mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-19 00:40:14 +00:00

Author	SHA1	Message	Date
Dave Rodgman	235799bc23	Simplify locating original tool Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-03-12 13:33:09 +00:00
Dave Rodgman	294a3c2ccb	Remove unnecessary use of export Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-03-12 13:32:36 +00:00
Ronald Cron	ec4ed8eae4	Merge pull request #8857 from ronald-cron-arm/tls13-cli-max-early-data-size TLS 1.3: Enforce max_early_data_size on client	2024-03-12 13:31:20 +00:00
Dave Rodgman	a7f3c4e1d0	Merge pull request #8822 from daverodgman/sha3-perf SHA-3 performance & code size	2024-03-12 13:14:40 +00:00
Valerio Setti	6fbde6e242	test_suite_pk: revert erroneous missing initialization of PSA key IDs Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-12 11:00:39 +01:00
Valerio Setti	8b3c6fffa7	test_suite_pk: add comment for pk_copy_from_psa_builtin_fail Explain why this kind of test is possible for RSA keys, while it is not possible for EC ones. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-12 06:05:03 +01:00
David Horstmann	5ba3f5f7a5	Flip logic of generate_psa_wrappers.py Change from a long list of PSA functions to a list of excluded false-positives. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-11 15:57:43 +00:00
David Horstmann	5d64c6acca	Generate memory poisoning in wrappers Generate memory poisoning code in test wrappers for: * psa_sign_hash_start() * psa_sign_hash_complete() * psa_verify_hash_start() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-11 15:56:13 +00:00
David Horstmann	63dfb45e5e	Merge pull request #1181 from tom-daubney-arm/key_agreement_buffer_protection Implement safe buffer copying in key agreement	2024-03-11 15:10:49 +00:00
Janos Follath	43edc75e31	Merge pull request #8882 from Ryan-Everett-arm/threading-key-tests Test multi-threaded key generation	2024-03-11 15:07:48 +00:00
Dave Rodgman	9cc01ccbf8	Merge pull request #8831 from yanesca/switch_to_new_exp Use mpi_core_exp_mod in bignum	2024-03-11 13:40:46 +00:00
Valerio Setti	e095a67bb2	pk: improve mbedtls_pk_copy_from_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	6f5f9f5ce8	test_suite_pk: fix some comments Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	ab7ddbc812	test_suite_pk: when ANY_HASH is used then pick any available MD alg in the build Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	3433f832fb	test_suite_pk: improve PSA alg selection in pk_copy_from_psa_success() Use the same hashing algorithm as md_for_test. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	039bbbac33	test_suite_pk: destroy original xkey after pk_copy_from_psa() in pk_copy_from_psa_success() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	4114a54403	test_suite_pk: add description for psa_pub_key_from_priv() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	42a58a5249	test_suite_pk: minor fixes for test failures Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	e700d8086e	rsa: rsa_rsassa_pss_sign() to check MD alg both in parameters and RSA context This helps fixing a disparity between the legacy and the USE_PSA case for rsa_sign_wrap() in pk_wrap.c. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	f22eff99a6	test_suite_pk: add new test case for an algorithm only avaible in driver Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	a657ae388a	pk: pk_copy_from_psa() performs the conversion even if the algorithm doesn't match This commit also: - fixes existing tests and add new ones - updates documentation. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	1015985d8a	test_suite_pk: add more test cases for pk_copy_from_psa_success() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	d2ccc2f468	test_suite_pk: various minor fixes - removed redundant info from data file (i.e. informations that can be extrapolated somehow) - removed unecessary parameters in functions - added some extra check on the generated PK contexts - etc... Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	61a47a46ea	test_suite_pk: extend testing in pk_copy_from_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	aeeefef64e	pk_wrap: use correct PSA alg in rsa_encrypt_wrap() when USE_PSA This bugfix was due in PR #8826, but we didn't catch that. This commit also add proper testing in test_suite_pk that was not implemented in #8826. