mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-22 18:39:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
31,294 Commits 172 Branches 263 Tags
Commit Graph

6466 Commits

Author SHA1 Message Date
Minos Galanakis
411cb6c30f test_suite_ssl: Added ssl_session_id_accessors_check. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-06 13:52:03 +00:00
David Horstmann
a5175634b0
Merge branch 'development-restricted' into copying-pake 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-06 11:18:28 +00:00
Gilles Peskine
71cc260563
Merge pull request #8728 from minosgalanakis/features/add_mbedtls_x509_crt_get_ca_istrue_accesor_6151 
[MBEDTLS_PRIVATE] Add mbedtls_x509_crt_get_ca_istrue() accesor
 2024-03-05 18:04:06 +00:00
Dave Rodgman
3c4166aef3
Merge pull request #8863 from minosgalanakis/feature/add_ecdh_context_5016 
[MBEDTLS_PRIVATE] Add a getter for the ECDH context->grp.id member.
 2024-03-05 16:58:13 +00:00
Minos Galanakis
581e63637a test_suite_x509parse: Added test-case for legacy certificate 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-05 14:39:23 +00:00
Gilles Peskine
8462146d01
Merge pull request #8867 from gilles-peskine-arm/psa_key_attributes-remove_core 
Merge psa_core_key_attributes_t back into psa_key_attributes_t
 2024-03-05 09:59:24 +00:00
Gilles Peskine
fad79fcdd9 Merge remote-tracking branch 'development' into ecp-write-ext-3.6 
Conflicts:
* library/pk.c: mbedtls_pk_wrap_as_opaque() changed in the feature branch
  and was removed in the target branch.
 2024-03-04 08:52:08 +01:00
Minos Galanakis
a83ada4eba tests: Added test for mbedtls_x509_crt_get_ca_istrue() 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-04 02:22:01 +00:00
Ronald Cron
e93cd1b580 tests: ssl: Free write/read test buffers 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 19:30:00 +01:00
Ronald Cron
7c07aab72e tests: write early data: Improve tls13_cli_max_early_data_size 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 19:07:40 +01:00
Ronald Cron
ae6f9a58a9 tests: write early data: Allocate buffer to write/read 
Allocate the buffer to write/read early data. That
way in ASan builds. buffer overwrite/overread can
be detected.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 19:07:34 +01:00
Ronald Cron
aab4a546bf tests: Set the default conf then customize 
Set the default conf then customize, not the
other way around.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 17:09:22 +01:00
Ronald Cron
10b040fa6f tests: ssl_helpers: Rename rng_get to mbedtls_test_random 
mbedtls_test_ as the prefix for test APIs
_random like in mbedtls_ctr/hmac_drbg_random

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 17:00:38 +01:00
Manuel Pégourié-Gonnard
e33b349c90
Merge pull request #8864 from valeriosetti/issue8848 
Deprecate or remove mbedtls_pk_wrap_as_opaque
 2024-03-01 15:54:32 +00:00
Ronald Cron
de9b03dcba tls13: Rename early_data_count to total_early_data_size 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 15:14:17 +01:00
Ronald Cron
aad8523764 tests: ssl: Test enforcement of maximum early data size 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 15:10:22 +01:00
Ronald Cron
fcbf776d06 tests: ssl: Restore write_early_data test function 
For negative testing of early data (tests
related to max_early_data_size in this PR), restore
the test function to write early data that was
first introduced to be able to test the reading
of early data with the writing part and was
removed (as not used anymore) by the PR 8760.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 10:00:47 +01:00
Ronald Cron
25ad10a920 tests: ssl: Improve tls13_srv_max_early_data_size() 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:16 +01:00
Ronald Cron
19bfe0a631 tls13: Rename early_data_count to total_early_data_size 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:16 +01:00
Ronald Cron
70eab45ba6 tls13: generic: Fix log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:16 +01:00
Ronald Cron
dc81b7343f tests: srv max early data size: Add reach_max test arg 
Add the reach_max flag argument for the
test13_srv_max_early_data_size test
function. Non zero value only valid in case
of TEST_EARLY_DATA_ACCEPTED scenario.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:16 +01:00
Ronald Cron
01d273d31f Enforce maximum size of early data in case of HRR 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:16 +01:00
Ronald Cron
919e596c05 Enforce maximum size of early data when rejected 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:16 +01:00
Ronald Cron
2160bfe4e2 tests: ssl: Test enforcement of maximum early data size 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:16 +01:00
Ronald Cron
9b4e964c2c
Merge pull request #8760 from ronald-cron-arm/tls13-write-early-data 
TLS 1.3: Add mbedtls_ssl_write_early_data() API
 2024-02-29 14:31:55 +00:00
Minos Galanakis
b4ce628b64 tests: Added test for mbedtls_ecdh_context_grp 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-02-29 13:31:34 +00:00
Gabor Mezei
f1dd0253ec
Remove write check in driver wrappers tests 
This check is intended to ensure that we do not write intermediate
results to the shared output buffer. This check will be made obselete
by generic memory-poisoning-based testing for all functions.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-28 15:18:21 +00:00
Gilles Peskine
c0f7a8680f mbedtls_ecp_write_key(): deprecate the old function 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-28 13:19:42 +01:00
Gilles Peskine
84b9f1b039 mbedtls_ecp_write_key_ext(): migrate internally 
Stop using mbedtls_ecp_write_key() except to test it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-28 13:19:42 +01:00
Gilles Peskine
e3fb4ccabf mbedtls_ecp_write_key_ext(): new function 
Same as mbedtls_ecp_write_key(), but doesn't require the caller to figure out
the length of the output and possibly distinguish between Weierstrass and
Montgomery curves.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-28 13:19:42 +01:00
Manuel Pégourié-Gonnard
7f523bf9eb
Merge pull request #8845 from gilles-peskine-arm/ecp-write-doc-3.6 
Document ECP write functions
 2024-02-28 11:04:38 +00:00
Valerio Setti
b484e37d91 pk: fix alg selection in mbedtls_pk_sign_ext() for opaque keys 
This commit also fixes pk_psa_wrap_sign_ext() setting the RSA padding
mode so that mbedtls_pk_get_psa_attributes() correctly guesses
the PSA alg to be used.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-28 09:44:35 +01:00
Gilles Peskine
2f107ae000 Don't access psa_key_attributes_t.core 
Access the fields of `psa_key_attributes_t` directly rather than through the
`core` field. This makes the `core` field obsolete.

