mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-06 12:40:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
30,680 Commits 170 Branches 263 Tags
Commit Graph

30680 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Manuel Pégourié-Gonnard
0ca2fd0e2b Update libtestdriver1 vs internal 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:40 +02:00
Manuel Pégourié-Gonnard
dde1abd572 Update of opaque asymmetric encrypt/decrypt 
https://github.com/Mbed-TLS/mbedtls/pull/8700 merged in the meantime.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:40 +02:00
Manuel Pégourié-Gonnard
6c45361a9c Update for HMAC testing 
Been merged in the meantime.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:40 +02:00
Manuel Pégourié-Gonnard
98f8da1b1a Update names of components renamed in the meantime 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:40 +02:00
Manuel Pégourié-Gonnard
45fe86db99 Fix a typo in a comment 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00
Manuel Pégourié-Gonnard
f2089dab5e Update status of RSA testing 
Improved by https://github.com/Mbed-TLS/mbedtls/pull/8616/ - closing
8553.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00
Manuel Pégourié-Gonnard
70cd911405 Improve comment in a header file 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00
Manuel Pégourié-Gonnard
4c81c343ac Fix copy-pasta in top-of-file comment 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00
Manuel Pégourié-Gonnard
b18bc80133 Add note about fallback to other entry points 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00
Manuel Pégourié-Gonnard
1f4c9051cd all.s: Rm redundant build-only accel components 
Most of them (2 exceptions, see below) are of the "driver + built-in"
type, so they're all a subset of test_psa_crypto_driver which tests
everything with driver + built-in at once.

Furthermore, all those components were build-only, while
test_psa_crypto_driver runs the test suites.

Special cases: two of the components looked like they were trying to go for
driver-only (ecdh disabling ECDH_C and hkdf disabling HKDF_C).

For ECDH, built-in would actually be re-enabled because not enough was
accelerated: you also need ECC key types and curves - see
component_test_psa_crypto_config_accel_ecdh which does this correctly.

For HKDF, we don't have test driver support for key derivation yet. I
guess that shows how little testing value these build-only components
really had.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00
Manuel Pégourié-Gonnard
1ad29c818b Rm redundant driver+built-in all.sh component 
As the comment says, this component's only goal was to make sure the
legacy+driver test cases in test_suite_md.psa were executed.

But actually these are already executed in
component_test_psa_crypto_drivers which tests with everything having
both a driver and the built-in, as can be seen in the outcomes file.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00
Manuel Pégourié-Gonnard
6a96f42051 Document driver wrapper suite & tested configs 
The coverage data for the test drivers was generated using the following
patch:

diff --git a/scripts/lcov.sh b/scripts/lcov.sh
index 9258ba788874..1ef071a65c06 100755
--- a/scripts/lcov.sh
+++ b/scripts/lcov.sh
@@ -63,8 +63,8 @@ if [ $# -gt 0 ] && [ "$1" = "--help" ]; then
 fi

 if in_mbedtls_build_dir; then
-    library_dir='library'
-    title='Mbed TLS'
+    library_dir='tests/src/drivers'
+    title='Mbed TLS test drivers'
 else
     library_dir='core'
     title='TF-PSA-Crypto'
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 734d8323ca73..f6b17ca5692b 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4795,14 +4795,17 @@ component_test_psa_crypto_drivers () {
     msg "build: full + test drivers dispatching to builtins"
     scripts/config.py full
     scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG
-    loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST_ALL"
+    loc_cflags="--coverage -DPSA_CRYPTO_DRIVER_TEST_ALL"
     loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'"
-    loc_cflags="${loc_cflags} -I../tests/include -O2"
+    loc_cflags="${loc_cflags} -I../tests/include -Og -g3"

-    make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS"
+    make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="--coverage" -C tests test_suite_psa_crypto_driver_wrappers

     msg "test: full + test drivers dispatching to builtins"
-    make test
+    (cd tests && ./test_suite_psa_crypto_driver_wrappers --verbose)
+    #make test
+
+    scripts/lcov.sh
 }

 component_test_make_shared () {

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00
Manuel Pégourié-Gonnard
3dbd236b13 Update user-config-for-tests 
Was missing several key types and algs. Also, list those that are not
implemented, but comment them out, to make it clearer what's not
implemented yet.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00
Manuel Pégourié-Gonnard
733a67bb9a all.sh: group helper functions in sections 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00
Manuel Pégourié-Gonnard
b66f9dba11 Document test-driver status per family 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:00 +02:00
Manuel Pégourié-Gonnard
1a827a3422 Start documenting test-driver framework. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:00 +02:00
Gilles Peskine
bee96566da
Merge pull request #8999 from tom-cosgrove-arm/fix-compilation-when-memcpy-is-function-like-macro 
Fix compilation when memcpy() is a function-like macro
 2024-04-09 11:34:46 +00:00
Gilles Peskine
32e26eff49
Merge pull request #8997 from mpg/fix-wrong-dep-test-case 
Fix wrong dependencies in test cases
 2024-04-09 11:34:08 +00:00
Manuel Pégourié-Gonnard
f53112e98b Fix closing comment to match opening guard 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-09 10:48:24 +02:00
Manuel Pégourié-Gonnard
0a4ffa4c3e Fix style of preprocessor expression 
We use logical '&&' everywhere, let's be consistent.

