mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-06 19:13:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
28,098 Commits 172 Branches 263 Tags
Commit Graph

5802 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
7d7ce0e66a
Merge pull request #8495 from lpy4105/issue/6322/driver-only-cipher_aead-tls 
[G3] Driver-only cipher+aead: TLS: main test suite
 2023-11-09 11:10:34 +00:00
Gilles Peskine
4dec9ebdc2
Merge pull request #8378 from mschulz-at-hilscher/fixes/issue-8377 
Fixes "CSR parsing with critical fields fails"
 2023-11-08 18:07:04 +00:00
Dave Rodgman
0d22539de0
Merge pull request #8468 from daverodgman/mbedtls-3.5.1-pr 
Mbed TLS 3.5.1
 2023-11-08 18:01:32 +00:00
Dave Rodgman
28d40930ae Restore bump version 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-08 11:40:08 +00:00
Ronald Cron
c27a4ce3dd
Merge pull request #8429 from gilles-peskine-arm/fix-test_suite_constant_time_hmac-not-executed 
Fix test suite never executed due to an undefined symbol
 2023-11-08 09:05:12 +00:00
Pengyu Lv
2bd56de3f4 ssl: replace MBEDTLS_SSL_HAVE_*_CBC with two seperate macros 
MBEDTLS_SSL_HAVE_<block_cipher>_CBC equals
MBEDTLS_SSL_HAVE_<block_cipher> and MBEDTLS_SSL_HAVE_CBC.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 14:21:19 +08:00
Pengyu Lv
ba6825e37b ssl: use MBEDTLS_SSL_HAVE_* in tests 
Done by commands:

```
sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 14:09:16 +08:00
Matthias Schulz
e92f6dcf5c New test cases requested in https://github.com/Mbed-TLS/mbedtls/pull/8378#discussion_r1383779861 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-07 15:16:35 +01:00
Manuel Pégourié-Gonnard
964dee6b3f
Merge pull request #8442 from lpy4105/issue/8355/driver-only-cipher_aead-x509 
X.509: Support driver-only cipher+aead
 2023-11-06 09:10:57 +00:00
Gilles Peskine
8b6b41f6cd
Merge pull request #8434 from valeriosetti/issue8407 
[G2] Make TLS work without Cipher
 2023-11-04 15:05:00 +00:00
Gilles Peskine
c5ce9fcf03
Merge pull request #8435 from valeriosetti/issue8415 
Remove cipher/aead legacy dependencies from PSA test suites
 2023-11-04 15:04:51 +00:00
Pengyu Lv
2151ba55f6 test_suite_x509write: use plaintext key file 
Some test cases are using encrypted key file, thus have
dependency on low-level block cipher modules (e.g. AES).
This commit adds unencrypted key file so that we could
get rid of those dependencies.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-31 18:12:04 +08:00
Paul Elliott
afc6a992c5
Merge pull request #8381 from gilles-peskine-arm/20231017-misc-cleanup 
Cleanups in test code
 2023-10-30 18:08:01 +00:00
Paul Elliott
835edd627d
Merge pull request #8404 from paul-elliott-arm/fix_coverity_issues 
Fix two coverity issues
 2023-10-30 18:00:14 +00:00
Valerio Setti
847213120c test_suite_psa_crypto_metadata: remove unnecessary CIPHER_C dependencies 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:37:09 +01:00
Valerio Setti
74d5f23c3f test_suite_ssl: use new internal symbols in tests using CBC 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:36:32 +01:00
Gilles Peskine
b3d0ed2e6e
Merge pull request #8303 from valeriosetti/issue6316 
Add test component with all ciphers and AEADs accelerated only
 2023-10-26 15:53:10 +00:00
Gilles Peskine
4f144093ba
Merge pull request #8294 from gilles-peskine-arm/test-datax-chdir 
Support running unit tests from another directory
 2023-10-26 15:53:10 +00:00
Gilles Peskine
d609607f21 Fix test suite never executed due to an undefined symbol 
MBEDTLS_SSL_SOME_SUITES_USE_MAC and MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC are
dependencies of defined in an SSL header, so this header needs to be
included here.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-26 16:50:18 +02:00
Gilles Peskine
cc2bbfe905 Fix invocation with explicit .datax file 
Don't chdir when invoking a test suite executable with an explicit .datax
file. The point of the chdir is to automatically find the .datax file (and
the relative location of the data_files directory) in typical cases. This
conflicts with the expectation that passing a relative path to a .datax file
will work.

