mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-11 09:40:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
30,680 Commits 170 Branches 263 Tags
Commit Graph

30680 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Valerio Setti
237424b84f test_suite_pk: simplify pk_copy_from_psa_success() 
Use mbedtls_test_key_consistency_psa_pk() to verify that the
generated PK contexts match with the original PSA keys instead
of doing sign/verify and encrypt/decrypt.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-20 12:10:38 +01:00
Minos Galanakis
b70f0fd9a9 Merge branch 'development' into 'development-restricted' 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-19 22:24:40 +00:00
Valerio Setti
f71c060cb2 test_suite_pk: properly size buffers for public keys in pk_psa_sign() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-19 19:35:37 +01:00
Valerio Setti
aa9cc49879 test_suite_pk: test also RSA keys with PKCS1 v2.1 padding mode in pk_psa_sign() 
Previously only only PKCS1 v1.5 was tested.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-19 19:03:55 +01:00
Gilles Peskine
4fc5b71cbb
Merge pull request #1207 from ronald-cron-arm/binder-overread 
tls13: srv: Fix potential stack buffer overread
 2024-03-19 17:01:23 +01:00
Valerio Setti
4f3262de2d pk_wrap: fix algorithm selection in rsa_opaque_sign_wrap() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-19 15:55:32 +01:00
Valerio Setti
d971b7834b test_suite_pk: fix RSA issue in pk_psa_sign() when !PK_[PARSE|WRITE]_C are defined 
This bug was not found until now because:
- !PK_[WRITE|PARSE]_C is only tested in component_full_no_pkparse_pkwrite()
- the test only case concerning RSA key had MBEDTLS_PK_WRITE_C as dependency
  so it was not executed in that component.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-19 15:55:32 +01:00
Valerio Setti
c262561424 test_suite_pk: rename some variables in pk_psa_sign() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-19 15:55:32 +01:00
Valerio Setti
d38480b0e0 test_suite_pk: reshape pk_psa_sign() 
The behavior of the functions is kept intact. Changes concern:
- generate the initial PK context using PSA parameters only; this
  allows to remove 1 input parameter for the test function.
- add/fix comments.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-19 15:55:32 +01:00
Ronald Cron
a5c5c58107 tls13: srv: Fix potential stack buffer overread 
Fix potential stack buffer overread when
checking PSK binders.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-19 14:46:21 +01:00
Gilles Peskine
b2b9068264
Merge pull request #8942 from valeriosetti/fix-null-dereference 
[Bugfix] Fix null dereference in `mbedtls_pk_verify_ext()`
 2024-03-19 10:47:29 +00:00
Steven WdV
9f0858db30 Check C/C++ compilers separately for AppleClang ranlib 
Signed-off-by: Steven WdV <swdv@cs.ru.nl>
 2024-03-19 11:39:44 +01:00
Manuel Pégourié-Gonnard
af14b89824
Merge pull request #8932 from ronald-cron-arm/enable-tls13-by-default 
Enable TLS 1.3 by default
 2024-03-19 09:51:49 +00:00
Valerio Setti
da47518554 test_suite_pk: always test verify_ext with opaque keys in pk_psa_wrap_sign_ext() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-19 09:54:46 +01:00
David Horstmann
720c72b6ba
Merge pull request #1202 from davidhorstmann-arm/update-buffer-sharing-design-doc 
Rewrite PSA shared memory design document
 2024-03-18 17:49:59 +00:00
Valerio Setti
8ad5be0e5d add changelog 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-18 17:22:52 +01:00
David Horstmann
3147034457 Mention MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS 
Explain this option and the way it relates to the copying macros.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 15:59:03 +00:00
David Horstmann
0ea8071bda Remove 'Question' line around testing 
This question has been resolved, as we know that we can test
transparently.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 15:51:03 +00:00
Paul Elliott
92152dc746
Merge pull request #8940 from paul-elliott-arm/add_fixes_to_threading_changelog 
Add issues fixed to threading MVP changelog entry
 2024-03-18 15:30:11 +00:00
Dave Rodgman
0da8c514c3 Replace reference to master 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-03-18 15:25:53 +00:00
Valerio Setti
07500fd874 pk: check PK context type in mbedtls_pk_verify_ext() before trying RSA PSS 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-18 16:22:33 +01:00
Valerio Setti
d59caf4e51 test_suite_pk: extend pk_psa_wrap_sign_ext() 
Try to perform verify_ext() using the opaque context when the
key type is MBEDTLS_PK_RSASSA_PSS. This currently leads to a
crash while running the test suite and this will be fixed by
the next commit.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-18 16:20:14 +01:00
David Horstmann
4d01066311 Mention metatest.c 
Add a note that validation of validation was implemented in metatest.c
and explain briefly what that program is for.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 15:02:08 +00:00
David Horstmann
872ee6ece0 Mention MBEDTLS_TEST_MEMORY_CAN_POISON 
The configuration of memory poisoning is now performed via
compile-time detection setting MBEDTLS_MEMORY_CAN_POISON. Update
the design to take account of this.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 15:00:08 +00:00
David Horstmann
12b35bf3c2 Discuss test wrappers and updating them 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 14:48:52 +00:00
Dave Rodgman
1fdf9d0a21 Update BRANCHES 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-03-18 14:37:24 +00:00
Dave Rodgman
374704255d
Merge pull request #8939 from daverodgman/codestyle-autogen 
Codestyle autogen fix
 2024-03-18 14:26:59 +00:00
David Horstmann
5ea99af0f2 Add discussion of copying conveience macros 
Namely LOCAL_INPUT_DECLARE() and friends

