mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-18 01:14:06 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
31,001 Commits 170 Branches 263 Tags 198 MiB
853ca0cdb0
Commit Graph

967 Commits

Author SHA1 Message Date
Ronald Cron
7e5d61c41a Adjust more paths to PSA headers 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-06-13 09:51:20 +02:00
David Horstmann
f6f3bcae43 Update file paths for moved files 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-05-31 15:49:02 +01:00
Bence Szépkúti
e3abb6a148
Merge pull request #9094 from davidhorstmann-arm/move-mbedtls-dev-to-framework 
Move `mbedtls_dev` to framework submodule
 2024-05-28 15:50:47 +00:00
David Horstmann
cd84bb287b Update references to mbedtls_dev 
Change these to point to the new mbedtls_framework module in the
framework submodule.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-05-13 14:43:29 +01:00
Gilles Peskine
ff3b8211ff Driver-only FFDH is not good enough for DHE support in TLS 1.2 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-04-30 16:20:20 +02:00
Manuel Pégourié-Gonnard
4575d230bf Add a note on hits usefulness 
And fix a typo while at it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-15 10:54:49 +02:00
Manuel Pégourié-Gonnard
432e3b4198 Misc fixes & improvements to driver testing doc 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:41 +02:00
Manuel Pégourié-Gonnard
a47a3c4e13 Rephrase description of the KDF situation 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:41 +02:00
Manuel Pégourié-Gonnard
ae22f04769 Refine paragraphs about incomplete entry points 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:41 +02:00
Manuel Pégourié-Gonnard
0ca2fd0e2b Update libtestdriver1 vs internal 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:40 +02:00
Manuel Pégourié-Gonnard
dde1abd572 Update of opaque asymmetric encrypt/decrypt 
https://github.com/Mbed-TLS/mbedtls/pull/8700 merged in the meantime.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:40 +02:00
Manuel Pégourié-Gonnard
6c45361a9c Update for HMAC testing 
Been merged in the meantime.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:40 +02:00
Manuel Pégourié-Gonnard
98f8da1b1a Update names of components renamed in the meantime 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:40 +02:00
Manuel Pégourié-Gonnard
f2089dab5e Update status of RSA testing 
Improved by https://github.com/Mbed-TLS/mbedtls/pull/8616/ - closing
8553.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00
Manuel Pégourié-Gonnard
b18bc80133 Add note about fallback to other entry points 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00
Manuel Pégourié-Gonnard
6a96f42051 Document driver wrapper suite & tested configs 
The coverage data for the test drivers was generated using the following
patch:

diff --git a/scripts/lcov.sh b/scripts/lcov.sh
index 9258ba788874..1ef071a65c06 100755
--- a/scripts/lcov.sh
+++ b/scripts/lcov.sh
@@ -63,8 +63,8 @@ if [ $# -gt 0 ] && [ "$1" = "--help" ]; then
 fi

 if in_mbedtls_build_dir; then
-    library_dir='library'
-    title='Mbed TLS'
+    library_dir='tests/src/drivers'
+    title='Mbed TLS test drivers'
 else
     library_dir='core'
     title='TF-PSA-Crypto'
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 734d8323ca73..f6b17ca5692b 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4795,14 +4795,17 @@ component_test_psa_crypto_drivers () {
     msg "build: full + test drivers dispatching to builtins"
     scripts/config.py full
     scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG
-    loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST_ALL"
+    loc_cflags="--coverage -DPSA_CRYPTO_DRIVER_TEST_ALL"
     loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'"
-    loc_cflags="${loc_cflags} -I../tests/include -O2"
+    loc_cflags="${loc_cflags} -I../tests/include -Og -g3"

-    make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS"
+    make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="--coverage" -C tests test_suite_psa_crypto_driver_wrappers

     msg "test: full + test drivers dispatching to builtins"
-    make test
+    (cd tests && ./test_suite_psa_crypto_driver_wrappers --verbose)
+    #make test
+
+    scripts/lcov.sh
 }

