espressif/mbedtls
1
0
Fork 0
mirror of https://github.com/espressif/mbedtls.git synced 2025-07-09 05:37:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 34 Branches 164 Tags
Commit Graph

31240 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Yanray Wang
e72dfff1d6 tls13: early_data: cli: improve comment 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 12:05:16 +08:00
Yanray Wang
2bef7fbc8d tls13: early_data: cli: remove guard to fix failure 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 12:02:56 +08:00
Gilles Peskine
1097d4e731 Minor clarification 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 21:18:10 +01:00
Gilles Peskine
c3fd0958ce typo 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 21:18:04 +01:00
Gilles Peskine
02112cc9a1 Update PBKDF2 availability for 3.5 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 21:17:55 +01:00
Gilles Peskine
3ea22dcb51 Correct function names prefixes where they diverge from module names 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 21:07:24 +01:00
Gilles Peskine
dbcfc7dd95 Be more informative about "No change" 
Distinguish between interfaces that won't change in 4.0, and interfaces that
have no PSA equivalent but are likely to change in 4.0.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 21:04:06 +01:00
Thomas Daubney
db80b2301c Introduce guess_tf_psa_crypto_root 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 17:33:54 +00:00
Thomas Daubney
d1f2934e78 Introduce guess_mbedtls_root 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 17:27:42 +00:00
Thomas Daubney
56bee0344e Rename variable for better clarity 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 14:33:35 +00:00
Thomas Daubney
46588de8fc Improve documentation of crypto_core_directory 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 13:59:30 +00:00
Thomas Daubney
08c6dc4942 Rename project_crypto_name 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 13:56:09 +00:00
Gilles Peskine
d79854b3f7 That's not what mbedtls_ecdh_get_params does 
Keep the discussion of how to retrieve information about a key exchange.
This doesn't seem to have equivalent legacy ECDH APIs.

Add a todo item for mbedtls_ecdh_get_params(). At this point I don't know
where it fits.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 14:01:59 +01:00
Gilles Peskine
f7746bdd79 Correct lists of sign/verify functions 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 14:01:44 +01:00
Gilles Peskine
951cf39b3f Corrections and clarifications around asymmetric key formats 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 14:01:20 +01:00
Gilles Peskine
4d234f1ede Editorial corrections 
Fix typos, copypasta, and other minor clarifications.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 13:59:49 +01:00
Dave Rodgman
059f66ce7c Remove redundant check 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 11:02:03 +00:00
Dave Rodgman
6eee57bc07 Merge remote-tracking branch 'origin/development' into msft-aarch64 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 11:01:50 +00:00
Gilles Peskine
396a2a3dcb Explain interruptible operations 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 11:02:06 +01:00
Dave Rodgman
12d1c3ad4f Use MBEDTLS_HAVE_NEON_INTRINSICS in aesce 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 09:38:38 +00:00
Dave Rodgman
d879b47b52 tidy up macros in mbedtls_xor 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 09:35:14 +00:00
Dave Rodgman
59059ec503 Merge remote-tracking branch 'origin/development' into msft-aarch64 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 09:34:41 +00:00
Pengyu Lv
c353c5cfd5 Catch ScriptOutputError in analyze_outcomes.py 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-30 16:57:08 +08:00
Pengyu Lv
ce980e61cc Move script outputs handling to collect_from_script 
To simplify the logic, `collect_from_script` should take
the responsiblity to parse script outputs to suite name
and test case description.

Also define new Error class ScriptOutputError for
error handling.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-30 16:53:31 +08:00
Yanray Wang
b3e207d762 tls13: early_data: cli: rename early_data parser in nst 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-30 16:49:51 +08:00
Yanray Wang
0790041dc6 Revert "tls13: early_data: cli: remove nst_ prefix" 
This reverts commit 3781ab40fb24c06ca7401bcecc3e1aa31d669a55.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-30 16:44:44 +08:00
Dave Rodgman
10dfe76425
Merge pull request #8573 from daverodgman/iar-aesce2 
Disable hw AES on Arm for IAR
 2023-11-30 08:22:09 +00:00
Yanray Wang
f4bad42670 itls13: early_data: cli: improve comment 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-30 15:58:07 +08:00
Valerio Setti
ad6d016b8f pkwrite: fix return value in pk_get_type_ext() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-30 08:10:36 +01:00
Valerio Setti
3cc486aa11 pkparse: make pk_internal.h always available 
This is needed because now "pk_internal.h" contains defines for
PEM strings

