mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-28 19:21:08 +00:00

Author	SHA1	Message	Date
Ronald Cron	587cfe65ca	ssl-opt.sh: Establish TLS 1.2 then TLS 1.3 connection Add a test where first we establish a TLS 1.2 session, then a TLS 1.3 one with the same server. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-08 12:09:42 +01:00
Manuel Pégourié-Gonnard	b7307630bb	Merge pull request #8703 from valeriosetti/issue7765-guards-in-asn1 Conversion function between raw and DER ECDSA signatures (guards in ASN1)	2024-02-08 08:45:30 +00:00
Manuel Pégourié-Gonnard	7bf1e98f44	Merge pull request #8740 from valeriosetti/issue8647 Move RSA basic key parsing/writing to rsa.c	2024-02-08 08:35:42 +00:00
Ryan Everett	eb8c665a53	Reformat wrapper generation code Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-07 17:32:16 +00:00
Ryan Everett	0f54727bf4	Restructure wrapper script Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-07 17:32:16 +00:00
Ryan Everett	198a4d98d5	Generate test wrappers for key derivation Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-07 17:32:16 +00:00
Valerio Setti	1910390b4a	psa_util: improve leading zeros check in convert_der_to_raw_single_int() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-07 16:16:58 +01:00
Paul Elliott	bda577bb0b	Fix confusing comment in ctr drbg thread test Make it clearer where the magic number chosen for entropy_len actually comes from, and why we chose this value. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-02-07 15:13:46 +00:00
Valerio Setti	ef07fa0fc3	test_suite_psa_crypto_util: add more test for raw->der Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-07 15:16:45 +01:00
Ryan Everett	a8082c43d5	Add MBEDTLS_CIPHER_C dependencies to new pkparse tests Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-07 13:31:19 +00:00
Matthias Schulz	0767fdadbf	Enhance GCM throughput using larger precalculated tables. Also refactored the code for shorter tables and moved the check for available accelerators to the context initialization code. Signed-off-by: Matthias Schulz <mschulz@hilscher.com>	2024-02-07 13:17:50 +01:00
Paul Elliott	292b1dc1e1	Merge pull request #8789 from paul-elliott-arm/fix_tsan_gcc Stop platform test failures with GCC and TSAN	2024-02-07 11:32:39 +00:00
Manuel Pégourié-Gonnard	1d7bc1ecdf	Merge pull request #8717 from valeriosetti/issue8030 PSA FFDH: feature macros for parameters	2024-02-07 10:06:03 +00:00
Ronald Cron	b3d42fddae	tests: write early data: Add HRR scenario Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-07 08:06:46 +01:00
Ronald Cron	05600e26f4	tests: write early data: Add "server rejects" scenario Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-07 08:06:46 +01:00
Ronald Cron	8fe2b01b52	tests: write early data: Add "not sent" scenario Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-07 08:06:46 +01:00
Ronald Cron	2fbbba9c51	tests: ssl: Add write early data unit test Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-07 08:06:46 +01:00
Xiaokang Qian	30bb7ce9a2	Add test case for early data writing Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com> Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-07 08:06:46 +01:00
Ronald Cron	54a3829453	ssl_client2: Simplify early_data option No need to define specific early data, the idea is rather to just send the usual request data as early data instead of standard application data. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-07 08:06:46 +01:00
Paul Elliott	e053cb2f12	Stop platform test failures with GCC and TSAN Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-02-06 18:10:43 +00:00
Gilles Peskine	f45589b492	Merge pull request #8198 from silabs-Kusumit/kdf_incorrect_initial_capacity KDF incorrect initial capacity	2024-02-06 17:29:43 +00:00
Gilles Peskine	137e0c1a02	Merge pull request #8761 from valeriosetti/issue4681 Re-introduce enum-like checks from CHECK_PARAMS	2024-02-06 17:29:38 +00:00
Gilles Peskine	fb7001f15b	Merge pull request #8738 from gilles-peskine-arm/pk_import_into_psa-use_usage Implement mbedtls_pk_get_psa_attributes	2024-02-06 17:28:54 +00:00
David Horstmann	b8dc2453f1	Update buffer start and length in multipart test This fixes a test failure in which the buffer was not properly filled. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 17:03:13 +00:00
David Horstmann	30a61f2ec8	Add testcase to fail multipart cipher tests Encrypt more than 2 blocks of data, causing both update() calls to output data as well as the call to finish(). This exposes a test bug where the pointer to a buffer is not updated as it is filled with data. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 16:55:19 +00:00
Valerio Setti	6269f3baf4	Revert "psa_util: allow larger raw buffers in mbedtls_ecdsa_raw_to_der()" This reverts commit d4fc5d9d1c76a6cb978ceb4cc74ec62b111b0007. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-06 16:55:18 +01:00