(This is what I had originally intended, and what is documented in the
comment, but I forgot to add the argc check in the initial commit.)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-25 17:45:50 +02:00
Gilles Peskine
bf3c3fa122 Define try_chdir everywhere 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-25 17:43:10 +02:00
Valerio Setti
3b1559060a test_suite_psa_crypto: replace builtin dependencies with PSA_WANT 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-25 12:03:36 +02:00
Valerio Setti
9d9b4b547f test_suite_cipher: use TEST_ASSUME() to evaluate supported ciphers 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-25 12:03:36 +02:00
Valerio Setti
d3bdccc063 test_suite_cipher: successfully quit test if no cipher is supported 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-25 12:03:36 +02:00
Paul Elliott
6c68df4155 Convert interruptible test over to using TEST_CALLOC 
Also fix potential leak in unlikely edge case.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-10-23 15:33:37 +01:00
Paul Elliott
078edc205d Add missing exit labels to MPS tests 
Coverity flagged this due to the potential leaked memory allocations in
mbedtls_mps_reader_random_usage()

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-10-20 19:14:46 +01:00
Matthias Schulz
edc32eaf1a Uncrustified 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-10-19 16:09:08 +02:00
Yanray Wang
3d43434953 test_suite_psa_crypto_driver_wrappers.data: fix dependency 
There are some fallback test cases which should rely on builtin
implementations. This commit adjusts them with correct dependencies.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-10-19 16:13:34 +08:00
Matthias Schulz
03bd095a76 Fix dependency check for helper functions. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-10-19 09:52:59 +02:00
Gilles Peskine
8733b4cc76
Merge pull request #8388 from paul-elliott-arm/fix_check_set_padding 
Move initialisation in test to before first test
 2023-10-18 20:31:41 +00:00
Gilles Peskine
f2574206e5 Fix code style 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-18 17:39:48 +02:00
Gilles Peskine
6407f8fc54
Merge pull request #8322 from valeriosetti/issue8257 
Improve location of MD_CAN macros
 2023-10-18 14:31:28 +00:00
Paul Elliott
3bda79ba9f Move initialisation in test to before first test 
Calling mbedtls_cipher_free() on a context that was not initialised
is dangerous, and this could happen if the first test in
check_set_padding() failed.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-10-18 15:09:09 +01:00
Matthias Schulz
ab4082290e Added parameters to add callback function to handle unsupported extensions. Similar to how the callback functions work when parsing certificates. Also added new test cases. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-10-18 13:20:59 +02:00
Gilles Peskine
bbd92917d8 Close file on error path 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-17 18:12:31 +02:00
Gilles Peskine
d681ffdb54 Use modern macros for calloc in test code 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-17 18:12:31 +02:00
Gilles Peskine
bb7d92c4b2 Remove redundant null check 
crl_file is a test argument and can't be null. Besides the code above
already assumes that it's non-null.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-17 17:26:44 +02:00
Gilles Peskine
21e46b39cc Fix missing initializations on some error paths 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-17 17:09:28 +02:00
Matthias Schulz
0ca58e3c10 Added testcase with certificate that contains extensions with critical fields. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-10-17 13:12:32 +02:00
Valerio Setti
2f00b7a5da cipher: reset MBEDTLS_CIPHER_HAVE_AEAD to MBEDTLS_CIPHER_MODE_AEAD 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-17 11:43:34 +02:00
Valerio Setti
9fc1f24331 md: restore md.h includes in source files directly using its elements 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-16 14:39:38 +02:00
Valerio Setti
dcee98730b cipher_wrap: add VIA_LEGACY_OR_USE_PSA to new internal symbols 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-16 11:35:57 +02:00
Valerio Setti
596ef6c0b1 cipher: reset MBEDTLS_CIPHER_HAVE_AEAD_LEGACY to previous naming 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-16 11:26:08 +02:00
Valerio Setti
0521633559 cipher: fix guards in mbedtls_cipher_auth_[encrypt/decrypt]_ext() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-16 11:22:21 +02:00
Valerio Setti
db1ca8fc33 cipher: keep MBEDTLS_CIPHER_HAVE symbols private 
This commit also improve the usage of these new symbols in
cipher_wrap code

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-12 10:39:54 +02:00
Valerio Setti
02a634decd md: remove unnecessary inclusions of mbedtls/md.h 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-11 13:15:58 +02:00
Valerio Setti
49c835e5ec test_suite_pkcs12: fix typo in test case description 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-06 11:25:08 +02:00
Gilles Peskine
c760019dd5 Note about the lack of Windows support 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-05 17:23:58 +02:00
Gilles Peskine
ca26082ab7 Print a notice if chdir fails 
Fixes -Wunused-result warning.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-05 17:23:49 +02:00
Gilles Peskine
21bff21575 Support running unit tests from another directory 
When running a test suite, try to change to the directory containing the
executable. This allows running a test suite from any directory, and still
allow it to access its .datax file as well as data files (generally in
tests/data_files) used by individual test cases.

Only implemented on Unix-like systems and on Windows.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-05 17:19:14 +02:00