mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-17 16:13:48 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
30,838 Commits 170 Branches 263 Tags 198 MiB
1f95ede98c
Commit Graph

30838 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ronald Cron
1f95ede98c Fix "maybe-uninitialized" warning with GCC 11.3 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-05-16 08:12:03 +02:00
Ronald Cron
a33a824d8a Resolve PBKDF2_AES_CMAC_PRF_128 dependencies 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-05-16 08:12:03 +02:00
Ronald Cron
b0c96f47e7 Resolve some HMAC dependencies automatically 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-05-16 08:12:03 +02:00
Ronald Cron
b3a400b9bd config-suite-b: Enable EC with PSA_WANT 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-05-16 08:12:03 +02:00
Ronald Cron
b16e1c2c2f Remove direct enablement of MBEDTLS_CIPHER/MD_C 
Kept MD in thread config as needed for
HMAC_DRBG.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-05-16 08:12:03 +02:00
Ronald Cron
4de85396cf Enable MBEDTLS_PSA_CRYPTO_C and MBEDTLS_USE_PSA_CRYPTO 
Enable MBEDTLS_PSA_CRYPTO_C and MBEDTLS_USE_PSA_CRYPTO
is reference configurations as we are working towards
removing (always on) them.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-05-16 08:12:03 +02:00
Ronald Cron
4dd6631aac test-ref-configs.pl: Detect automatically test with USE_PSA enabled 
Change the way we decide if for a given
configuration we need to run tests with
and without MBEDTLS_USE_PSA_CRYPTO enabled.
That makes the script suitable for 3.6 and
development branch.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-05-16 08:12:03 +02:00
Ronald Cron
640276268d Fix compat.sh filters 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-05-16 08:12:03 +02:00
Ryan Everett
21eaa77ba8 Address ccm-psk-tls1_2 comments 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-05-16 08:12:03 +02:00
Ryan Everett
0855b26a80 Address thread comments 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-05-16 08:12:03 +02:00
Ryan Everett
2abd658030 Address symmetric-only comments 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-05-16 08:12:03 +02:00
Ryan Everett
c3051572ca Address suite-b comments 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-05-16 08:12:03 +02:00
Ryan Everett
44d7ddf82f In suite-b move definition of MBEDTLS_PSA_CRYPTO_CONFIG_FILE 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-05-16 08:12:03 +02:00
Ryan Everett
4540cd3429 Add a crypto config file for suite-b 
Also converts legacy symbols into their PSA equivalents.
When PSA is defined this does not change the compiled code

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-05-16 08:12:03 +02:00
Ryan Everett
0a0393e8bd Use crypto config for ccm-psk-dtls1_2.h 
Convert legacy symbols to their PSA equivalents.
This does not change code compiled when this config is active with PSA
enabled

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-05-16 08:12:03 +02:00
Ryan Everett
ab5ec9d3a4 Add a crypto config file for ccm-psk-tls1_2.h 
Also convert legacy symbols to their PSA equivalents.
This does not change code compiled when this config is active with PSA
enabled

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-05-16 08:12:02 +02:00
Ryan Everett
d3b11571e2 Add a crypto-config file for symmetric-only 
Replaces legacy symbols with the PSA equivalents.
This doesn't change the code generated when this config is active

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-05-16 08:12:02 +02:00
Ryan Everett
885ea8db8f Add a crypto config file for config-thread 
This file consists of PSA symbols which are defined
if and only if the original config was set

