mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-28 08:37:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
32,273 Commits 172 Branches 267 Tags
Commit Graph

32273 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
18e8389452 Add changelog entry 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-11-04 14:07:20 +01:00
Gilles Peskine
fce3f0dd84 mbedtls_psa_ecp_generate_key: don't calculate the public key 
mbedtls_ecp_gen_key() generates a private key and calculates the public key.
Calculating the public key takes most of the CPU time. But the PSA key store
doesn't store the key, in order to simplify the plumbing when drivers are
involved. So the time spent calculating the public key is a waste.

Instead, call mbedtls_ecp_gen_privkey(), which does not calculate the public
key.

This also saves 8 instructions in a sample arm thumb build.

Resolves #9732.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-11-04 14:07:20 +01:00
Gilles Peskine
091941e849 Basic statistical tests for mbedtls_psa_ecp_generate_key() 
Run a few iterations and check that there is some diversity in the results.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-11-04 14:07:20 +01:00
Gilles Peskine
77587ce12d Unit tests for mbedtls_psa_ecp_generate_key() 
Run the function on a few different curves with shorter, just-right and
larger buffer sizes. Perform some basic sanity checks on the output (which
is random).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-11-04 14:07:20 +01:00
Harry Ramsey
0f07e76b4b Fix undefined variable in makefile 
This commit replaces an undefined variable ${MBEDTLS_FRAMEWORK_DIR} for
${MBEDTLS_PATH}.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2024-11-04 12:16:50 +00:00
Harry Ramsey
66ce986ef3 Improve makefile error message 
This commit improves the makefile error message when using make, it no
longer incorrectly reports that CMakeLists.txt cannot be found instead
of exported.make.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2024-11-04 11:40:50 +00:00
Janos Follath
e7c28d6847
Merge pull request #9727 from gilles-peskine-arm/use_psa_crypto-always_forced 
Force MBEDTLS_USE_PSA_CRYPTO enabled
 2024-11-04 11:32:45 +00:00
Manuel Pégourié-Gonnard
dea700dd38 all.sh: improve wrapper error reporting 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-11-04 11:40:44 +01:00
Manuel Pégourié-Gonnard
0b7faf9011
Merge pull request #9746 from gilles-peskine-arm/ffdh-memsan-skip-dev 
Skip slowest FFDH tests against GnuTLS with MSan or Valgrind
 2024-11-04 08:10:26 +00:00
Waleed Elmelegy
005b78c307 Add testing valid attributes after aborting an invalid input in iop key generation 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-11-01 17:08:57 +00:00
Elena Uziunaite
4cf5a0e368 Add a Python utility function to get the 3.6 feature macro 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-11-01 14:52:05 +00:00
Gilles Peskine
05030d4141 Skip slowest FFDH tests against GnuTLS with MSan or Valgrind 
Skip 6144-bit and 8192-bit FFDH tests in MSan or Valgrind test
configurations. These test cases are slow and sometimes trigger GnuTLS's
built-in timeout (which cannot be configured until more recent versions).

Resolves #9742.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-10-31 18:52:40 +01:00
Waleed Elmelegy
b16edbef72 Improve comments for interuptible key agreement APIs 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-10-31 16:41:00 +00:00
Waleed Elmelegy
bb0683274b Remove useless define check for interuptible key agreement APIs 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-10-31 16:39:38 +00:00
Waleed Elmelegy
e3abcc3ff5 Improve interuptible key generation testing 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-10-31 16:39:02 +00:00
Waleed Elmelegy
75a412f5a3 Remove mention of drivers for interuptible key generation 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-10-31 16:37:09 +00:00
Waleed Elmelegy
1c3c5b15c2 Add Testing interuptible key generation initialization 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-10-31 16:35:38 +00:00
Bence Szépkúti
cd0fb1d178
Merge pull request #9105 from jetm/ssl-client2-get-req-host 
ssl_client2: Add Host to HTTP GET request
 2024-10-31 11:32:49 +00:00
Manuel Pégourié-Gonnard
467b487d95
Merge pull request #9738 from mpg/drop-armcc5-dev 
[dev] Drop building with armcc5 in all.sh
 2024-10-31 08:12:40 +00:00
Gilles Peskine
9863b04dec Make MBEDTLS_USE_PSA_CRYPTO no longer a selectable option 
The macro MBEDTLS_USE_PSA_CRYPTO is now always defined. It is no longer a
configuration option.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-10-30 14:23:16 +01:00
Gilles Peskine
b434192dcb Remove explicit setting of MBEDTLS_USE_PSA_CRYPTO 
Now that it's always on, this is no longer necessary.
Also this is a step towards no longer being able to set it, because it soon
won't be a selectable configuration option anymore.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-10-30 14:23:16 +01:00
Gilles Peskine
005370f0be Skip "no USE_PSA" test cases in ssl-opt.sh 
These test cases are desirable, but they will fail until we resolve
https://github.com/Mbed-TLS/mbedtls/issues/7294 .