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	88e2dac6d6	test_suite_pk: rename PK context variables Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	e8fe3e76c4	test_suite_pk: add key pair check in pk_copy_from_psa_success() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	3a815cbd2f	all.sh: keep RSA_C enabled in component_full_no_pkparse_pkwrite() This is possible because after #8740 RSA_C no longer depends on PK to parse and write private/public keys. This commit also solves related issues that arose after this change in "pk.c" and "test_suite_pk". In particular now we can use rsa's module functions for parsing and writing keys without need to rely on pk_parse and pk_write functions. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:53 +01:00
Minos Galanakis	f9a6893b55	Changelog: Added entry for ssl_session accessors. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2024-03-11 10:09:44 +00:00
Valerio Setti	61532e9a6b	test_suite_pk: fix typos Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 09:48:40 +01:00
Valerio Setti	01ba66d56e	pk: replace CRYPTO_CLIENT guards with CRYPTO_C Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 09:48:40 +01:00
Valerio Setti	a41654d5b1	all.sh: add test component based on full config without PK_[PARSE\|WRITE]_C Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 09:48:40 +01:00
Valerio Setti	452d2d2ccb	test_suite_pk: add some initial testing for mbedtls_pk_copy_from_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 09:48:40 +01:00
Manuel Pégourié-Gonnard	af3e574f5f	Merge pull request #8862 from valeriosetti/issue8825 Improve support of mbedtls_psa_get_random in client-only builds	2024-03-10 20:06:27 +00:00
Ronald Cron	61fd13c6a5	Merge remote-tracking branch 'mbedtls/development' into tls13-cli-max-early-data-size	2024-03-10 18:09:47 +01:00
Ronald Cron	9422725aba	tls13: cli: Discard ticket with zero lifetime Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-10 17:48:26 +01:00
Jerry Yu	ce79488dd5	tls13: srv: Fail connection if ticket lifetime exceed 7 days Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-10 17:42:43 +01:00
Ronald Cron	7e1f9f290f	Merge pull request #8854 from ronald-cron-arm/tls13-srv-max-early-data-size TLS 1.3: Enforce max_early_data_size on server	2024-03-09 00:16:07 +00:00
Ronald Cron	e1295fabaf	tests: ssl: early data: Fix comments Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-08 17:05:27 +01:00
Janos Follath	080a5171e2	Merge pull request #8861 from ronald-cron-arm/tls13-srv-select-kex TLS 1.3: SRV: Improve key exchange mode selection	2024-03-08 14:58:36 +00:00
Ronald Cron	52472104a2	tests: suite: early data: Add comments Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-08 14:51:20 +01:00
Ronald Cron	4facb0a9cd	tests: ssl: Improve early data test code Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-08 14:51:20 +01:00
Ronald Cron	1a13e2f43e	tests: ssl: Improve test code for very small max_early_data_size Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-08 14:51:20 +01:00
Ronald Cron	e14770fc42	ssl-opt.sh: Fix early data test option Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-08 08:57:36 +01:00
Ronald Cron	1f63fe4d74	tls13: srv: Fix resume flag in case of cancelled PSK If we prefer ephemeral key exchange mode over the pure PSK one, make sure the resume flag is disabled as eventually we are not going to resume a session even if we aimed to at some point. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-08 08:43:41 +01:00
Ronald Cron	cf284565c5	tls13: srv: Determine best key exchange mode for a PSK Determine best key exchange for for ticket based and external PSKs. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-08 08:43:41 +01:00
Ronald Cron	12e72f1664	tls13: srv: Always parse the pre-shared key extension Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-08 08:43:41 +01:00
Ronald Cron	139a4185b1	Merge pull request #8587 from yanrayw/issue/4911/ssl_setup-check-RNG-configuration TLS: check RNG when calling mbedtls_ssl_setup()	2024-03-08 07:38:39 +00:00
Dave Rodgman	4c4f1f1428	Avoid recursion for relative paths Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-03-07 17:25:52 +00:00
Dave Rodgman	c02c5b1520	Follow-up for less verbose logging Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-03-07 17:25:52 +00:00

... 2 3 4 5 6 ...

11164 Commits