1563 Commits

Author SHA1 Message Date
David Horstmann
93fa4e1b87 Merge branch 'development' into buffer-sharing-merge 2024-03-12 15:05:06 +00:00
Manuel Pégourié-Gonnard
d7e7f48323
Merge pull request from valeriosetti/issue8709
Implement mbedtls_pk_copy_from_psa
2024-03-12 13:45:27 +00:00
Dave Rodgman
a7f3c4e1d0
Merge pull request from daverodgman/sha3-perf
SHA-3 performance & code size
2024-03-12 13:14:40 +00:00
Valerio Setti
3a815cbd2f all.sh: keep RSA_C enabled in component_full_no_pkparse_pkwrite()
This is possible because after  RSA_C no longer depends on
PK to parse and write private/public keys.

This commit also solves related issues that arose after this change
in "pk.c" and "test_suite_pk". In particular now we can use
rsa's module functions for parsing and writing keys without need
to rely on pk_parse and pk_write functions.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-11 11:34:53 +01:00
Valerio Setti
a41654d5b1 all.sh: add test component based on full config without PK_[PARSE|WRITE]_C
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-11 09:48:40 +01:00
Ryan Everett
63c1cf7eaa Remove MBEDTLS_THREADING_C check in check_test_dependencies
At the moment our tests only check for MBEDTLS_THREADIN_PTHREAD

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-06 16:46:15 +00:00
Paul Elliott
16d5160504 Allow the use of threading dependancies in PSA tests.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-03-06 16:46:15 +00:00
Ryan
b0b3c0d80a Disable MBEDTLS_SELF_TEST in the TSan config
Enabling this causes TSan warnings, as some self-tests use unprotected globals
(see X_count variables in ecp.c). This isn't an issue, as these globals are only
read in self tests, which do not use threads.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-06 16:46:08 +00:00
Paul Elliott
8a2062c538
Merge pull request from paul-elliott-arm/add_threading_to_drivers
Ensure drivers have threading enabled if required
2024-03-06 14:35:49 +00:00
Gilles Peskine
31403a4ca8
Merge pull request from daverodgman/quietbuild
Make builds less verbose
2024-03-05 18:04:16 +00:00
Paul Elliott
053b7886e5 Ensure drivers have threading enabled if required
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-03-05 14:27:23 +00:00
Ryan
6caf84f717 Explicitely remove the deprecated driver interface from the TSan config
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-05 14:10:08 +00:00
Dave Rodgman
08b81bf1e8 Test all unroll variations
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-26 18:43:22 +00:00
Dave Rodgman
30483dccc0 Undo not-needed change
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-26 17:28:13 +00:00
Dave Rodgman
a9e8dbed14
Allow wrappers to be missing; quote directory name from make
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-26 17:27:18 +00:00
Dave Rodgman
219006329d Move quiet wrapper setup
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-26 11:41:19 +00:00
Tom Cosgrove
817772a6ca
Merge pull request from mschulz-at-hilscher/feature/gcm_largetable
Use large GCM tables
2024-02-23 16:25:38 +00:00
Gilles Peskine
3ea9450463
Merge pull request from valeriosetti/issue8564
Add test for driver-only HMAC
2024-02-14 13:43:40 +00:00
Matthias Schulz
a6ac0f1330 Replaced MBEDTLS_GCM_LARGETABLE by MBEDTLS_GCM_LARGE_TABLE. Removed empty comment line in doc block.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2024-02-09 17:11:54 +01:00
Matthias Schulz
782667883a Fix:
- Remove unnecessary tests.
- Update description of MBEDTLS_GCM_LARGETABLE parameter.
- Move acceleration defines from gcm.h to gcm.c.
- Remove unnecessary zero setting after shift.
- Fix implementation for big-endian architectures.

Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2024-02-08 13:59:15 +01:00
Manuel Pégourié-Gonnard
b7307630bb
Merge pull request from valeriosetti/issue7765-guards-in-asn1
Conversion function between raw and DER ECDSA signatures (guards in ASN1)
2024-02-08 08:45:30 +00:00
Manuel Pégourié-Gonnard
7bf1e98f44
Merge pull request from valeriosetti/issue8647
Move RSA basic key parsing/writing to rsa.c
2024-02-08 08:35:42 +00:00
Matthias Schulz
0767fdadbf Enhance GCM throughput using larger precalculated tables. Also refactored the code for shorter tables and moved the check for available accelerators to the context initialization code.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2024-02-07 13:17:50 +01:00
Manuel Pégourié-Gonnard
1d7bc1ecdf
Merge pull request from valeriosetti/issue8030
PSA FFDH: feature macros for parameters
2024-02-07 10:06:03 +00:00
Gilles Peskine
8a85673a39 Merge remote-tracking branch 'development' into pk_import_into_psa-use_usage 2024-02-06 10:14:17 +01:00
Tom Cosgrove
d4c373a597 Refactor all.sh clang version detection code
Prevents a script failure when attempting to run build_aes_armce on a system without clang