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-10-30 14:23:16 +01:00
Gilles Peskine
fb31ebd6d5 Remove code for MBEDTLS_USE_PSA_CRYPTO disabled in ssl-opt.sh 
Now that MBEDTLS_USE_PSA_CRYPTO is always on, remove code that handles the
case when it's disabled.
Also this is a step towards no longer expecting it to be reported by
query_compile_time_config.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-10-30 14:23:16 +01:00
Gilles Peskine
5e443f983b Remove direct requirements on MBEDTLS_USE_PSA_CRYPTO in ssl-opt.sh 
Now that MBEDTLS_USE_PSA_CRYPTO is always on, we don't need to check for it.
Also this is a step towards no longer expecting it to be reported by
query_compile_time_config.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-10-30 14:23:16 +01:00
Gilles Peskine
a1be1b8fbb Remove ECJPAKE interoperability testing 
We no longer have two (only partially distinct) implementations of ECJ-PAKE
cipher suites in TLS, now that the non-MBEDTLS_USE_PSA_CRYPTO implementation
is being removed.

We may want to add this testing back in the future, but we'll have to use an
old Mbed TLS instead of a differently-built one.
https://github.com/Mbed-TLS/mbedtls/issues/9740

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-10-30 14:23:16 +01:00
Manuel Pégourié-Gonnard
69868299a8
Merge pull request #9430 from davidhorstmann-arm/align-development-3.6-test-helpers 
Align development test helpers with 3.6
 2024-10-30 09:09:34 +00:00
Manuel Pégourié-Gonnard
d10f42f5e6 Fix making the path of the outcomes file absolute. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-10-30 09:52:36 +01:00
Bence Szépkúti
15baf8b027
Merge pull request #9708 from ronald-cron-arm/target-compile-options 
cmake: Define compile and link options target by target
 2024-10-29 18:59:07 +00:00
Gilles Peskine
8ed4d94166
Merge pull request #9614 from gilles-peskine-arm/use_psa_crypto-always_on 
Always enable MBEDTLS_USE_PSA_CRYPTO in all.sh
 2024-10-29 14:58:55 +00:00
Bence Szépkúti
d6175c5b0c
Merge pull request #9389 from bensze01/graviton-testing 
Add default config tests for the A64, A32, Thumb 1 and Thumb 2 instruction sets
 2024-10-29 12:24:48 +00:00
Manuel Pégourié-Gonnard
6ffebef9c4 New all.sh wrapper with reduced scope (CI only) 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-10-29 12:57:24 +01:00
Manuel Pégourié-Gonnard
26caae8152 Rm forgotten armc5 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-10-29 12:43:26 +01:00
Manuel Pégourié-Gonnard
705690af69 Drop building with armcc5 in all.sh 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-10-29 11:46:47 +01:00
Harry Ramsey
6d9c389957 Further improve error message clarity 
This commit further improves error message clarity.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2024-10-28 14:05:23 +00:00
Bence Szépkúti
bc8c157bce Add override arguments for new gcc targets 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-10-28 11:16:17 +01:00
Bence Szépkúti
8490f052ae Clarify GCC version requirement 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-10-28 11:15:24 +01:00
Bence Szépkúti
479eb522d7 Split up the Thumb-1 test component 
The Thumb-1 tests are by far the slowest, so split the -O0 and -Os tests
into their own components.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-10-28 11:15:24 +01:00
Bence Szépkúti
bb61245007 Remove superfluous invocations of make clean 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-10-28 11:15:24 +01:00
Bence Szépkúti
de146a13b4 Update component speed estimates 
The estimates are based on the most recent CI run.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-10-28 11:15:24 +01:00
Bence Szépkúti
65e77c53d6 Initialize result caching variables 
This prevents interference from identically named environment variables.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-10-28 11:15:22 +01:00
Bence Szépkúti
924662bea3 Use true/false in place of integers 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-10-28 11:14:32 +01:00
Bence Szépkúti
31906327d3 Ignore missing temporary files during cleanup 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-10-28 11:13:53 +01:00
Bence Szépkúti
c12ebb0811 Fix copypasta in gcc_version 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-10-28 11:13:25 +01:00
Bence Szépkúti
d1d26139ff Add AArch64 default config test 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-10-28 11:12:25 +01:00
Bence Szépkúti
1524b9c3ad Add Arm eabi default config tests 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-10-28 11:10:15 +01:00
David Horstmann
f8d13d8fad
Merge pull request #9721 from paul-elliott-arm/fix_new_coverity_issues 
Fix new coverity issues
 2024-10-25 16:43:37 +00:00
Ronald Cron
3e9cc2c213 key_ladder_demo: Initialize additional data to all zeroes 
The header structure was initialized only field by
field. This does not initialized the padding bytes
and MemSan was complaining with use of
uninitialized data in test_memsan all.sh component.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-10-25 18:09:40 +02:00
Ronald Cron
50bd4f887e cmake: libs: Set libraries specific compile options target by target 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-10-25 18:09:40 +02:00
Ronald Cron
d093edd2bd cmake: tests: Set test specific compile options target by target 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-10-25 18:09:40 +02:00
Ronald Cron
051ee711bf Remove now unnecessary shared lib specific compile option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-10-25 18:09:40 +02:00