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-30 08:09:47 +01:00
Yanray Wang
a29db7da2e tls13: early_data: cli: assign ciphersuite properly 
When early_data extension is enabled and sent in ClientHello,
the client does not know if the server will accept early data
and select the first proposed pre-shared key with a ciphersuite
that is different from the ciphersuite associated to the selected
pre-shared key. To address aforementioned case, we do associated
verification when parsing early_data ext in EncryptedExtensions.
Therefore we have to assign the ciphersuite in current handshake
to session_negotiate later than the associated verification.
This won't impact decryption of EncryptedExtensions since we
compute handshake keys by the ciphersuite in handshake not via
the one in session_negotiate.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-30 14:27:38 +08:00
Pengyu Lv
d1198060a5 Merge branch 'development' into issue/wrong-suite-name-in-check_test_cases_py 2023-11-30 10:05:54 +08:00
Gilles Peskine
d96aa1b5cd Say who to contact 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 21:13:02 +01:00
Gilles Peskine
dfe6707fc7 Fix typos and make minor style improvements 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 21:12:39 +01:00
Gilles Peskine
a7d5662f15 Allow PSA test cases to depend on test conditions 
In particular, this allows MBEDTLS_TEST_HOOKS.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:49:24 +01:00
Gilles Peskine
6f8ca29ce4 Use the existing definition of __func__ 
Now that library is in the include path when compiling metatest.c, don't
duplicate the definition of __func__ from library/common.h.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 19:42:43 +01:00
Gilles Peskine
895ebc30f0 Protect against compiler optimizations 
GCC 5.4 optimized the write after poisoning (the surprising thing is that
11.4 doesn't).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 19:42:36 +01:00
Gilles Peskine
ef0f01fee6 Memory poisoning: meta-test writes as well as reads 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 19:42:36 +01:00
Gilles Peskine
81f8132bd5 Avoid unused variable warnings in some plausible usage 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 19:42:36 +01:00
Gilles Peskine
abfad78655 Use the existing definition of MBEDTLS_TEST_HAVE_ASAN 
A definition now exists in tests/helpers.h, which is a better place.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 19:41:58 +01:00
Gilles Peskine
e0acf8787d Port to platforms where printf doesn't have %zu 
Reuse the existing abstraction from include/mbedtls/debug.h.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 19:22:03 +01:00
Gilles Peskine
f5dd00288e Fix MSVC build failure 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 19:22:03 +01:00
Gilles Peskine
479a1944e8 Basic functional test for memory poisoning 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 19:22:03 +01:00
Gilles Peskine
0bdb6dc079 Fix memory poisoning with Asan on arbitrary byte boundaries 
Asan poisons memory with an 8-byte granularity. We want to make sure that
the whole specified region is poisoned (our typical use case is a
heap-allocated object, and we want to poison the whole object, and we don't
care about the bytes after the end of the object and up to the beginning of
the next object). So align the start and end of the region to (un)poison to
an 8-byte boundary.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 19:22:03 +01:00
Gilles Peskine
d29cce91d0 Add memory poisoning framework 
While an area of memory is poisoned, reading or writing from it triggers a
sanitizer violation.

Implemented for ASan.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 19:22:03 +01:00
Gilles Peskine
3fd3d05196 New files for memory-related test functions 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 19:22:03 +01:00
Gilles Peskine
0457559323 Merge remote-tracking branch 'development' into development-restricted 2023-11-29 19:21:19 +01:00
Valerio Setti
bcc004b549 pkwrite: some reshaping for Montgomery keys in mbedtls_pk_write_pubkey_der() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-29 17:16:55 +01:00
Dave Rodgman
f5e46fd45c
Merge pull request #8535 from daverodgman/update-tfm 
Adjust to match current TF-M config
 2023-11-29 16:14:06 +00:00
Gilles Peskine
18eab984c7
Merge pull request #8560 from lpy4105/issue/8423/optimize-analyze_outcomes_py 
Optimize analyze_outcomes.py
 2023-11-29 14:51:41 +00:00