mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-11 00:40:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
30,973 Commits 170 Branches 263 Tags
Commit Graph

30973 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Horstmann
df097d3b38 Add note explaining component purpose 
We are testing that we don't break OSS-Fuzz, primarily.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-05-10 15:39:54 +01:00
David Horstmann
90dddc68b9 Add all.sh component for programs without tests 
Check that we can build under CMake with ENABLE_TESTING=OFF but
ENABLE_PROGRAMS=ON.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-05-10 14:55:04 +01:00
David Horstmann
58b660c66a Move test generated files to main CMakeLists.txt 
Move the generation of tests/src/test_certs.h and tests/src/test_keys.h
to the main CMakeLists.txt. This is required because these files are
needed both by tests and programs, whereas tests/CMakeLists.txt is only
included when ENABLE_TESTING is on.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-05-10 14:55:04 +01:00
Manuel Pégourié-Gonnard
3af19dc190
Merge pull request #9102 from valeriosetti/issue9010-backport 
[Backport 3.6] Improve generate_test_keys.py
 2024-05-07 13:01:26 +00:00
Valerio Setti
b03778560b generate_test_keys: move code for arrays and LUT generation to a separate function 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 12:37:45 +02:00
Valerio Setti
6f86a4a5a3 check-generated-files: move check for generate_test_cert_macros.py 
This test should only be performed when in MbedTLS repo and not
in tf-psa-crypto one.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 11:15:57 +02:00
Valerio Setti
3d54a9d7a3 generate_test_[keys/cert_macros]: minor fixes 
- remove new line at beginning of test_keys.h
- add footer at the end of both generated files

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
d714259c01 generate_test_keys: move output file writing to a separate function 
This helps removing the previous pylint exception.

Also use "with" statement for opening the file in order to
ensure that all the content is flushed to the file before
exiting.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
42efdd83ff generate_test_keys: sort keys before processing them 
Without this fix keys could be listed differently on Ubuntu 16
between different runs therefore causing
check_generated_files() to fail.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
feb87a9dfc check-generated-files: add test_certs.h file to the list of checked items 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
97e4e04a52 generate_test_cert_macros: minor fixes 
- use build_tree to get the project root path
- remove "if True" in an "if" statement

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
e2f2dd5b91 generated_test_keys: minor fixes 
- rewrite output file (do not append)
- remove useless "os" import
- move pylint for main() function

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
b090df2e35 generate_test_keys: remove left-over variable 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
91eefe4e45 tests/CMakeLists: fix indentation 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
1717821867 generate_test_keys: do not quit script if output file already exists 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
a8753694f2 generate_test_keys: add missing flush at the end of script 
Ensure that all the data is actually written to the output file.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
1c56ca4c02 test_suite_pk: use explicit key bit size instead of RSA_KEY_SIZE 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
351236a3a9 generate_test_keys: use build_tree to guess the MbedTLS root path 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
ba91d44cd3 generate_test_cert_macros: minor fixes 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
911363e8cb cmake: relocate custom commands for test_certs.h and test_keys.h generation 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
c2293190fe generate_test_cert_macros: embed input args 
- Embed input arguments inside the script so as to simplify the
  calls in Makefiles/CMakeLists.
- add a new "--list-dependencies" command line option to print
  out the list of dependencies.
- Modify tests/Makefile accordinlgy.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
5241f395ec tests/Makefile: minor fix: specify Python binary to be used 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
85a006635f fix "make generated_files" for test_keys.h and test_certs.h 
This also add the check in tests/scripts/check-generated-files.sh

