espressif/mbedtls
1
0
Fork 0
mirror of https://github.com/espressif/mbedtls.git synced 2025-06-25 09:59:47 +08:00
Code Issues Packages Projects Releases Wiki Activity
17,040 Commits 33 Branches 163 Tags
Commit Graph

17040 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Werner Lewis
02998c470a Remove unneeded list concatenation 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-09-21 16:46:39 +01:00
Werner Lewis
70d3f3dcdc Remove abbreviations and clarify attributes 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-09-21 16:46:39 +01:00
Werner Lewis
dcad1e93fe Separate common test generation classes/functions 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-09-21 16:46:39 +01:00
Werner Lewis
92bb1cd8cb Fix incorrect indentation 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-09-21 16:29:49 +01:00
Werner Lewis
f0910ae380 Remove is None from if statement 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-09-21 16:29:49 +01:00
Werner Lewis
d76c5edc8e Fix type issues 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-09-21 16:29:49 +01:00
Werner Lewis
1bdee226e3 Remove set() to preserve test case order 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-09-21 16:29:49 +01:00
Werner Lewis
1c413bda51 Sort tests when generating cases 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-09-21 16:29:49 +01:00
Werner Lewis
5c1173bc1b Add test case generation for bignum add 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-09-21 16:29:49 +01:00
Werner Lewis
423f99bcef Add test generation for bignum cmp variant 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-09-21 16:29:49 +01:00
Werner Lewis
545911f751 Add bignum test generation framework 
Adds python script for generation of bignum test cases, with initial
classes for mpi_cmp_mpi test cases. Build scripts are updated to
generate test data.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-09-21 16:29:49 +01:00
Manuel Pégourié-Gonnard
e9ff465709
Merge pull request #6302 from davidhorstmann-arm/2.28-syntax-highlighting-function-files 
[Backport 2.28] Use GitHub C syntax highlighting on test files
 2022-09-21 10:52:17 +02:00
David Horstmann
6af9ad321c Use GitHub C syntax highlighting on test files 
Add a .gitattributes file that tells GitHub to highlight all .function
files as if they were .c files. This aids in reviewing changes to tests.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-09-20 17:24:07 +01:00
Manuel Pégourié-Gonnard
7c7a3eaab5
Merge pull request #6290 from daverodgman/contributing_2.28 
Clarify legal requirements for contributions
 2022-09-16 09:02:06 +02:00
Dave Rodgman
769695eeb0 Clarify legal requirements for contributions 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-09-15 19:07:10 +01:00
Dave Rodgman
1963d67ed0
Merge pull request #6276 from daverodgman/fixcopyright_2.28 
Backport 2.28: Correct copyright and license in crypto_spe.h
 2022-09-13 11:24:01 +01:00
Dave Rodgman
e3619d06c2 Correct copyright and license in crypto_spe.h 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-09-12 17:58:29 +01:00
Manuel Pégourié-Gonnard
1b36e1b4d7
Merge pull request #6246 from superna9999/6100-crash-in-test-suite-x509write-backport 
[Backport 2.28]Crash in test suite x509write config full no seedfile
 2022-09-01 11:18:41 +02:00
Neil Armstrong
11048661a5 Initialize mbedtls_x509write_csr struct before USE_PSA_INIT(), mbedtls_x509write_csr_free() will crash if uninitialized 
When USE_PSA_INIT() failed because lack of seedfile, mbedtls_x509write_csr_free()
crashed when called on an unitialized mbedtls_x509write_csr struct.

This moves mbedtls_x509write_csr_init before calling USE_PSA_INIT(),
which could probably fail, and uses the same flow in x509_csr_check()
and x509_csr_check_opaque().

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-30 15:56:40 +02:00
Gilles Peskine
250a612969
Merge pull request #6212 from tom-cosgrove-arm/explicit-warning-re-ct-conditions-not-0-or-1-2.28 
Backport 2.28: Be explicit about constant time bignum functions that must take a 0 or 1 condition value
 2022-08-22 17:24:10 +02:00
Dave Rodgman
906bdbb66e
Merge pull request #6215 from daverodgman/pr6185-backport 
Backprort: ssl_tls12_server: fix potential NULL-dereferencing
 2022-08-19 20:22:36 +01:00
Leonid Rozenboim
81e742333e ssl_tls12_server: fix potential NULL-dereferencing if local certificate was not set. 
Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com>
 2022-08-19 13:42:08 +01:00
Tom Cosgrove
f211d824d7 Be explicit about constant time bignum functions that must take a 0 or 1 condition value 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-08-18 14:56:00 +01:00
Dave Rodgman
928527cba9
Merge pull request #5990 from zhangsenWang/mbedtls-2.28 
Backport 2.28: Re-enable 5 tests disabled because of an old OpenSSL bug
 2022-08-16 09:56:52 +01:00
Zhangsen Wang
9d5b399b5d rebase with latest 2.28 branch 2022-08-16 03:27:48 +00:00
Dave Rodgman
a77287f8fa
Merge pull request #6182 from wernerlewis/ecp_set_zero_2.28 
[Backport 2.28] Add tests for mbedtls_ecp_set_zero
 2022-08-11 16:43:11 +01:00
Dave Rodgman
3469f7a732
Merge pull request #6187 from daverodgman/backport-iar-fatal-warnings 
Backport 2.28: cmake: IAR support option( MBEDTLS_FATAL_WARNINGS)
 2022-08-09 13:50:23 +01:00
savent
a37f5c1da3 cmake: IAR support option( MBEDTLS_FATAL_WARNINGS) 
IAR toolchain makes some warning, forcing 'warning as error' is not for sure.

