mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-03 11:54:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
22,826 Commits 170 Branches 263 Tags
Commit Graph

845 Commits

Author SHA1 Message Date
Ronald Cron
c9176a03a7
Merge pull request #6410 from gilles-peskine-arm/psa-pkparse-pkwrite-3.2 
PSA with RSA requires PK_WRITE and PK_PARSE
 2022-10-26 14:57:36 +02:00
Andrzej Kurek
29c002ebdf Remove unused perl dependency scripts 
curves.pl, depends-hashes.pl, key-exchanges.pl and depends-pkalgs.pl are now superseded by depends.py.
Update all references to them accordingly.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-26 08:26:58 -04:00
Andrzej Kurek
7cb0077c5d Add all.sh components running depends.py without MBEDTLS_USE_PSA_CRYPTO 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-26 08:26:58 -04:00
Gilles Peskine
b06f0717b3 PSA service config build: disable more modules not used by PSA 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-25 21:06:11 +02:00
Gilles Peskine
649e04e3d1 PSA service config build: note why we aren't disabling cipher and md 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-25 21:05:57 +02:00
Gilles Peskine
1f10807837 Disable pk in the PSA service config build 
It's not needed as a feature. It gets reenabled automatically in
build_info.h like pk_write and pk_parse, but that's an implementation
detail.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-25 21:02:56 +02:00
Gilles Peskine
78bffd1ff5 Fix spelling of a disabled option 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-25 21:02:33 +02:00
Przemek Stekiel
ab0451bc2c Fix build command in test_psa_crypto_config_reference_hash_use_psa 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-24 11:29:35 +02:00
Ronald Cron
c3f43b663e all.sh: Add components testing TLS 1.3 kex partial enablement 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-10-22 14:42:04 +02:00
Gilles Peskine
fc4f11b5d0 Improve test component name 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-21 19:34:54 +02:00
Przemek Stekiel
01df9ddda7 Add test component: component_test_psa_crypto_config_reference_hash_use_psa 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-21 13:43:13 +02:00
Manuel Pégourié-Gonnard
45c6792faf
Merge pull request #6385 from AndrzejKurek/depends-py-reloaded 
Unified tests/scripts/depends.py - reloaded
 2022-10-21 10:17:58 +02:00
Andrzej Kurek
fcbd2acbc2 Split depends.py all.sh job into seven 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-19 08:35:09 -04:00
Andrzej Kurek
3cca0c8e68 Add an all.sh component running depends.pl 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-19 08:35:08 -04:00
Manuel Pégourié-Gonnard
0dc40773d6 Improve comments & messages 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-10-19 12:12:21 +02:00
Manuel Pégourié-Gonnard
d92fb01419 Skip bits not needed in outcome-analysis.sh 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-10-18 12:10:45 +02:00
Gilles Peskine
8874cd570e
Merge pull request #4826 from RcColes/development 
Add LMS implementation
 2022-10-14 18:33:01 +02:00
Manuel Pégourié-Gonnard
b3c30907d6
Merge pull request #6383 from mprse/aead_driver_test 
Enable testing of AEAD drivers with libtestdriver1
 2022-10-14 11:11:01 +02:00
Gilles Peskine
fa65237fd4 Fix which config header MBEDTLS_LMS_xxx is unset from 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-13 22:05:38 +02:00
Raef Coles
d1c1f7f7be
Disable LMS in all.sh tests that lack _WANT_SHA256 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:30:31 +01:00
Raef Coles
b4568c5423
Disable LMS in PSA crypto client test 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:29:07 +01:00
Raef Coles
47bccb7e47
Disable LMS_PRIVATE in all.sh when LMS is disabled 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:29:06 +01:00
Raef Coles
a7e03adef5
Disable LMS in all.sh when PSA isn't enabled 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:29:04 +01:00
Gilles Peskine
0fe6631486
Merge pull request #6291 from gilles-peskine-arm/platform.h-unconditional-3.2 
Include platform.h unconditionally
 2022-10-13 10:19:22 +02:00
Przemek Stekiel
072fad12d9 Disable MBEDTLS_SSL_TICKET_C in aead driver test. 
MBEDTLS_SSL_TICKET_C depends now on: MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C.
All features are disabled in this config.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-13 09:59:52 +02:00
Gilles Peskine
8fd3254cfc
Merge pull request #6374 from mprse/enc_types 
Test TLS 1.2 builds with each encryption type
 2022-10-12 12:45:50 +02:00
Przemek Stekiel
ee1bb4145f Make sure that disabled features are not included in image and fix test config 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-12 10:15:59 +02:00
Gilles Peskine
fcee740b83 Automatically enable PK_PARSE for RSA in PSA 
PSA crypto currently needs MBEDTLS_PK_PARSE_C to parse RSA keys to do almost
anything with them (import, get attributes, export public from private, any
cryptographic operations). Force it on, for symmetry with what we're doing
for MBEDTLS_PK_WRITE_C. Fixes #6409.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-11 21:15:24 +02:00
Gilles Peskine
aef1ba679d Add build with a typical configuration for a PSA crypto service 
Disable non-crypto features that can't be called through the PSA API, as
well as algorithms that have no PSA interface.