(Unless I'm mistaken, binary '&' happens to give the same results for
booleans so this wasn't an actual bug, just style/readability issue.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-09 10:48:24 +02:00
Pengyu Lv
ebdca796a1 Fix failures in psa_cryto_driver_wrappers suite 
- "in-driver" test should depend on the present
  of a driver.
- add new counter in key manangement driver test
  hook which counts the calls of generate_key.
- We only care about the hits when processing
  `psa_generate_key`.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2024-04-09 10:48:24 +02:00
Pengyu Lv
057ceb281c Add missing dependency of fallback test in driver wrappers suite 
To pass a fallback test, we need a dependency on built-in
implementation.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2024-04-09 10:48:24 +02:00
Pengyu Lv
03fe253533 Add missing definition of AT_LEAST_ONE_BUILTIN_KDF 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2024-04-09 10:48:24 +02:00
Pengyu Lv
7cca290120 Fix wrong dependency in psa_crypto_driver_wrappers suite 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2024-04-09 10:48:24 +02:00
Pengyu Lv
b482a471d4 Fix wrong dependency in psa_crypto_pake suite 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2024-04-09 10:48:24 +02:00
Pengyu Lv
7ee283362b Fix typo in ssl test suite 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2024-04-09 10:48:24 +02:00
Pengyu Lv
e2776d16ef Correct dependancy on MBEDTLS_X509_INFO for x509parse 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2024-04-09 10:48:24 +02:00
Manuel Pégourié-Gonnard
a4b773d3bb
Merge pull request #6955 from inorick/nofa_no_session_tickets 
Guard ticket specific TLS 1.3 function with macro
 2024-04-08 08:56:17 +00:00
Ronald Cron
527a2eb8c4 Add change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 08:45:09 +02:00
Ronald Cron
233fcaadbf tls13: Do not initiate at all resumption if tickets not supported 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-04 15:52:40 +02:00
Ronald Cron
fe15d90f72 tls13: Fix doc of mbedtls_ssl_session_set() - 2 
Fix documentation of mbedtls_ssl_session_set()
regarding its dependency on MBEDTLS_SSL_SESSION_TICKETS
in TLS 1.3 case.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-04 15:52:34 +02:00
Bence Szépkúti
e4d9013518
Merge pull request #8987 from valeriosetti/issue8903 
Test gap: mbedtls_pk_check_pair with MBEDTLS_PK_OPAQUE
 2024-04-04 13:44:24 +00:00
Bence Szépkúti
a376f84eb1
Merge pull request #8937 from valeriosetti/issue8712 
Clarify the documentation of mbedtls_pk_setup_opaque
 2024-04-04 13:40:57 +00:00
Ronald Cron
d85eeae740 tls13: Fix doc of mbedtls_ssl_session_set() - 1 
It was eventually decided to not support multiple
tickets in TLS 1.3 ClientHello messages thus
removing the parts in mbedtls_ssl_session_set()
documentation that were anticipating that.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-04 15:39:20 +02:00
Ronald Cron
66a206c26c tls13: Fix doc of mbedtls_ssl_session_get() - 2 
Fix documentation of mbedtls_ssl_session_get()
regarding its interaction with session
ticket enablement.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-04 15:34:22 +02:00
Ronald Cron
81bb589090 tls13: Fix doc of mbedtls_ssl_session_get() - 1 
The API has eventually not been changed to
return multiple tickets through multiple
subsequent call to it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-04 15:30:55 +02:00
Ronald Cron
9314df617b tls: Fix doc of mbedtls_ssl_session_save() 
Fix documentation of mbedtls_ssl_session_save()
regarding its dependency on MBEDTLS_SSL_SESSION_TICKETS
in TLS 1.3 session case.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-04 14:07:50 +02:00
Tom Cosgrove
387aafff5b
Merge pull request #9007 from mpg/checkbox-3.6 
Add 3.6 backport checkbox to the PR template
 2024-04-04 10:33:22 +00:00
Manuel Pégourié-Gonnard
b76573c662 We now have two LTS branches to backport to. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-04 10:44:18 +02:00
Valerio Setti
1c7f5dea8b pk: fix documentation of mbedtls_pk_setup_opaque() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 09:39:12 +02:00
Ronald Cron
cf47a15e96 ssl_msg.c: Rename _check_new_session_ticket to _is_new_session_ticket 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-02 17:46:52 +02:00
Ronald Cron
dd96c0a2df all.sh: Use full instead of default as the base for the new component 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-02 17:46:44 +02:00
Tom Cosgrove
a2c45dc713 Fix compilation of ssl_tls13_generic.c when memcpy() is a function-like macro 
Fixes #8994

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2024-04-02 14:51:47 +01:00
Ronald Cron
d64fcee58c tests: ssl: Fix dependencies of SRV TLS 1.3 session serialization tests 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-02 12:25:56 +02:00
Paul Elliott
30978ec650
Merge pull request #8874 from stevenwdv/development 
Fix compilation on macOS without apple-clang
 2024-03-29 13:59:36 +00:00
minosgalanakis
e146940714
Merge pull request #1216 from Mbed-TLS/mbedtls-3.6.0_mergeback 
Mbedtls 3.6.0 mergeback
 2024-03-28 14:31:03 +00:00
Minos Galanakis
9860056006 Revert "Autogenerated files for 3.6.0" 
This reverts commit e8a6833b2878f1c08b8f96fe35e2812367e32ef3.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-27 17:36:15 +00:00
Ronald Cron
ceae4f85ea ssl-opt.sh: Add tests where tickets are ignored 
Add tests where we explicitely check that
tickets are ignored on client side when
the support is not enabled.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-27 09:37:37 +01:00
Ronald Cron
7df18bc210 tls13: cli: Ignore tickets if not supported 
If a TLS 1.3 client receives a ticket and
the feature is not enabled, ignore it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-27 09:37:37 +01:00
Norbert Fabritius
4f1c9278cc ssl-opt.sh: Add missing MBEDTLS_SSL_SESSION_TICKETS dependencies 
Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-27 09:37:37 +01:00