mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-07 15:40:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
19,339 Commits 170 Branches 263 Tags
Commit Graph

3825 Commits

Author SHA1 Message Date
Andrzej Kurek
83e60eef4d tests: fix bitflip comment 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-04-14 08:51:41 -04:00
Andrzej Kurek
57f58b0e65 Prefer TEST_EQUAL over TEST_ASSERT in test suites 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-04-08 16:51:03 -04:00
Gilles Peskine
b4f874d1da raw_key_agreement_fail: Add a nominal run 
Ensure that the nominal run works properly, so that it's apparent that the
injected failure is responsible for the failure of the handshake.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-04-08 16:50:38 -04:00
Gilles Peskine
6cbc9986fb Remove redundant empty slot count check 
USE_PSA_DONE() already checks that there are no used key slots.

The call to TEST_ASSERT() wouldn't have worked properly on failure anyway,
since it would jump back to the exit label.

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-04-08 16:47:19 -04:00
Andrzej Kurek
28f883eba5 Remove RSA & DTLS dependency in raw key agreement test 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-04-08 16:46:57 -04:00
Andrzej Kurek
cb33bc5d0b Change the bit to flip to guarantee failure 
For weistrass curves the pair is encoded as 0x04 || x || y.
Flipping one of the bits in the first byte should be a sure failure.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-04-06 11:26:39 -04:00
Andrzej Kurek
39d88d4918 Change the number of expected free key slots 
TLS code now uses PSA to generate an ECDH private key.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-04-06 11:26:39 -04:00
Andrzej Kurek
41b7e66e61 Tests: add missing requirements for the raw key agreement test 
SECP384R1 is needed for the default loaded
certificate.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-04-06 11:26:39 -04:00
Andrzej Kurek
cc28e9a252 Tests: add missing group termination 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-04-06 11:26:39 -04:00
Andrzej Kurek
65ded569e0 Update raw key agreement test dependencies 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-04-06 11:26:39 -04:00
Andrzej Kurek
b3427823bd Test failing raw_key_agreement in ssl mock tests 
Force a bitflip in server key to make the raw key
agreement fail, and then verify that no key slots
are left open at the end. Use a Weierstrass curve
to have a high chance of failure upon encountering
such bitflip.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-04-06 11:24:17 -04:00
Andrzej Kurek
74394a5c39 Add a group_list argument to mocked ssl tests 
This will be used to force a group list in certain tests
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-04-06 11:23:34 -04:00
Gilles Peskine
1c7c5969ea
Merge pull request #5683 from paul-elliott-arm/fix_pk_test 
Prevent free of uninitialised MPI  variables
 2022-04-04 17:51:49 +02:00
Manuel Pégourié-Gonnard
de68e39ddf
Merge pull request #5568 from superna9999/5159-pk-rsa-verification 
PK: RSA verification
 2022-04-04 11:23:33 +02:00
Ronald Cron
0e980e8e84
Merge pull request #5640 from ronald-cron-arm/version-negotiation-2 
TLS 1.2/1.3 version negotiation - 2
 2022-04-01 12:29:06 +02:00
Manuel Pégourié-Gonnard
33a9d61885
Merge pull request #5638 from paul-elliott-arm/ssl_cid_accessors 
Accessors to own CID within mbedtls_ssl_context
 2022-04-01 11:36:00 +02:00
Manuel Pégourié-Gonnard
6a25159c69
Merge pull request #5648 from gabor-mezei-arm/5403_hkdf_use_internal_psa_implementations 
HKDF 2: use internal implementations in TLS 1.3
 2022-04-01 11:15:29 +02:00
Paul Elliott
02758a51df Add tls CID tests 
Add tests to test tls coneection id functionality, including the new
'own cid' accessor.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-03-31 19:21:41 +01:00
Paul Elliott
ff59a34606 Prevent free of uninitialised variables 
In an error case it was possible for mbedtls_mpi variables to be free'd
uninitialised.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-03-31 17:14:13 +01:00
Dave Rodgman
017a19997a Update references to old Github organisation 
Replace references to ARMmbed organisation with the new
org, Mbed-TLS, following project migration.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-03-31 14:43:16 +01:00
Ronald Cron
a980adf4ce
Merge pull request #5637 from ronald-cron-arm/version-negotiation-1 
TLS 1.2/1.3 version negotiation - 1
 2022-03-31 11:47:16 +02:00
Ronald Cron