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
b627199d60 generate_test_keys: add default output file option 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
4b9aebf4d9 tests: remove test_certs.h and test_keys.h as they are auto-generated 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
a607a1b322 test: automatically generate test_certs.h and test_keys.h 
Ensure that when tests are built also test_certs.h and
test_keys.h are generated.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Valerio Setti
cd96473fd3 tests: update Makefile to generate tests/src/test_keys.h 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-07 10:54:44 +02:00
Gilles Peskine
c4f4ff9210
Merge pull request #9085 from nileshkale123/fix/redefinition_warning_for_gnu_source_backport_3.6 
Backport 3.6: Fixed issue of redefinition warning messages for _GNU_SOURCE
 2024-05-06 12:40:45 +00:00
Manuel Pégourié-Gonnard
67a92b7442
Merge pull request #9090 from valeriosetti/issue9068-backport 
[Backport 3.6] Undefined reference to mbedtls_md_error_from_psa() function
 2024-05-03 07:52:41 +00:00
Janos Follath
7fa3134dab Fix Changelog formatting 
Add EOL and remove trailing whitespaces.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-05-03 10:50:33 +05:30
Gilles Peskine
82cd3d1014
Merge pull request #9089 from ronald-cron-arm/add-cve-2024-30166-ref-3.6 
[Backport 3.6] ChangeLog: Add missing reference to CVE in security entry
 2024-05-02 19:47:36 +00:00
Valerio Setti
b82fbf5634 md: fix guards for mbedtls_md_error_from_psa() 
This should be CRYPTO_CLIENT and not CRYPTO_C as this function
can be used even when CRYPTO_C is not defined.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-05-02 18:18:45 +02:00
Gilles Peskine
313be884c3
Merge pull request #9076 from gilles-peskine-arm/cpp-unbounded-write-3.6 
Backport 3.6: ssl_mail_client: Fix unbounded write of sprintf()
 2024-05-02 16:06:27 +00:00
Gilles Peskine
51e96ad34c
Merge pull request #9074 from Ryan-Everett-arm/8357-fix-3.6 
Backport 3.6: Fix error handling for secure element keys in `psa_start_key_creation`
 2024-05-02 16:06:09 +00:00
Gilles Peskine
209704a9b3
Merge pull request #9077 from Ryan-Everett-arm/3.6-fix-get-and-lock-key-slot-threading-bug 
Backport 3.6: Wipe the returned slot pointer upon failure in `psa_get_and_lock_key_slot`
 2024-05-02 15:48:18 +00:00
Ronald Cron
68613a46ce ChangeLog: Add missing reference to CVE in security entry 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-05-02 17:27:18 +02:00
nilesh.kale
2a0a62859c Fixed issue of redefinition warning messages for _GNU_SOURCE 
Signed-off-by: nilesh.kale <nilesh.kale@espressif.com>
 2024-05-02 14:27:44 +05:30
Manuel Pégourié-Gonnard
8c2b301b82
Merge pull request #9050 from gilles-peskine-arm/test-dependencies-20240314-3.6 
Backport 3.6: Fix some test case dependencies (PEM_C)
 2024-05-02 08:00:22 +00:00
Ryan Everett
629715aeb1 Add changelog 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-04-30 14:09:43 +01:00
Ryan Everett
1a3573e226 Clarify psa_get_and_lock_key_slot return behaviour 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-04-30 14:09:43 +01:00
Ryan Everett
231f15ba11 Explicitly document return behaviour 
A bug existed previously where this guarantee was not met,
causing some issues in multi-threaded code.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-04-30 14:09:43 +01:00
Ryan Everett
d4ea40de44 Fix potential non-NULL slot return on failure 
If psa_get_and_lock_key_slot fails, the slot must be wiped.
This fixes a bug where a pointer to some valid key slot can
be incorrectly returned

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-04-30 14:09:43 +01:00
Mingjie Shen
41995bec9a ssl_mail_client: Fix code style issue 
Signed-off-by: Mingjie Shen <shen497@purdue.edu>
 2024-04-30 13:00:35 +02:00
Mingjie Shen
623812887a ssl_mail_client: Check return value of mbedtls_snprintf 
The return value of snprintf() is the number of characters (excluding
the null terminator) which would have been written to the buffer if
enough space had been available. Thus, a return value of size or more
means the output was truncated.

Signed-off-by: Mingjie Shen <shen497@purdue.edu>
 2024-04-30 13:00:35 +02:00
Mingjie Shen
6f216e4a73 ssl_mail_client: Replace snprintf with mbedtls_snprintf 
Signed-off-by: Mingjie Shen <shen497@purdue.edu>
 2024-04-30 13:00:34 +02:00
Mingjie Shen
73d649e089 ssl_mail_client: Fix unbounded write of sprintf() 
These calls to sprintf may overflow buf because opt.mail_from and opt.mail_to
are controlled by users. Fix by replacing sprintf with snprintf.

Signed-off-by: Mingjie Shen <shen497@purdue.edu>
 2024-04-30 13:00:33 +02:00
Ryan Everett
97cc7f89be Rewrite changelog 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-04-30 11:17:04 +01:00
Ryan Everett
b1c3d6e07b Add changelog 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-04-30 11:17:04 +01:00
Ryan Everett
b5a20d3bc5 Fix error handling for secure element keys in psa_start_key_creation 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-04-30 11:17:04 +01:00
Gilles Peskine
3dbb502098
Merge pull request #9066 from paul-elliott-arm/fix_ubsan_mp_aead_gcm_3.6 
[Backport 3.6] Add early exit if zero length AEAD additional data passed in.
 2024-04-30 09:48:24 +00:00