This commit is fully automated:
```
git ls-files '*.h' '*.c' '*.function' '*.jinja' | xargs perl -l -i -pe '$core = qr/\b(core\b|MBEDTLS_PRIVATE\(core\))/; s/->$core\./->/g; s/&(\w+)\.$core\./&$1./g; s/(\w+)\.$core/$1/g'
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-28 01:30:24 +01:00
Valerio Setti
23e637a7c7 test_suite_pk: initialize all PSA key IDs and attributes 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-27 13:56:57 +01:00
Valerio Setti
1fa2f6e9af test: remove usage of mbedtls_pk_wrap_as_opaque() from tests 
This is replaced with: mbedtls_pk_get_psa_attributes() +
mbedtls_pk_import_into_psa() + mbedtls_pk_setup_opaque().

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-27 09:23:35 +01:00
Gilles Peskine
4c32b69f37 Ignore domain parameters in RSA key generation 
Remove the ability to select a custom public exponent via domain parameters
in RSA key generation. The only way to select a custom public exponent is
now to pass custom production parameters to psa_generate_key_ext().

A subsequent commit will remove domain parameters altogether from the API,
thus this commit does not bother to update the documentation.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-26 08:50:38 +01:00
Gilles Peskine
0f63028809
Merge pull request #8815 from gilles-peskine-arm/psa_generate_key_ext-prototype 
Introduce psa_generate_key_ext
 2024-02-26 07:16:49 +00:00
Gilles Peskine
673461c389 Improve validation in mpi_exp_mod_min_RR 
Check that the test case is hitting what it's supposed to hit, and that the
library takes the expected defensive measure.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-22 15:22:10 +00:00
Janos Follath
fdab786852 Use TEST_EQUAL instead of TEST_ASSERT in new code 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-02-22 15:19:13 +00:00
Ronald Cron
dcb09ca6df tests: write early data: Improve get_early_data_status testing 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-22 12:22:59 +01:00
Ronald Cron
7d158f41ca tests: read early data: Use write API to send early data 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-22 11:46:08 +01:00
Ronald Cron
110303fbe5 tests: read early data: Add no early data indication sent scenario 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-22 11:46:02 +01:00
Ronald Cron
86d288c0d4 tests: ssl: Rename tls13_early_data to tls13_read_early_data 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-22 11:28:29 +01:00
Ronald Cron
9f2c3c09df tls13: cli: Add mbedtls_ssl_get_early_data_status() API 
Add mbedtls_ssl_get_early_data_status() API and its
testing.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-21 17:44:51 +01:00
Ronald Cron
0004600702 tests: write early data: Inverse loop over state logic 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-21 17:44:45 +01:00
Ronald Cron
bf5e909467 tests: write early data: Check we can complete handshake after writing 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-21 17:42:59 +01:00
Ronald Cron
d4069247b8 Improve comments/documentation 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-21 17:37:26 +01:00
Gilles Peskine
0aab69d2eb
Merge pull request #8807 from gilles-peskine-arm/pk_import_into_psa-implement_import 
Implement mbedtls_pk_import_into_psa
 2024-02-21 15:45:17 +00:00
Janos Follath
0902572aa4 Fix style 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-02-21 11:50:25 +00:00
Janos Follath
86258f51b5 Exp mod: handle negative zero 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-02-21 11:25:41 +00:00