37bdaab64f tls: Simplify the logic of the config version check and test it 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-31 09:26:58 +02:00
Neil Armstrong
56d51274d8 Initialize PSA crypto in test_suite_pk for RSA verify tests 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-30 16:39:07 +02:00
Manuel Pégourié-Gonnard
3304f253d7
Merge pull request #5653 from paul-elliott-arm/handshake_over 
Add mbedtls_ssl_is_handshake_over()
 2022-03-30 12:16:40 +02:00
Ronald Cron
f660655b84 TLS: Allow hybrid TLS 1.2/1.3 in default configurations 
This implies that when both TLS 1.2 and TLS 1.3
are included in the build all the TLS 1.2 tests
using the default configuration now go through
a version negotiation on the client side.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-29 18:58:31 +02:00
Paul Elliott
571f1187b6
Merge pull request #5642 from mprse/ecp_export 
Add ECP keypair export function
 2022-03-29 17:19:04 +01:00
Ronald Cron
086ee0be0e ssl_tls.c: Reject TLS 1.3 version configuration for server 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-29 14:42:17 +02:00
Ronald Cron
63d97ad0bb
Merge pull request #5559 from yuhaoth/pr/add-rsae-sha384-sha512 
Add rsae sha384 sha512
 2022-03-29 14:01:51 +02:00
Przemek Stekiel
6a478ef054 mbedtls_ecp_group_cmp: change names of parameters to more suitable 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-28 07:25:12 +02:00
Gabor Mezei
ed6d6589b3
Use hash algoritm for parameter instead of HMAC 
To be compatible with the other functions `mbedtls_psa_hkdf_extract` and
`mbedtls_psa_hkdf_expand` use hash algorithm for parameter.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-03-26 17:28:06 +01:00
Gabor Mezei
07732f7015
Translate from mbedtls_md_type_t to psa_algorithm_t 
Do the translation as early as possible from mbedtls_md_type_t to psa_algorithm_t.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-03-26 17:04:19 +01:00
Gabor Mezei
5d9a1fe9e9
PSA code depends on MBEDTLS_SSL_PROTO_TLS1_3 
With TLS 1.3 support MBEDTLS_PSA_CRYPTO_C is enabled so PSA support
is always enabled.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-03-26 15:47:15 +01:00
Manuel Pégourié-Gonnard
cefa904759
Merge pull request #5622 from paul-elliott-arm/timing_delay_accessor 
Accessor for mbedtls_timing_delay_context final delay
 2022-03-25 09:14:41 +01:00
Paul Elliott
42d5e51a98 Make test function name more accurate 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-03-24 19:41:28 +00:00
Paul Elliott
27b0d94e25 Use mbedtls_ssl_is_handshake_over() 
Switch over to using the new function both internally and in tests.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-03-24 14:43:52 +00:00
Jerry Yu
f8aa9a44aa fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-23 20:54:38 +08:00
Jerry Yu
5fb7d176f3 Replace rsakey to 2048bits for test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-23 11:16:53 +08:00
Jerry Yu
cef3f33012 Guard rsa sig algs with rsa_c and pkcs1_v{15,21} 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 23:16:42 +08:00
Jerry Yu
701656fb29 fix redefine error 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 21:52:05 +08:00
Jerry Yu
e2c882518c Add pk_sign_ext unit tests 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 21:24:19 +08:00
Jerry Yu
5512ad9df8 fix genkey fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:14:53 +08:00
Jerry Yu
92339d25b4 Add more unit test for pk_sign_ext 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:14:53 +08:00
Jerry Yu
b3bfe9f5d2 Add verify for pk_sign_ext test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:14:53 +08:00
Jerry Yu
5a0afc8a12 fix test fail for pk_sign_ext 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:35 +08:00
Jerry Yu
1f45b67474 Add unit tests 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Gabor Mezei
1e64f7a643
Use MBEDTLS_USE_PSA_CRYPTO macro guard for testing instead of MBEDTLS_PSA_CRYPTO_C 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-03-21 17:00:54 +01:00
Gabor Mezei
892c4aa295
Update hkdf test cases to handle PSA code 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-03-21 17:00:54 +01:00
Paul Elliott
21bbb7a888 Add simple test to ensure accessor is working 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-03-21 15:28:05 +00:00
Paul Elliott
b9af2db4cf Add accessor for timing final delay 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-03-21 15:26:19 +00:00
Manuel Pégourié-Gonnard
f4042f076b
Merge pull request #5573 from superna9999/5176-5177-5178-5179-tsl-record-hmac 
TLS record HMAC
 2022-03-21 11:36:44 +01:00