espressif/mbedtls
1
0
Fork 0
mirror of https://github.com/espressif/mbedtls.git synced 2025-07-13 10:15:49 +08:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 34 Branches 164 Tags
Commit Graph

31240 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Horstmann
0a57ed25c4 Add output round-trip testcase 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-08 18:18:14 +00:00
David Horstmann
35dd103688 Add input round-trip testcase 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-08 18:17:58 +00:00
David Horstmann
9467ea343b Add psa_crypto_output_copy_free() implementation 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-08 18:13:23 +00:00
David Horstmann
63a73588cf Add testcase for psa_crypto_output_copy_free() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-08 18:13:23 +00:00
David Horstmann
ba3c7d649c Add implementation of psa_crypto_output_alloc() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-08 18:13:23 +00:00
David Horstmann
70b82256b5 Add testcase for psa_crypto_output_copy_alloc() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-08 18:13:23 +00:00
David Horstmann
dfa14cbbcd Add function prototypes for psa_crypto_output fns 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-08 18:13:23 +00:00
David Horstmann
e6042ffc49 Add implementation of psa_crypto_input_copy_free() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-08 18:13:23 +00:00
David Horstmann
4700144817 Add testcase for psa_crypto_input_copy_free() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-08 18:13:15 +00:00
Gilles Peskine
4dec9ebdc2
Merge pull request #8378 from mschulz-at-hilscher/fixes/issue-8377 
Fixes "CSR parsing with critical fields fails"
 2023-11-08 18:07:04 +00:00
Gilles Peskine
c75ee77dbb
Merge pull request #8439 from yuhaoth/pr/add-test-suite-parameter-to-ssl-opt 
Add test-suite parameter to filter tests
 2023-11-08 18:05:44 +00:00
Gilles Peskine
b97058e2d5
Merge pull request #8496 from ronald-cron-arm/remove-cocci-files 
Remove unused *.cocci files
 2023-11-08 18:05:13 +00:00
Dave Rodgman
0d22539de0
Merge pull request #8468 from daverodgman/mbedtls-3.5.1-pr 
Mbed TLS 3.5.1
 2023-11-08 18:01:32 +00:00
David Horstmann
4ac788573b Add psa_crypto_input_copy_alloc() implementation 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-08 15:22:27 +00:00
Ryan Everett
5567e3a34b Make empty key slots explicit 
Add new status field to key slots, and use it.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-11-08 13:28:20 +00:00
Valerio Setti
b9015385fd test_driver_extension: use same def/undef pattern for all accelerated symbols 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-08 13:11:10 +01:00
Manuel Pégourié-Gonnard
3e1d39b332 Add check about legacy dependencies in PSA tests 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-08 12:54:02 +01:00
Dave Rodgman
9eb2abd1e0 Add docs re Everest license 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-08 11:40:17 +00:00
Dave Rodgman
9f747537cf Update BRANCHES 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-08 11:40:11 +00:00
Dave Rodgman
28d40930ae Restore bump version 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-08 11:40:08 +00:00
Dave Rodgman
39b2a38076 Restore 3.5.1 ChangeLog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-08 11:40:04 +00:00
Dave Rodgman
a2d14ef764 Merge remote-tracking branch 'origin/development' into mbedtls-3.5.1-pr 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-08 11:39:53 +00:00
Dave Rodgman
47854e638b Revert back to v3.5.0 
git revert v3.5.0..v3.5.1
git rebase to combine the resulting revert commits

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-08 11:38:57 +00:00
Dave Rodgman
edb8fec988 Add docs re Everest license 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-08 11:36:00 +00:00
Gilles Peskine
1d6de4ceb7 No more limitations accelerated algorithms using a built-in hash 
It used to be the case that when an algorithm that uses a hash inside was
accelerated through a PSA driver, it might end up calling a hash algorithm
that is not available from the driver. Since we introduced MBEDTLS_MD_LIGHT,
this no longer happens: PSA accelerated hashes are available to callers of
the MD module, so the test driver can use all available hash algorithms.
Hence the workaround to skip testing certain accelerated cases is no longer
needed.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-08 12:30:52 +01:00
Manuel Pégourié-Gonnard
fcc5f31bb8 Rm unjustified MD_C dependencies in PSA test 
RSA will auto-enable MD_LIGHT, we don't need to list MD_C as a
dependency here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-08 12:30:52 +01:00
Manuel Pégourié-Gonnard
af302b9e5d Rm unjustified PK_C dependencies in PSA tests 
Some are about raw or AES keys where PK seems really unrelated.

