02:00
Valerio Setti
73bd210a94 tests: remove usage of MBEDTLS_NO_PLATFORM_ENTROPY
Use MBEDTLS_PLATFORM_GET_ENTROPY_ALT instead.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-04-29 11:01:46 +02:00
Ben Taylor
1948c94385 added dependencies to test scripts
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
2025-04-29 07:43:37 +01:00
David Horstmann
ad6953f788
Merge pull request #10114 from felixc-arm/switch-to-which-aes
Switch all.sh components from selftest to which_aes
2025-04-28 06:58:38 +00:00
Felix Conway
6908580131 Use aesni_crypt_ecb and internal_aes_encrypt to check conditional compilation
Signed-off-by: Felix Conway <felix.conway@arm.com>
2025-04-22 10:45:28 +01:00
Felix Conway
ad7049407b Remove executable permissions and shebang from component-platforms.sh
Signed-off-by: Felix Conway <felix.conway@arm.com>
2025-04-22 10:45:28 +01:00
Felix Conway
8e13c8f018 Add shebang to fix CI error
Signed-off-by: Felix Conway <felix.conway@arm.com>
2025-04-22 10:35:52 +01:00
Felix Conway
5081d6544d Switch all.sh components from selftest to which_aes
Signed-off-by: Felix Conway <felix.conway@arm.com>
2025-04-22 10:35:49 +01:00
Felix Conway
6fedc4e18e Add executable permissions to new perl file
Signed-off-by: Felix Conway <felix.conway@arm.com>
2025-04-09 13:50:43 +01:00
Felix Conway
1ef121c9b9 Move script and update shebang to fix CI
Signed-off-by: Felix Conway <felix.conway@arm.com>
2025-04-09 09:51:13 +01:00
Ronald Cron
444db895f7 Remove check-generated-files.sh
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2025-03-31 17:18:03 +02:00
Ronald Cron
5d9b9d244f Rename mbedtls-all.sh to just all.sh
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2025-03-29 10:06:38 +01:00
Ronald Cron
8e2d40dbec Remove all.sh wrapper
Now that in TF-PSA-Crypto CI, the TF-PSA-Crypto
all.sh components are run in pure TF-PSA-Crypto
context, there is no need to run them as part of
mbedtls CI anymore. The all.sh wrapper wrapping
./tests/scripts/mbedtls-all.sh and
./tf-psa-crypto/tests/scripts/all.sh can be
removed.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2025-03-29 10:01:53 +01:00
Felix Conway
133f7aab2c Add MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES to ignore list for CI
With the removal of the component_test_psa_inject_entropy test,
MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES is no longer set in any tests, and so
the CI will complain unless it is added to the ignore list.

Signed-off-by: Felix Conway <felix.conway@arm.com>
2025-03-28 09:01:32 +01:00
Felix Conway
92efce2b84 [development] Remove code relating to MBEDTLS_PSA_INJECT_ENTROPY
Signed-off-by: Felix Conway <felix.conway@arm.com>
2025-03-28 09:01:05 +01:00
Ronald Cron
4cd8fbbb2d Use TF_PSA_CRYPTO_ROOT_DIR
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2025-03-26 21:19:28 +01:00
Ronald Cron
aa5c159e36 all.sh: check generated files: Use make_generated_files.py
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2025-03-26 21:19:28 +01:00
Ronald Cron
99226e9b9b cmake: Generate test_keys.h and test_certs.h in the build tree
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2025-03-26 21:19:28 +01:00
Ronald Cron
81a674eee8 Adapt to generate_config_tests.py changes
Adapt builds and check-generated-files.sh to the fact
that generate_config_tests.py does not generate
test_suite_config.psa_boolean.data in Mbed TLS 4.x
context anymore.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2025-03-26 21:19:28 +01:00
Valerio Setti
9f2939c56d test: components: remove references to MBEDTLS_PSA_CRYPTO_SE_C
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-03-26 13:32:54 +01:00
Gabor Mezei
e1e27300a2
Remove MBEDTLS_KEY_EXCHANGE_RSA_ENABLED config option
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2025-03-20 17:53:01 +01:00
Minos Galanakis
a2a0c2cbe7 Merge remote-tracking branch 'origin/features/tls-defragmentation/development' into feature_merge_defragmentation_dev
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2025-03-12 15:25:06 +00:00
Valerio Setti
6408113fe2 tests: move component_test_tf_psa_crypto_cmake_as_package to tf-psa-crypto
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-03-10 12:44:49 +01:00
Ronald Cron
2d1f26037f
Merge pull request #9954 from gabor-mezei-arm/9753_migrate_RSA_key_exchange_tests
Migrate RSA-decryption test cases
2025-03-07 14:46:27 +00:00
Gilles Peskine
e85ece6584 Handshake defragmentation: reassemble incrementally
Reassemble handshake fragments incrementally instead of all at the end. That
is, every time we receive a non-initial handshake fragment, append it to the
initial fragment. Since we only have to deal with at most two handshake
fragments at the same time, this simplifies the code (no re-parsing of a
record) and is a little more memory-efficient (no need to store one record
header per record).