Ronald Cron	2261ab298f	tests: early data status: Add HRR scenario Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	d6dba675b8	tests: early data status: Add "server rejects" scenario Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	265273e8b3	tests: early data status: Add "not sent" scenario Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	5c208d7daf	tests: ssl: Add scenario param to early data status testing function Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	a7f94e49a8	tests: ssl: Add early data status unit test Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	bfcdc069ef	tests: ssl: Use get TLS 1.3 ticket helper for early data test Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	1f6e4e4a49	tests: ssl: Add helper function to get a TLS 1.3 ticket Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	ced99be007	tests: ssl: Add early data handshake option Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	b4ad3e750b	tests: ssl: First reset to all zeroes options in init Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	fb53647b0b	tests: ssl: Move group list to options Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Valerio Setti	2b6a7b37f4	suite_psa_crypto_util: use 521 bits data and bit-size instead of 528 Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-06 16:21:44 +01:00
Paul Elliott	79e2e5d2d0	Add comment to set/increment step functions These functions are thread safe, but using them from within multiple threads at the same time may not have the intended effect, given order cannot be guaranteed. Also, standardise header comment formatting. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-02-06 15:10:03 +00:00
Valerio Setti	94c5806a64	suite_psa_crypto_util: make ecdsa_raw_to_der_incremental() more readable Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-06 15:49:06 +01:00
David Horstmann	86e6fe0cce	Generate poisoning wrappers for AEAD Modify wrapper generation script to generate poisoning calls and regenerate wrappers. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 13:39:02 +00:00
David Horstmann	52402ec0fe	Fix bug in PSA AEAD test Resize buffer used to hold the nonce to twice the maximum nonce size. Some test cases were requesting more than the maximum nonce size without actually having backing space. This caused a buffer overflow when PSA buffer-copying code was added. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 13:39:02 +00:00
Manuel Pégourié-Gonnard	5c9cc0b30f	Merge pull request #8727 from ronald-cron-arm/tls13-ignore-early-data-when-rejected TLS 1.3: SRV: Ignore early data when rejected	2024-02-06 13:16:03 +00:00
Paul Elliott	f20728ee49	Fix missed case for removing accessor Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-02-06 12:49:45 +00:00
Ronald Cron	d0a772740e	tests: early data: Complete the handshake Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 11:15:48 +01:00
Gilles Peskine	735ac3ec05	Fix builds with secp224k1 as the only curve Normally, if an elliptic curve is enabled in the legacy API then it's also enabled in the PSA API. In particular, if the legacy API has at least one curve then that curve also works with PSA. There is an exception with secp224k1 which PSA does not support. In a build with secp224k1 as the only legacy curve, MBEDTLS_PK_HAVE_ECC_KEYS is enabled (because you can use the curve through PK) but PSA does not support any elliptic curve, so we can't run PK-PSA bridge tests. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-02-06 11:11:32 +01:00
Gilles Peskine	8a85673a39	Merge remote-tracking branch 'development' into pk_import_into_psa-use_usage	2024-02-06 10:14:17 +01:00
Valerio Setti	d4fc5d9d1c	psa_util: allow larger raw buffers in mbedtls_ecdsa_raw_to_der() The only real contraint on the raw buffer is that it is large enough to contain 2 coordinates. Larger buffers are therefore allowed and the extra data will simply be ignored. Note = trying to impose a strict sizing on the raw buffer causes several failures in test suites. This suggests that it is quite common to use larger buffer to store raw signatures. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-06 08:42:42 +01:00
Valerio Setti	fe329cea3f	rsa: handle buffer length similarly in private and public key parsing Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-06 08:00:18 +01:00
Ronald Cron	33327dab85	tests: early data: Switch to mnemonics for test scenarios Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-05 18:27:04 +01:00
Valerio Setti	0e60e93c12	test_suite_psa_crypto_util: improve ecdsa_der_to_raw() Check that the parsing always fails if the input is truncated. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-05 17:59:42 +01:00

... 3 4 5 6 7 ...

10962 Commits