The others are about RSA where PK may be relevant, but the necessary
bits of PK are auto-enabled when RSA key types are requested, so we
shouldn't need to list them as dependencies in tests.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-08 12:30:52 +01:00
Manuel Pégourié-Gonnard
433150e8f2 Rm redundant ECC dependencies in psa_crypto tests 
Since _DERIVE can't be accelerated now, in
config_adjust_legacy_from_psa.h we will notice and auto-enable ECP_LIGHT
as well as the built-in version of each curve that's supported in this
build. So, we don't need to list those as dependencies here - and they
would cause issues when we add support for _DERIVE drivers.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-08 12:30:51 +01:00
Manuel Pégourié-Gonnard
59a8b41ca3 Fix incorrect RSA dependencies in psa_crypto tests 
There's no reason the tests would depend specifically on our built-in
implementation and not work with drivers, so replace the RSA_C
dependency with the correct PSA_WANT dependencies.

Those 6 cases use two different test functions, but both of those
functions only do `psa_import()`, so all that's needed is PUBLIC_KEY or
KEYPAIR_IMPORT (which implies KEYPAIR_BASIC) depending on the kind of
key being tested.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-08 12:30:51 +01:00
Manuel Pégourié-Gonnard
0d9a3618bd Rm unneeded dep on PK_PARSE_C in psa crypto tests 
Most of them were removed in 7162, not sure how these ones slipped in.

There's no reason deterministic ECDSA verification would need PK parse
more than the other tests. The following finds no match:

    grep -i pk_parse library/ecdsa.c library/psa_crypto_ecp.c

Even if PK parse was actually needed for this, the right way would be to
auto-enable it based on PSA_WANT symbols, and then only depend on
PSA_WANT symbols here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-08 12:30:51 +01:00
Yanray Wang
d137da5a93 check_config: make error message in BLOCK_CIPHER_NO_DECRYPT clearer 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-08 19:17:44 +08:00
Yanray Wang
004a60c087 aes.c: remove non-functional code 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-08 19:05:31 +08:00
Yanray Wang
65f7653bdd tls1.3: early data: rephrase ChangeLog 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-08 18:48:33 +08:00
David Horstmann
e542d7c311
Merge pull request #1107 from davidhorstmann-arm/psa-shared-buffers-design 
Detailed design of memory protection strategy
 2023-11-08 10:36:47 +00:00
Ronald Cron
f95b678729 Remove unused *.cocci files 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-08 10:08:09 +01:00
Ronald Cron
c27a4ce3dd
Merge pull request #8429 from gilles-peskine-arm/fix-test_suite_constant_time_hmac-not-executed 
Fix test suite never executed due to an undefined symbol
 2023-11-08 09:05:12 +00:00
Pengyu Lv
2bd56de3f4 ssl: replace MBEDTLS_SSL_HAVE_*_CBC with two seperate macros 
MBEDTLS_SSL_HAVE_<block_cipher>_CBC equals
MBEDTLS_SSL_HAVE_<block_cipher> and MBEDTLS_SSL_HAVE_CBC.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 14:21:19 +08:00
Pengyu Lv
ba6825e37b ssl: use MBEDTLS_SSL_HAVE_* in tests 
Done by commands:

```
sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 14:09:16 +08:00
Yanray Wang
eb61868878 tls1.3: early data: add ChangeLog entry 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-08 13:46:28 +08:00
Pengyu Lv
65458fa969 ssl: MBEDTLS_SSL_HAVE_* in ssl_misc.h 
Done by commands:

```
sed -i "300,$ s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
sed -i "300,$ s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
sed -i "300,$ s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 12:16:29 +08:00
Pengyu Lv
829dd2048a ssl: use MBEDTLS_SSL_HAVE_* in ssl_ciphersuites.c 
Mainly done by the commands, with some manual adjust.

```
sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 12:01:26 +08:00
Pengyu Lv
f1b86b088f ssl: add macro to indicate CBC mode is available 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 11:28:42 +08:00
Pengyu Lv
e870cc8c86 ssl: add macro for available key types 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 11:28:36 +08:00
Yanray Wang
7b320fa7c9 ssl-opt.sh: fix typo 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-08 10:33:32 +08:00
Pengyu Lv
fe03a4071b ssl_helper: fix missin initialization of cli_log_obj 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 10:30:48 +08:00
Yanray Wang
8636d471b3 config-tfm.h: License Change 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-08 10:07:03 +08:00
Yanray Wang
30769696e7 Merge remote-tracking branch 'origin/development' into adjust_tfm_configs 2023-11-08 10:00:24 +08:00
David Horstmann
1ac7e24fb7 Add testcase for psa_crypto_input_copy_alloc() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-07 16:36:41 +00:00
Matthias Schulz
c55b500343 Changed notes in x509_csr.h to better describe the behavior of mbedtls_x509_csr_parse_der and mbedtls_x509_csr_parse_der_with_ext_cb. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-07 16:47:37 +01:00
Matthias Schulz
e92f6dcf5c New test cases requested in https://github.com/Mbed-TLS/mbedtls/pull/8378#discussion_r1383779861 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-07 15:16:35 +01:00