espressif/mbedtls
1
0
Fork 0
mirror of https://github.com/espressif/mbedtls.git synced 2025-07-15 02:16:03 +08:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 34 Branches 164 Tags
Commit Graph

31240 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Horstmann
0b241ee584 Add testcases for psa_crypto_copy_input() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 17:15:30 +00:00
Paul Elliott
fc31cb28ee
Merge pull request #8395 from tom-daubney-arm/modify_lcov_script_tf_psa_crypto 
Modify lcov.sh to work in tf-psa-crypto as well
 2023-11-02 15:56:21 +00:00
Valerio Setti
74d48c89fa ssl_server2: small improvement of code readability 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-02 16:43:55 +01:00
Dave Rodgman
4472ce14b9
Merge pull request #8088 from tgonzalezorlandoarm/tg/check_test_cases-new 
Make check_test_cases.py recognize test case name templates in ssl-opt.sh
 2023-11-02 12:22:52 +00:00
Dave Rodgman
e91d7c5d68 Update comment to mention IAR 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 10:36:38 +00:00
Yanray Wang
eefd2695d2 test_suite_psa_crypto: add dependency for decrypt test cases 
If MBEDTLS_BLOCK_CIPHER_NO_DECRYPT, we can't test decrypt for
AES-ECB, so adding this dependency for some test cases

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-02 12:38:01 +08:00
Yanray Wang
66111393e4 all.sh: modify components to test BLOCK_CIPHER_NO_DECRYPT 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-02 12:38:01 +08:00
Yanray Wang
b799eea123 check_config: add checks for MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-02 12:38:01 +08:00
Yanray Wang
e367e47be0 mbedtls_config: add new config option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 
With the introduction of negative option
MBEDTLS_BLOCK_CIPHER_NO_DECRYPT, we don't need to implicitly enable
it through PSA.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-02 12:36:41 +08:00
Dave Rodgman
b351d60e99 Merge remote-tracking branch 'origin/development' into msft-aarch64 2023-11-01 13:20:53 +00:00
Tom Cosgrove
91aaba0172
Merge pull request #8457 from tom-cosgrove-arm/fix-broken-link-231031 
Fix broken link to psa-driver-example-and-guide in psa-driver-wrappers-codegen-migration-guide.md
 2023-11-01 11:02:51 +00:00
Pengyu Lv
59afe498d4 test: tls13: change server output check 
tls13 server now does not parse pre-shared key extension unless
there are some psk key exchange modes really available.
For `ephemeral_all/psk_or_ephemeral` configuration pairs, there
wouldn't be any psk key exchange mode available, so the check
of "Pre shared key found" should be inverse.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-01 14:50:44 +08:00
Jerry Yu
960b7ebbcf move psk check to EE message on client side 
early_data extension is sent in EE. So it should
not be checked in SH message.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-01 10:32:18 +08:00
Jerry Yu
82fd6c11bd Add selected key and ciphersuite check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-01 10:32:17 +08:00
Jerry Yu
ce3b95e2c9 move ticket version check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-01 10:32:17 +08:00
Jerry Yu
454dda3e25 fix various issues 
- improve output message
- Remove unnecessary checks
- Simplify test command

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-01 10:28:43 +08:00
Dave Rodgman
9ba640d318 Simplify use of __has_builtin 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-31 23:34:02 +00:00
Dave Rodgman
90c8ac2205 Add case for MSVC 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-31 23:27:24 +00:00
Dave Rodgman
64bdeb89b9 Use non-empty definition for fallback 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-31 23:27:04 +00:00
Dave Rodgman
52e7052b6c tidy up comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-31 23:26:44 +00:00
Dave Rodgman
3e5cc175e0 Reduce code size in mbedtls_cipher_validate_values 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-31 18:00:01 +00:00
Dave Rodgman
6d2c1b3748 Restructure mbedtls_cipher_validate_values 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-31 18:00:01 +00:00
Dave Rodgman
fb24a8425a Introduce MBEDTLS_ASSUME 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-31 17:59:56 +00:00
Tom Cosgrove
6dcb63bc6d Fix broken link to psa-driver-example-and-guide in psa-driver-wrappers-codegen-migration-guide.md 
Fixes #8453