 component_test_make_shared () {

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00
Manuel Pégourié-Gonnard
b66f9dba11 Document test-driver status per family 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:00 +02:00
Manuel Pégourié-Gonnard
1a827a3422 Start documenting test-driver framework. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:00 +02:00
Bence Szépkúti
a376f84eb1
Merge pull request #8937 from valeriosetti/issue8712 
Clarify the documentation of mbedtls_pk_setup_opaque
 2024-04-04 13:40:57 +00:00
Valerio Setti
ac81e23c33 pk: add check_pair info to mbedtls_pk_setup_opaque() documentation 
This also updates use-psa-crypto.md accordingly.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-22 14:36:41 +01:00
Minos Galanakis
b70f0fd9a9 Merge branch 'development' into 'development-restricted' 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-19 22:24:40 +00:00
David Horstmann
3147034457 Mention MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS 
Explain this option and the way it relates to the copying macros.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 15:59:03 +00:00
David Horstmann
0ea8071bda Remove 'Question' line around testing 
This question has been resolved, as we know that we can test
transparently.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 15:51:03 +00:00
David Horstmann
4d01066311 Mention metatest.c 
Add a note that validation of validation was implemented in metatest.c
and explain briefly what that program is for.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 15:02:08 +00:00
David Horstmann
872ee6ece0 Mention MBEDTLS_TEST_MEMORY_CAN_POISON 
The configuration of memory poisoning is now performed via
compile-time detection setting MBEDTLS_MEMORY_CAN_POISON. Update
the design to take account of this.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 15:00:08 +00:00
David Horstmann
12b35bf3c2 Discuss test wrappers and updating them 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 14:48:52 +00:00
David Horstmann
5ea99af0f2 Add discussion of copying conveience macros 
Namely LOCAL_INPUT_DECLARE() and friends

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 14:12:12 +00:00
David Horstmann
1c3b227065 Abstractify example in design exploration 
Since this is just an example, remove specific-sounding references to
mbedtls_psa_core_poison_memory() and replace with more abstract and
generic-sounding memory_poison_hook() and memory_unpoison_hook().

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 13:37:59 +00:00
David Horstmann
3f2dcdd142 Rename mbedtls_psa_core_poison_memory() 
The actual functions were called mbedtls_test_memory_poison()
and mbedtls_test_memory_unpoison(). Update the design section to
reflect this.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 13:32:57 +00:00
David Horstmann
331b2cfb31 Clarify design decision in light of actions 
We were successful in adding transparent memory-poisoning testing, so
simplify to the real design decision we made.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 13:17:25 +00:00
Dave Rodgman
5ce1577629
Merge pull request #8928 from Ryan-Everett-arm/update-psa-thread-safety-docs 
Update psa-thread-safety.md to reflect version 3.6 changes
 2024-03-18 12:06:39 +00:00
Ryan Everett
765b75f2f8
Update docs/architecture/psa-thread-safety/psa-thread-safety.md 
Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com>
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-18 10:20:43 +00:00
Ryan Everett
f266b51e3f Respond to feedback on psa-thread-safety.md 
A few typo fixes, extrapolations and extra details.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-15 17:30:31 +00:00
Ryan Everett
c408ef463c Update slot transition diagram 
Adds missing transition and italicises internal functions

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-15 17:29:46 +00:00
Ronald Cron
a9bdc8fbb8 Improve tls13-support.md 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 15:52:04 +01:00
Ronald Cron
d514d9c798 tls13-early-data.md: Fix reading early data documentation 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 10:41:52 +01:00
Ronald Cron
0fce958f17 tls13-early-data.md: Adapt code examples to new coding style 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 10:41:52 +01:00
Ronald Cron
b372b2e5bb docs: Move TLS 1.3 early data doc to a dedicated file 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 10:41:52 +01:00
Ronald Cron
d76a2d8b98 tls13-support.md: Stop referring to the prototype 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 10:41:52 +01:00
Ronald Cron
1b606d8835 tls13-support.md: Early data supported now 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 10:41:52 +01:00
Ronald Cron
124ed8a775 tls13-support.md: Some fixes 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 10:41:52 +01:00
David Horstmann
24c269fd4a Rewrite section on PSA copy functions 
The finally implemented functions were significantly different from the
initial design idea, so update the document accordingly.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-14 18:03:35 +00:00
Ryan Everett
d4d6a7a20d Rework and update psa-thread-safety.md 
I have restructured this file, and updated it to reflect changes in design/designs now being implemented.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-14 15:22:06 +00:00
Ryan Everett
c9515600fd Fix state transition diagram 
This now represents the implemented model

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-14 13:22:05 +00:00
Manuel Pégourié-Gonnard
fb84c7681c
Merge pull request #8889 from gilles-peskine-arm/pk-psa-bridge-3.6-doc 
Document PK-PSA bridge functions
 2024-03-13 10:55:36 +00:00
Gilles Peskine
e29b4b42b7 Fix copypasta 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-13 09:33:03 +01:00
David Horstmann
93fa4e1b87 Merge branch 'development' into buffer-sharing-merge 2024-03-12 15:05:06 +00:00
Gilles Peskine
e4220fef2f MBEDTLS_USE_PSA_CRYPTO: most pk bridge functions don't require it 
mbedtls_setup_pk_opaque does require it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-12 13:03:12 +01:00
Gilles Peskine
0cff1116f7 Remind the reader that PK doesn't support DH 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-12 13:02:58 +01:00
Gilles Peskine
7caf2dc964 Discuss mbedtls_pk_copy_public_from_psa 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-12 13:02:45 +01:00