Signed-off-by: savent <savent_gate@outlook.com>
 2022-08-09 10:54:13 +01:00
Werner Lewis
55a3285faf Add test case for mbedtls_ecp_set_zero 
Tests function with various ECP point conditions, covering freshly
initialized, zeroed, non-zero, and freed points.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-08-08 17:24:24 +01:00
Gilles Peskine
2c08ac7842
Merge pull request #6157 from daverodgman/chacha-psa-defines-backport 
backport 2.28: MBEDTLS_POLY1305_C and MBEDTLS_CHACHA20_C are needed when PSA_WANT_ALG_CHACHA20_POLY1305 is defined
 2022-08-05 11:03:49 +02:00
Gilles Peskine
da126214ce
Merge pull request #6071 from wernerlewis/bignum_test_radix_2.28 
[Backport 2.28] Remove radix argument from bignum test functions
 2022-08-05 11:01:13 +02:00
Gilles Peskine
f222b8e041
Merge pull request #6161 from daverodgman/backport-cert-symlink 
Backport 2.28: x509_crt: handle properly broken links when looking for certificates
 2022-08-03 13:05:31 +02:00
Gilles Peskine
ddc3845782
Merge pull request #6168 from mman/mbedtls-2.28 
Use double quotes to include private header file psa_crypto_cipher.h
 2022-08-03 13:05:00 +02:00
Martin Man
43dedd8afe Use double quotes to include private header file psa_crypto_cipher.h 
Signed-off-by: Martin Man <mman@martinman.net>
Co-authored-by: Tom Cosgrove <81633263+tom-cosgrove-arm@users.noreply.github.com>
 2022-08-02 13:36:18 +02:00
Zhangsen Wang
1c981f5c84 skip test with openssl client because it will timeout with certain seed due to an openssl bug 
Signed-off-by: Zhangsen Wang <zhangsen.wang@arm.com>
 2022-08-02 06:18:40 +00:00
Werner Lewis
df336842a9 Use upper case for bignum string comparison 
Test data which is compared as a hex string now uses upper case to
match output of mbedtls_mpi_write_string() output. This removes usage
of strcasecmp().

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-08-01 15:57:06 +01:00
Werner Lewis
d487776a61 Remove radix from added test cases 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-08-01 15:57:06 +01:00
Werner Lewis
3d52e445cc Fix formatting in bignum test functions 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-08-01 15:57:06 +01:00
Werner Lewis
3e005f3efc Remove remaining bignum radix args 
Functions which are not covered by script, changes made to use radix
16.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-08-01 15:57:06 +01:00
Werner Lewis
955a0bb18f Remove radix arg from bignum tests 
Cases where radix was explictly declared are removed in most cases,
replaced using script. bignum arguments are represented as hexadecimal
strings. This reduces clutter in test data and makes bit patterns
clearer.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-08-01 15:57:06 +01:00
Werner Lewis
24b6078306 Remove radix arg from mbedtls_test_read_mpi 
All uses have radix argument removed, using script.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-08-01 15:57:02 +01:00
Bence Szépkúti
454fdc2501
Merge pull request #6160 from tom-cosgrove-arm/fix-typos-in-md-files-2.28 
Backport 2.28: Fix typographical errors in .md files found by cspell
 2022-08-01 10:06:31 +02:00
Dave Rodgman
62067bc82f
Merge pull request #6156 from daverodgman/microblaze-littleendian-backport-2.28 
Microblaze littleendian backport 2.28
 2022-07-29 17:08:16 +01:00
Dave Rodgman
6f227ee8e8 Remove use of lstat 
lstat is not available on some platforms (e.g. Ubuntu 16.04). In this
particular case stat is sufficient.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-07-29 14:27:52 +01:00
Dave Rodgman
626b37859c Add Changelog entry 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-07-29 14:27:52 +01:00
Dave Rodgman
2958bb3761 Spelling and grammar improvements 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-07-29 14:27:52 +01:00
Dave Rodgman
168bcd684b Don't increase failure count for dangling symlinks 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-07-29 14:27:52 +01:00
Eduardo Silva
32ffb2b8bc x509_crt: handle properly broken links when looking for certificates 
On non-windows environments, when loading certificates from a given
path through mbedtls_x509_crt_parse_path() function, if a symbolic
link is found and is broken (meaning the target file don't exists),
the function is returning MBEDTLS_ERR_X509_FILE_IO_ERROR which is
not honoring the default behavior of just skip the bad certificate file
and increase the counter of wrong files.

The problem have been raised many times in our open source project
called Fluent Bit which depends on MbedTLS:

https://github.com/fluent/fluent-bit/issues/843#issuecomment-486388209

The expected behavior is that if a simple certificate cannot be processed,
it should just be skipped.

This patch implements a workaround with lstat(2) and stat(2) to determinate
first if the entry found in the directory is a symbolic link or not, if is
a simbolic link, do a proper stat(2) for the target file, otherwise process
normally. Upon find a broken symbolic link it will increase the counter of
not processed certificates.

Signed-off-by: Eduardo Silva <eduardo@treaure-data.com>
 2022-07-29 14:27:50 +01:00
Tom Cosgrove
c71bc7b7d3 Fix typographical errors in .md files found by cspell 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-07-29 13:54:52 +01:00
Dave Rodgman
8934db7b8e
Merge pull request #6143 from tom-cosgrove-arm/fix-comments-in-docs-and-comments-2.28 
Backport 2.28: Fix a/an typos in doxygen and other comments
 2022-07-29 12:59:14 +01:00