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-05-16 08:12:02 +02:00
Gilles Peskine
bdce65700e
Merge pull request #9067 from gilles-peskine-arm/ssl-opt-server2-detection 
Fix skipped tests in configurations without RSA
 2024-05-15 12:06:31 +00:00
Manuel Pégourié-Gonnard
f5761ff26c
Merge pull request #9129 from valeriosetti/update-gitignore 
Update gitignore for `test_keys.h`, `test_certs.h` and `.vscode`
 2024-05-14 10:15:59 +00:00
Gilles Peskine
fc73aa02b0 Add missing dependency that isn't autodetected 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-05-13 21:18:41 +02:00
Gilles Peskine
f5a30afdae Remove redundant RSA dependency 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-05-13 21:18:28 +02:00
Gilles Peskine
d9c7be775e Explicitly use TLS 1.2 on <=1.2-specific keyUsage/extKeyusage tests 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-05-13 21:17:35 +02:00
Gilles Peskine
f9f3d21a67 Fix PSK invocation: GnuTLS PSK length (more) 
Replace more sample PSK by longer (GnuTLS-compatible) strings, taking care
of keeping distinct PSK distinct for wrong-PSK tests.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-05-13 21:06:26 +02:00
Valerio Setti
b5ea455d77 gitignore: ignore .vscode folder in main repo 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-13 11:38:42 +02:00
Valerio Setti
a621fd9df3 gitignore: ignore test_keys.h and test_certs.h 
These files are automatically generated at build time so they
do not need to be tracked.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-13 11:13:36 +02:00
Gilles Peskine
2cdc8f7aa5
Merge pull request #9122 from davidhorstmann-arm/fix-fuzzing-build-failures 
Move some test data generation to main CMakeLists.txt (/ fix fuzzing build failures)
 2024-05-12 18:56:11 +00:00
David Horstmann
cbea7d6e67 Add note explaining component purpose 
We are testing that we don't break OSS-Fuzz, primarily.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-05-10 15:37:57 +01:00
David Horstmann
041ed42555 Add all.sh component for programs without tests 
Check that we can build under CMake with ENABLE_TESTING=OFF but
ENABLE_PROGRAMS=ON.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-05-10 14:37:48 +01:00
David Horstmann
1238b37573 Move test generated files to main CMakeLists.txt 
Move the generation of tests/src/test_certs.h and tests/src/test_keys.h
to the main CMakeLists.txt. This is required because these files are
needed both by tests and programs, whereas tests/CMakeLists.txt is only
included when ENABLE_TESTING is on.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-05-10 14:23:16 +01:00
Tom Cosgrove
9b5768782e
Merge pull request #9104 from valeriosetti/issue8962 
Add a component to all.sh to build and run psasim
 2024-05-10 12:45:04 +00:00
Manuel Pégourié-Gonnard
0e7aaae1fd
Merge pull request #9017 from valeriosetti/issue9010 
Improve generate_test_keys.py
 2024-05-07 11:59:54 +00:00
Valerio Setti
a8ccddce68 generate_test_keys: move code for arrays and LUT generation to a separate function 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 12:35:40 +02:00
Valerio Setti
aabdca6950 check-generated-files: move check for generate_test_cert_macros.py 
This test should only be performed when in MbedTLS repo and not
in tf-psa-crypto one.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 11:15:12 +02:00
Valerio Setti
3fcaf6cc8a generate_test_[keys/cert_macros]: minor fixes 
- remove new line at beginning of test_keys.h
- add footer at the end of both generated files

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:41:47 +02:00
Valerio Setti
cc403cb6ec generate_test_keys: move output file writing to a separate function 
This helps removing the previous pylint exception.

Also use "with" statement for opening the file in order to
ensure that all the content is flushed to the file before
exiting.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:41:46 +02:00
Valerio Setti
d9e4251278 all.sh: add test component to build and test psasim 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-06 15:59:51 +02:00
Gilles Peskine
ca73fc6627
Merge pull request #9026 from nileshkale123/fix/redefination_warning_for_gnu_source 
Fixed redefination warning messages for _GNU_SOURCE
 2024-05-06 12:40:49 +00:00
Tom Cosgrove
4491ceafd9
Merge pull request #9097 from valeriosetti/moving-psasim 
[crypto_client_test] Moving psasim from the framework repo to the mbedtls one
 2024-05-05 16:10:39 +00:00
Valerio Setti
dc64163ad4 generate_test_keys: sort keys before processing them 
Without this fix keys could be listed differently on Ubuntu 16
between different runs therefore causing
check_generated_files() to fail.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-03 18:22:01 +02:00
Valerio Setti
4f4ade9c34 psa-client-server: move psasim from framework repo to the mbedtls one 
This is a temporary fix that will be reverted once the framework
repository will have CI checks.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-03 17:28:04 +02:00
Minos Galanakis
c16048887e Added work directory for the psa client/server testing epic 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-05-03 15:55:12 +01:00
Valerio Setti
d74d2ab9db check-generated-files: add test_certs.h file to the list of checked items 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-03 15:51:21 +02:00
Valerio Setti
5f37b25862 generate_test_cert_macros: minor fixes 
- use build_tree to get the project root path
- remove "if True" in an "if" statement

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-03 15:51:11 +02:00
Valerio Setti
7f6eabd9b1 generated_test_keys: minor fixes 
- rewrite output file (do not append)
- remove useless "os" import
- move pylint for main() function

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-03 15:33:18 +02:00
Manuel Pégourié-Gonnard
61734ec61d
Merge pull request #9073 from valeriosetti/issue9068 
Undefined reference to mbedtls_md_error_from_psa() function
 2024-05-03 07:52:37 +00:00
Gilles Peskine
aa82464dec
Merge pull request #8897 from IVOES/cpp/unbounded-write 
ssl_mail_client: Fix unbounded write of sprintf()
 2024-05-02 16:06:23 +00:00
Gilles Peskine
9791ee9296
Merge pull request #8538 from Ryan-Everett-arm/8537-fix-error-handling-for-secure-element-keys-in-psa_start_key_creation 
Fix error handling for secure element keys in `psa_start_key_creation`
 2024-05-02 16:06:07 +00:00
Gilles Peskine
fa8fc2705a
Merge pull request #9069 from Ryan-Everett-arm/fix-get-and-lock-key-slot-threading-bug 
Wipe the returned slot pointer upon failure in `psa_get_and_lock_key_slot`
 2024-05-02 15:48:21 +00:00
Gilles Peskine
cedb011c50
Merge pull request #9087 from ronald-cron-arm/add-cve-2024-30166-ref 
ChangeLog: Add missing reference to CVE in security entry
 2024-05-02 15:47:43 +00:00