This serves as a non-regression test for #6408 and #6409.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-11 21:09:21 +02:00
Przemek Stekiel
52a428b824 Fix MBEDTLS_SSL_TICKET_C, MBEDTLS_SSL_SESSION_TICKETS dependencies 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-10 11:23:18 +02:00
Przemek Stekiel
6a5cc74cc4 Fix typos and comments 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-03 09:04:16 +02:00
Przemek Stekiel
e290f2ea14 all.sh: add testing of AEAD drivers with libtestdriver1 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-02 20:58:39 +02:00
Przemek Stekiel
48a6a666a0 Add ssl-opt tls 1.2 tests for single cipher builds 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-29 15:29:33 +02:00
Przemek Stekiel
8d4b241028 Remove redundant indirect dependencies after optimizing setup for one cipher components 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-29 10:13:40 +02:00
Przemek Stekiel
68db0d2f67 Optimize one cipher only components and adapt nemes 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-29 08:32:25 +02:00
Przemek Stekiel
0cc3466c9e Change testing strategy to default + one cypher only (psa/no psa) 
In full config TLS 1.2 is disabled.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 12:06:57 +02:00
Przemek Stekiel
b0de1c040b Add components to build and test default/full config with legacy-ccm cipher only 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 11:15:16 +02:00
Przemek Stekiel
9550c05757 Add component to build and test full config with stream cipher only 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 09:51:55 +02:00
Manuel Pégourié-Gonnard
f3f9e450b6
Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2 
Ad-hoc KDF for EC J-PAKE in TLS 1.2
 2022-09-28 09:47:32 +02:00
Przemek Stekiel
d582a01073 Make MBEDTLS_SSL_CONTEXT_SERIALIZATION dependent on AEAD 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 07:59:01 +02:00
Przemek Stekiel
a82290b727 Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions 
Both functions are calling mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions. These functions are guarded with MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C flags - make it consistent.
As a result ssl_server2 won't build now with MBEDTLS_SSL_SESSION_TICKETS enabled (mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions not available).
Mark MBEDTLS_SSL_SESSION_TICKETS as dependent on MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C and disable MBEDTLS_SSL_SESSION_TICKETS in stream cipher only build.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-27 15:04:14 +02:00
Przemek Stekiel
11c362a050 Add component to build and test default config with stream cipher only 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-27 15:04:08 +02:00
Gilles Peskine
f70f4ead7f
Merge pull request #6248 from gilles-peskine-arm/all-sh-force-3.2 
Fix all.sh --force
 2022-09-23 17:04:00 +02:00
Manuel Pégourié-Gonnard
73f9233a73 Use full config for testing driver-only hashes 
Stating from the default config means a few things are implicitly
excluded; starting from the full config makes it all fully explicit.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-09-19 10:47:05 +02:00
Manuel Pégourié-Gonnard
79e1467799 Fix include path for programs 
Same problem as #6101, same fix (the second commit of #6111).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-09-19 09:27:53 +02:00
Gilles Peskine
ef843f2b0c MBEDTLS_PLATFORM_VSNPRINTF_ALT requires MBEDTLS_PLATFORM_C 
mbedtls_vsnprintf replacement works like mbedtls_snprintf replacement, so
copy the requirements for MBEDTLS_PLATFORM_VSNPRINTF_ALT.

(MBEDTLS_PLATFORM_xxx_MACRO shouldn't require MBEDTLS_PLATFORM_C, but that's
a separate preexisting problem which I do not try address at this time.)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-09-18 14:05:23 +02:00
Andrzej Kurek
4ba0e45f8e all.sh: don't build with ECJPAKE_TO_PMS if SHA256 is not available 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-14 14:58:49 -04:00
Przemek Stekiel
dcec7ac3e8 test_psa_crypto_config_accel_hash_use_psa: enable tls.1.3 at the end and adapt comment 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-13 18:08:54 +02:00
Przemek Stekiel
a4af13a46c test_psa_crypto_config_accel_hash_use_psa: enable TLS 1.3 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-13 18:08:54 +02:00
Andrzej Kurek
07e3570f8c Add an ssl-opt.sh run to all.sh for the accel_hash_use_psa config 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-12 05:37:46 -04:00