mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-11 09:40:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
28,376 Commits 170 Branches 263 Tags
Commit Graph

28376 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Yanray Wang
744577a429 tls13: early_data: cli: check a PSK has been selected in EE 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 23:03:37 +08:00
Yanray Wang
9ae6534c20 tls13: early_data: cli: improve comment 
This commit improves comment of why we assign the identifier of the
ciphersuite in handshake to `ssl->session_negotiate`.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 17:46:08 +08:00
Yanray Wang
03a00768c0 tls13: early_data: cli: improve comment 
This commit improves comment of the check for handshake parameters
in Encrypted Extension.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 17:40:21 +08:00
Yanray Wang
e72dfff1d6 tls13: early_data: cli: improve comment 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 12:05:16 +08:00
Yanray Wang
2bef7fbc8d tls13: early_data: cli: remove guard to fix failure 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 12:02:56 +08:00
Yanray Wang
f4bad42670 itls13: early_data: cli: improve comment 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-30 15:58:07 +08:00
Yanray Wang
a29db7da2e tls13: early_data: cli: assign ciphersuite properly 
When early_data extension is enabled and sent in ClientHello,
the client does not know if the server will accept early data
and select the first proposed pre-shared key with a ciphersuite
that is different from the ciphersuite associated to the selected
pre-shared key. To address aforementioned case, we do associated
verification when parsing early_data ext in EncryptedExtensions.
Therefore we have to assign the ciphersuite in current handshake
to session_negotiate later than the associated verification.
This won't impact decryption of EncryptedExtensions since we
compute handshake keys by the ciphersuite in handshake not via
the one in session_negotiate.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-30 14:27:38 +08:00
Dave Rodgman
c3cd410acf
Merge pull request #8286 from gilles-peskine-arm/check_mbedtls_calloc_overallocation-disable_with_asan 
Fix test_suite_platform failure with Asan on modern Clang
 2023-11-28 16:48:31 +00:00
Tom Cosgrove
9e1d2e5727
Merge pull request #8029 from gilles-peskine-arm/fix-MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA 
Update old dependency to MBEDTLS_MD_CAN
 2023-11-28 13:12:10 +00:00
Manuel Pégourié-Gonnard
11c3fd1f73
Merge pull request #8568 from yanrayw/issue/8356/block_cipher_no_decrypt_cleanup 
Driver-only: G1: clean up for BLOCK_CIPHER_NO_DECRYPT
 2023-11-28 08:49:48 +00:00
Manuel Pégourié-Gonnard
294f5d7ea9
Merge pull request #8540 from valeriosetti/issue8060 
[G2] Make CCM and GCM work with the new block_cipher module
 2023-11-28 08:18:45 +00:00
Pengyu Lv
a1ddcfaef8 Extend the pattern of pkparse test on encrypted keys 
These test cases are ignored when analyzing outcomes on
analyze_driver_vs_reference_cipher_aead task.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 09:46:01 +08:00
Pengyu Lv
6c927c0795 Merge branch 'development' into review/gilles/update-old-dep-MD_CAN 2023-11-28 09:31:44 +08:00
Gilles Peskine
150002c9f9 Skip calloc overallocation test case 
This test case is incompatible with sanitizers (e.g. ASan), and thus
skipped. If the driver component uses a sanitizer but the reference
component doesn't, we have a PASS vs SKIP mismatch. Since this test case is
unrelated to drivers, we don't mind ignoring it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-27 18:24:45 +01:00
Tom Cosgrove
12d8b8eaba
Merge pull request #8539 from tom-daubney-arm/add_test_script_psa_hash 
Add Demo Script for PSA Hash Program
 2023-11-27 12:13:18 +00:00
Dave Rodgman
4e9d5aa2ba
Merge pull request #8515 from mschulz-at-hilscher/fixes/pragma-error-gcc452 
Fix compiler error on gcc 4.5.2.
 2023-11-27 11:28:30 +00:00
Dave Rodgman
9fbac381e6
Merge pull request #8326 from daverodgman/aesce-thumb2 
Support hw-accelerated AES on Thumb and Arm
 2023-11-27 09:58:58 +00:00
Yanray Wang
6f6090d19b tf-m config: update and enable BLOCK_CIPHER_NO_DECRYPT 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-27 15:55:04 +08:00
Yanray Wang
16b00f9522 mbedtls_config: improve documentation for BLOCK_CIPHER_NO_DECRYPT 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-27 15:52:28 +08:00
Dave Rodgman
c94f8f1163
Merge pull request #8551 from daverodgman/sign-conversion-part1 
Sign conversion part 1
 2023-11-24 15:12:00 +00:00
Dave Rodgman
a3b80386d9 Merge remote-tracking branch 'origin/development' into sign-conversion-part1 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-24 11:27:18 +00:00
Janos Follath
905409abe2
Merge pull request #8500 from Ryan-Everett-arm/8409-make-empty-key-slots-explicit 
Make empty key slots explicit
 2023-11-24 08:52:01 +00:00
Dave Rodgman
8cd4bc4ac2
Merge pull request #8124 from yanrayw/support_cipher_encrypt_only 
Support the negative option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
 2023-11-23 17:43:00 +00:00
Dave Rodgman
e49047520f
Merge pull request #8556 from minosgalanakis/bugfix/fix_trailing_whitespace 
prepare_release: sed querry change to strip whitespace
 2023-11-23 17:04:18 +00:00
Ryan Everett
2a0d4e2995 Revert "Refactor psa_load_persistent_key_into_slot to remove bad goto" 
This reverts commit d69f4017fbf949ab3aceca178b034b73e6e43dbc.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-11-23 16:34:35 +00:00
Dave Rodgman
c44042ddbc
Merge pull request #7905 from lpy4105/issue/misc-improvement 
misc improvements
 2023-11-23 16:20:58 +00:00
Ryan Everett
d69f4017fb Refactor psa_load_persistent_key_into_slot to remove bad goto 
Merges the two calls to `psa_copy_key_material_into_slot.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-11-23 16:20:45 +00:00
Yanray Wang
18040ede3f all.sh: export LC_COLLATE=C for sorting in ASCII order 
By default, 'sort' sorts characters with system default locale,
which causes unexpected sorting order. To sort characters in ASCII
from computer perspective, export LC_COLLATE=C to specify character
collation for regular expressions and sorting with C locale.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-23 21:30:00 +08:00
Paul Elliott
2e3f6902ed
Merge pull request #8549 from gilles-peskine-arm/metatest-gcc-12 
Fix metatest.c with gcc-12 -Wuse-after-free
 2023-11-23 11:09:41 +00:00
Yanray Wang
42be1bab30 block_cipher_no_decrypt: improve comment 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-23 14:34:41 +08:00
Yanray Wang
70642ecb24 all.sh: check_test_dependencies: add one more option 
- add !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT in whitelist