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-10-31 15:39:25 +00:00
David Horstmann
f63a52ed63 Remove auto-generation of test wrappers 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-31 14:26:00 +00:00
David Horstmann
413dd07a49 Downgrade auto testing testing to a nice-to-have 
Automatic testing of our testing is not essential, as our testing
framework may be manually tested. Having automated tests to test our
tests may be left to future work.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-31 12:20:19 +00:00
Valerio Setti
ac7a809ac3 all.sh: remove leftover loc_curve_list usage 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-31 12:23:44 +01:00
Pengyu Lv
2151ba55f6 test_suite_x509write: use plaintext key file 
Some test cases are using encrypted key file, thus have
dependency on low-level block cipher modules (e.g. AES).
This commit adds unencrypted key file so that we could
get rid of those dependencies.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-31 18:12:04 +08:00
Yanray Wang
b67b47425e Rename MBEDTLS_CIPHER_ENCRYPT_ONLY as MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-10-31 17:22:06 +08:00
Yanray Wang
5779096753 Merge remote-tracking branch 'origin/development' into adjust_tfm_configs 2023-10-31 13:39:07 +08:00
Pengyu Lv
78657d0c1d Change base config to full minus SSL 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-31 10:29:41 +08:00
Pengyu Lv
f2814ff97b Move common config to common function 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-31 10:29:41 +08:00
Pengyu Lv
dbd1e0d986 tls13: add helpers to check if psk[_ephemeral] allowed by ticket 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-31 10:17:17 +08:00
Pengyu Lv
29daf4a36b tls13: server: fully check ticket_flags with available kex mode. 
We need to fully check if the provided session ticket could be
used in the handshake, so that we wouldn't cause handshake
failure in some cases. Here we bring f8e50a9 back.

Example scenario:
A client proposes to a server, that supports only the psk_ephemeral
key exchange mode, two tickets, the first one is allowed only for
pure PSK key exchange mode and the second one is psk_ephemeral only.
We need to select the second tickets instead of the first one whose
ticket_flags forbid psk_ephemeral and thus cause a handshake
failure.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-31 09:34:14 +08:00
David Horstmann
af45b8333a Add function prototypes for copying functions 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-30 20:40:44 +00:00
David Horstmann
2531dab296 Add auto-generation of test wrappers to design 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-30 18:27:10 +00:00
Paul Elliott
afc6a992c5
Merge pull request #8381 from gilles-peskine-arm/20231017-misc-cleanup 
Cleanups in test code
 2023-10-30 18:08:01 +00:00
Paul Elliott
835edd627d
Merge pull request #8404 from paul-elliott-arm/fix_coverity_issues 
Fix two coverity issues
 2023-10-30 18:00:14 +00:00
David Horstmann
15b5beea0c Add note on platform-specific barriers 
Describe the approach of platform-specific code and draw a comparison
with the constant-time module.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-30 17:13:54 +00:00
Dave Rodgman
b06d701f56
Merge pull request #8406 from beni-sandu/aesni 
AES-NI: use target attributes for x86 32-bit intrinsics
 2023-10-30 17:01:06 +00:00
David Horstmann
e045b55c65 Add sections on validation of validation 
These cover the fact that we need to test our test framework to make
sure it really detects incorrect accesses.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-30 17:00:16 +00:00
Tom Cosgrove
3857bad9a2
Merge pull request #8427 from tom-cosgrove-arm/fix-linux-builds-in-conda-forge 
Fix builds in conda-forge, which doesn't have CLOCK_BOOTTIME
 2023-10-30 15:29:26 +00:00
David Horstmann
e88a6f8368 Add portability consideration to careful-access 
It's important that we be able to test for target-specific bugs.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-30 15:26:21 +00:00
David Horstmann
d081e52685 Discuss plain-overwriting memory poisoning 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-30 15:22:07 +00:00
Manuel Pégourié-Gonnard
1c6100240d
Merge pull request #8398 from mpg/analyze-outcome-ignore-re 
In analyze_outcomes.py, add pattern-ignore
 2023-10-30 12:46:35 +00:00
Valerio Setti
3d59ebef2c ssl_helpers: remove CIPHER_C guards in mbedtls_test_ssl_build_transforms() 
Use !USE_PSA_CRYPTO instead.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:59:37 +01:00
Valerio Setti
467271dede ssl_misc: ignore ALG_CBC_PKCS7 for MBEDTLS_SSL_HAVE_xxx_CBC 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:40:32 +01:00
Valerio Setti
847213120c test_suite_psa_crypto_metadata: remove unnecessary CIPHER_C dependencies 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:37:09 +01:00
Valerio Setti
74d5f23c3f test_suite_ssl: use new internal symbols in tests using CBC 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:36:32 +01:00
Valerio Setti
1ebb6cd68d ssl_misc: add internal MBEDTLS_SSL_HAVE_[AES/ARIA/CAMELLIA]_CBC symbols 
These are used in tests to determine whether there is support for
one of those keys for CBC mode.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:36:32 +01:00