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 14:12:12 +00:00
Paul Elliott
f5f48549e2 Add issues fixed to changelog entry 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-03-18 13:52:25 +00:00
David Horstmann
1c3b227065 Abstractify example in design exploration 
Since this is just an example, remove specific-sounding references to
mbedtls_psa_core_poison_memory() and replace with more abstract and
generic-sounding memory_poison_hook() and memory_unpoison_hook().

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 13:37:59 +00:00
David Horstmann
3f2dcdd142 Rename mbedtls_psa_core_poison_memory() 
The actual functions were called mbedtls_test_memory_poison()
and mbedtls_test_memory_unpoison(). Update the design section to
reflect this.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 13:32:57 +00:00
David Horstmann
331b2cfb31 Clarify design decision in light of actions 
We were successful in adding transparent memory-poisoning testing, so
simplify to the real design decision we made.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 13:17:25 +00:00
Dave Rodgman
1bd787a3e0 Minor relaxation to auto-gen regex 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-03-18 12:32:49 +00:00
Ronald Cron
d2cb7f4268 all.sh: Add TLS 1.2 only component 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-18 13:07:00 +01:00
Ronald Cron
46ac0658cf all.sh: Adapt/Fix some components 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-18 13:06:59 +01:00
Ronald Cron
a3f385d1a8 all.sh: Disable TLS 1.3 when pre-requisites are not meet 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-18 13:06:59 +01:00
Ronald Cron
27eb68d295 Enable TLS 1.3 by default 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-18 13:06:59 +01:00
Dave Rodgman
5ce1577629
Merge pull request #8928 from Ryan-Everett-arm/update-psa-thread-safety-docs 
Update psa-thread-safety.md to reflect version 3.6 changes
 2024-03-18 12:06:39 +00:00
Dave Rodgman
4e4540d8e0 line length fix 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-03-18 11:55:39 +00:00
Dave Rodgman
2a9eb22107 Check file content to see if it looks auto-generated 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-03-18 11:16:05 +00:00
Manuel Pégourié-Gonnard
47f8d0e840
Merge pull request #8934 from paul-elliott-arm/add_threading_changelog 
Add changelog entry for threading MVP
 2024-03-18 10:25:14 +00:00
Ryan Everett
765b75f2f8
Update docs/architecture/psa-thread-safety/psa-thread-safety.md 
Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com>
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-18 10:20:43 +00:00
Manuel Pégourié-Gonnard
1053da8bf0
Merge pull request #8921 from gilles-peskine-arm/pk_import_into_psa-test-lifetime 
pk_import_into_psa: test persistent keys
 2024-03-18 10:00:00 +00:00
Paul Elliott
7d8fd3fafe Add changelog entry for threading MVP 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-03-17 16:18:23 +00:00
Paul Elliott
78064ac9e0
Merge pull request #8901 from paul-elliott-arm/make_psa_global_data_safe 
Make PSA global_data thread safe
 2024-03-15 19:50:01 +00:00
Ryan Everett
f266b51e3f Respond to feedback on psa-thread-safety.md 
A few typo fixes, extrapolations and extra details.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-15 17:30:31 +00:00
Ryan Everett
c408ef463c Update slot transition diagram 
Adds missing transition and italicises internal functions

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-15 17:29:46 +00:00
Manuel Pégourié-Gonnard
c9db499299
Merge pull request #8930 from ronald-cron-arm/tls13-doc-update 
TLS 1.3: Documentation update for 3.6 release
 2024-03-15 16:41:52 +00:00
Paul Elliott
b24e36d07b Add explanatory comment for init flags 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-03-15 16:25:48 +00:00
Paul Elliott
d35dce6e23 Add comments about RNG mutex requirements 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-03-15 16:06:20 +00:00