This commit also fixes a bug. The previous code did not calculate offsets
correctly when records use an explicit IV, which is the case in TLS 1.2 with
CBC (encrypt-then-MAC or not), GCM and CCM encryption (i.e. all but null and
ChachaPoly). This led to the wrong data when an encrypted handshake message
was fragmented (Finished or renegotiation). The new code handles this
correctly.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-03-05 17:02:18 +01:00
Gabor Mezei
92e49e1bca
Update comment
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2025-03-05 12:18:47 +01:00
Gabor Mezei
c27757b1eb
Add new test component
New test component added to run test cases with ECDHE_ECDSA ciphersuits and
without TLS 1.3.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2025-03-05 12:18:47 +01:00
Valerio Setti
461899e382 analyze_outcomes.py: remove exceptions for MBEDTLS_DHM_C
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-03-05 10:11:22 +01:00
Valerio Setti
eb63eb2a6a etests: remove MBEDTLS_DHM_C/DHM occurrencies
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-03-05 10:11:22 +01:00
Gilles Peskine
e0bd20bd58 Generate handshake defragmentation test cases: update analyze_outcomes
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-03-04 18:24:52 +01:00
Gilles Peskine
4773333dc6 New generated file: tests/opt-testcases/handshake-generated.sh
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-03-03 16:13:19 +01:00
Gilles Peskine
5df993dcc9 Merge remote-tracking branch 'development' into tls-defragmentation-merge-development-20250303 2025-03-02 21:15:58 +01:00
Minos Galanakis
19dbbe0958 analyze_outcomes: Temporary disabled 3 HS Degragmentation tests.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2025-02-27 11:46:36 +00:00
Harry Ramsey
9b4035cc9e Update path for moved test_zeroize.gdb script
This commit updates the path for the moved test_zeroize.gdb script which
has been moved to MbedTLS-Framework.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
2025-02-19 15:30:25 +00:00
Harry Ramsey
d096793c3f Update paths for moved program files in components-build-system.sh
This commit updates the paths for dlopen_demo.sh in
components-build-system.sh as the file has been moved to the framework.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
2025-02-19 15:30:25 +00:00
Harry Ramsey
b14141dd71 Move programs out of Mbed TLS
This commit moves demo_common.sh, dlopen_demo.sh, metatest.c
query_compile_time_config.c, query_config.h, query_included_headers.c,
zeroize.c and test_zeroize.gdb from MbedTLS into the MbedTLS framework.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
2025-02-19 15:17:32 +00:00
Harry Ramsey
2a75a60d34 Update path to user-config-zeroize-memset.h
This commit updates the path to user-config-zeroize-memset.h as it has
been moved to TF-PSA-Crypto.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
2025-02-19 08:03:57 +00:00
Valerio Setti
24e6ecb502 tests: move components-compliance.sh to tf-psa-crypto repo
This file is cancelled from the Mbed TLS repo and copied to the
TF-PSA-Crypto one.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-02-17 17:40:08 +01:00
Valerio Setti
8438c637ee tests: remove references to DHE-RSA
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-02-06 10:05:58 +01:00
Valerio Setti
da1673c013 components-compliance.sh: update references to test_psa_compliance.py
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-02-05 12:04:36 +01:00
Valerio Setti
2ef55352e8 components-configuration.sh: update references to test_psa_constant_names.py
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-02-05 12:04:36 +01:00
Valerio Setti
40e14a7559 Move files out of Mbed TLS
The following files are moved to the framework repo (deleted here):

tests/scripts/test_psa_compliance.py
tests/scripts/test_psa_constant_names.py

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-02-05 12:04:36 +01:00
Harry Ramsey
94c386a8ea Update config paths in scripts
This commit updates the moved config paths in multiple script files.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
2025-02-04 12:54:15 +00:00
Gabor Mezei
7554eeaf4c
Disable 224K1 while testing the other curves
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2025-01-27 15:03:14 +01:00