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-23 14:34:15 +08:00
Yanray Wang
690ee81533 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-11-23 10:31:26 +08:00
Dave Rodgman
2e342f6938
Merge pull request #8546 from BrianX7c/development 
[cipher.h]  Arithmetic overflow in binary left shift operation
 2023-11-22 19:36:25 +00:00
Gilles Peskine
3b2b7f8acf MSan and TSan complain as well, not just ASan 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-22 18:08:17 +01:00
Gilles Peskine
05ebe967be Disable check_mbedtls_calloc overallocation under ASan 
This test case exercises an integer overflow in calloc. Under Asan, with
a modern Clang, this triggers an Asan complaint. The complaint can be
avoided with ASAN_OPTIONS=allocator_may_return_null=1, but this has to
be set in the environment before the program starts, and could hide
other errors.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-22 17:56:26 +01:00
Gilles Peskine
fa8ec2611e Detect enabled GCC/Clang sanitizers 
Occasionally we want tests to take advantage of sanitizers, or work around
them.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-22 17:56:26 +01:00
Gilles Peskine
3f5e1e81b2
Merge pull request #8440 from yuhaoth/pr/fix-missing-pre_shared_key-ext-sent-mask 
Fix missing pre shared key ext sent mask
 2023-11-22 16:40:12 +00:00
Minos Galanakis
31dbc3613a prepare_release: sed querry change to strip whitespace 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-11-22 14:23:12 +00:00
Dave Rodgman
e467d62042 Add casts for NEON 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-21 17:09:46 +00:00
Dave Rodgman
c37ad4432b misc type fixes in ssl 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-21 17:09:46 +00:00
Dave Rodgman
df4d42106a Use standard byte conversion fns in lms 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-21 17:09:46 +00:00
Dave Rodgman
a3d0f61aec Use MBEDTLS_GET_UINTxx_BE macro 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-21 17:09:46 +00:00
Dave Rodgman
b2e8419b50 Fix types in entropy_poll.c 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-21 17:09:46 +00:00
Dave Rodgman
e4a6f5a7ec Use size_t cast for pointer subtractions 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-21 17:09:46 +00:00
Manuel Pégourié-Gonnard
d4dc354185
Merge pull request #8541 from yanrayw/issue/ssl-fix-missing-guard 
ssl_tls: add missing macro guard
 2023-11-21 14:57:47 +00:00
Gilles Peskine
7a715c4537 Fix the build with gcc-12 -Wuse-after-free 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-21 13:42:40 +01:00
Ryan Everett
9f176a2766 Fix status assignments when loading persistent keys 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-11-21 11:49:57 +00:00
Ronald Cron
effdfe7409
Merge pull request #6788 from yuhaoth/pr/fix-gnutls_anti_replay_fail 
TLS 1.3: Fix anti replay fail from GnuTLS
 2023-11-21 08:38:57 +00:00
Jerry Yu
aa5dc24df9 Change if to switch case 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:25 +08:00
Jerry Yu
60e997205d replace check string 
The output has been changed

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:25 +08:00