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2024-01-30 13:56:38 +00:00
Tom Cosgrove
9e4eeff6e0 Fix comment about verison of clang required for 'build_aes_armce'
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2024-01-30 13:51:18 +00:00
Gilles Peskine
e0c13cffb3 Update some msg descriptions
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-30 10:17:49 +01:00
Valerio Setti
f8ce457fb6 all.sh: fix comment in check_test_dependencies()
MBEDTLS_ASN1_WRITE_C is no more required for ECDSA conversion
functions.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-26 14:55:14 +01:00
Dave Rodgman
047c724c22 Merge remote-tracking branch 'restricted/development-restricted' into update-development-r
Conflicts:
	programs/Makefile
	tests/scripts/check-generated-files.sh
2024-01-26 12:42:51 +00:00
Valerio Setti
80edec5f84 all.sh: remove MBEDTLS_PEM_PARSE_C exception from check_test_dependencies()
Since we officially disabled support for importing of PEM formatted keys
into PSA we removed dedicated tests from test_suite_psa_crypto. As a
consequence MBEDTLS_PEM_PARSE_C is no more an exception for
component_check_test_dependencies().

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-25 09:33:48 +01:00
Valerio Setti
448377bec7 all.sh: remove MBEDTLS_ASN1_PARSE_C exception from check_test_dependencies()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-24 16:26:35 +01:00
Valerio Setti
3ccb2b5423 all.sh: add exception for ASN1_PARSE_C in check_test_dependencies
There is no PSA equivalent to ASN1 legacy symbols.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-24 16:26:35 +01:00
Valerio Setti
cd89b0b536 all.sh: disable legacy hash support in test_psa_crypto_config_accel_hmac()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-24 14:24:55 +01:00
Valerio Setti
c6d7f53adc all.sh: update common_test_psa_crypto_config_accel_ecc_some_curves()
Do not disable RSA_C and related modules because now it does not
automatically re-enable PK module.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-24 12:36:37 +01:00
Gilles Peskine
64996c3be9 Disable MBEDTLS_PSA_CRYPTO_CLIENT in no-PSA builds
When building without PSA crypto functions, disable
MBEDTLS_PSA_CRYPTO_CLIENT as well as MBEDTLS_PSA_CRYPTO_C. With
just MBEDTLS_PSA_CRYPTO_CLIENT, PSA crypto API functions are supposed to
exist at link time but be provided by a third party.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-23 20:25:47 +01:00
Valerio Setti
8eb310c7e6 all.sh: add accelerated and reference components for HMAC
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-22 16:22:57 +01:00
Dave Rodgman
5f8e2a2b5f Spelling fix
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-17 15:27:05 +00:00
Dave Rodgman
ad4b705863 Use quiet make wrappers from all.sh
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-17 15:27:05 +00:00
Valerio Setti
78aa0bc1d9 all.sh: fix tests with accelerated FFDH
Explicitly accelerate also DH groups in those tests.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-17 15:57:06 +01:00
Valerio Setti
6bed64ec75 all.sh: add new component with only DH 2048 bits.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-17 15:57:06 +01:00
David Horstmann
9de6edd462 Separate memory poisoning tests from generic ASan
Some platforms may support ASan but be C99-only (no C11 support).
These platforms will support ASan metatests but not memory poisoning,
which requires C11 features.

To allow for this, create a separate platform requirement, "poison",
in metatest.c to distinguish generic ASan metatests from ones that
require suppport for memory poisoning.

In practice our platforms support both, so run "poison" tests in
the same all.sh components where we run "asan" ones.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2024-01-17 14:53:08 +00:00
Tom Cosgrove
f1ba1933cf
Merge pull request from yanrayw/issue/7011/send_record_size_limit_ext
TLS1.3: SRV/CLI: add support for sending Record Size Limit extension
2024-01-12 13:39:15 +00:00
Paul Elliott
3519cfb3d8
Merge pull request from bensze01/release_components
Set OpenSSL/GnuTLS variables when running release components
2024-01-11 15:38:35 +00:00
Waleed Elmelegy
a3bfdea82b Revert "Make sure record size limit is not configured without TLS 1.3"
This reverts commit 52cac7a3e6782bbf46a76158c9034afad53981a7.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-01-10 16:17:28 +00:00
Waleed Elmelegy
7ae74b74cc Make sure record size limit is not configured without TLS 1.3
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-01-10 16:17:28 +00:00
Waleed Elmelegy
e840263f76 Move record size limit testing to tls13 component
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-01-10 16:17:28 +00:00
Manuel Pégourié-Gonnard
3eb9025275
Merge pull request from mpg/ciphers-wrapup
Driver-only ciphers wrapup
2024-01-10 12:04:50 +00:00
Tom Cosgrove
3a6059beca
Merge pull request from KloolK/record-size-limit/comply-with-limit
Comply with the received Record Size Limit extension
2024-01-09 15:22:17 +00:00
Manuel Pégourié-Gonnard
88bae8bc52 Rename tests components for clarity
All no_cipher components have crypto (as in libmbedcrypto.a), but the
difference is one doesn't have PSA crypto while the other two do.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-01-08 11:35:01 +01:00