mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-19 09:40:29 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
29,410 Commits 172 Branches 263 Tags
Commit Graph

10556 Commits

Author SHA1 Message Date
David Horstmann
c5688a2629
Merge branch 'development-restricted' into generate-random-buffer-protection 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 14:25:56 +00:00
David Horstmann
7581363122 Fix incorrect conflict resolution 
A return statement was missing in the wrapper generation script.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 11:26:45 +00:00
tom-daubney-arm
840dfe8b41
Merge branch 'development-restricted' into asymmetric_encrypt_buffer_protection 
Signed-off-by: tom-daubney-arm <74920390+tom-daubney-arm@users.noreply.github.com>
 2024-02-28 15:42:38 +00:00
David Horstmann
075c5fb76f Generate test wrappers for psa_generate_random() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-26 17:12:34 +00:00
Thomas Daubney
4a46d73bb0 Suppress pylint 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-26 13:49:26 +00:00
tom-daubney-arm
5cd611d144
Merge branch 'development-restricted' into mac_buffer_protection 
Signed-off-by: tom-daubney-arm <74920390+tom-daubney-arm@users.noreply.github.com>
 2024-02-22 15:26:06 +00:00
David Horstmann
cf3457ef26
Merge pull request #1132 from davidhorstmann-arm/copying-aead 
Copy buffers in AEAD
 2024-02-20 16:07:30 +00:00
David Horstmann
b539126670
Merge pull request #1156 from Ryan-Everett-arm/key-derivation-buffer-protection 
Add buffer copying to the Key Derivation API
 2024-02-15 11:54:20 +00:00
Thomas Daubney
54e6b412bd Generate all test wrappers 
One was missed due to a typo

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:49:22 +00:00
Thomas Daubney
27b48a312f Generate test wrappers 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:49:19 +00:00
Thomas Daubney
a1cf1010cc Generate test wrappers for mac functions 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:07:35 +00:00
Thomas Daubney
45c8586a91 Generate test wrappers for hash functions 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:43:03 +00:00
Ronald Cron
90abb224f7 ssl-opt.sh: Establish TLS 1.3 then TLS 1.2 session 
Add a test where first we establish a
TLS 1.3 session, then a TLS 1.2 one
with the same server.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-08 12:12:58 +01:00
Ronald Cron
587cfe65ca ssl-opt.sh: Establish TLS 1.2 then TLS 1.3 connection 
Add a test where first we establish a
TLS 1.2 session, then a TLS 1.3 one
with the same server.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-08 12:09:42 +01:00
Ryan Everett
eb8c665a53 Reformat wrapper generation code 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
0f54727bf4 Restructure wrapper script 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
198a4d98d5 Generate test wrappers for key derivation 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
David Horstmann
b8dc2453f1 Update buffer start and length in multipart test 
This fixes a test failure in which the buffer was not properly filled.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 17:03:13 +00:00
David Horstmann
30a61f2ec8 Add testcase to fail multipart cipher tests 
Encrypt more than 2 blocks of data, causing both update() calls to
output data as well as the call to finish().

This exposes a test bug where the pointer to a buffer is not updated
as it is filled with data.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 16:55:19 +00:00
David Horstmann
86e6fe0cce Generate poisoning wrappers for AEAD 
Modify wrapper generation script to generate poisoning calls and
regenerate wrappers.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 13:39:02 +00:00
David Horstmann
52402ec0fe Fix bug in PSA AEAD test 
Resize buffer used to hold the nonce to twice the maximum nonce size.
Some test cases were requesting more than the maximum nonce size
without actually having backing space. This caused a buffer overflow
when PSA buffer-copying code was added.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 13:39:02 +00:00
Dave Rodgman
e883870cc7
Merge branch 'development-restricted' into update-development-r 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-02 18:03:29 +00:00
Ryan Everett
8d606857da Remove unnecessary dependencies from psa_crypto_helpers.h 
The psa_test_wrappers.h inclusion was breaking the examples in programs/
on functions with poisoning added

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
4c74c4fe84 Fix line-too-long in script 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
84a666daa8 Re-add cipher_encrypt to test wrapper script 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
77b91e3930 Generate test wrappers for key management 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
David Horstmann
b2c9f0e2df Disable poisoning with PSA_CRYPTO_DRIVER_TEST 
This option causes nested calls to PSA functions, so is not compatible
with memory poisoning as it currently stands.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-31 14:38:15 +00:00
Thomas Daubney
f430f47434 Generate test wrappers 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-01-30 12:25:35 +00:00
Dave Rodgman
047c724c22 Merge remote-tracking branch 'restricted/development-restricted' into update-development-r 
Conflicts:
	programs/Makefile
	tests/scripts/check-generated-files.sh
 2024-01-26 12:42:51 +00:00
David Horstmann
9c5c9c351d
Merge pull request #1141 from davidhorstmann-arm/memory-poisoning-runtime-enable 
Enable and disable memory poisoning at runtime
 2024-01-24 14:46:43 +00:00
Dave Rodgman
13f2f4e7f1 Merge remote-tracking branch 'restricted/development' into mbedtls-3.5.2rc 2024-01-24 09:49:15 +00:00
Dave Rodgman
e23d6479cc Bump version 
./scripts/bump_version.sh --version 3.5.1

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-22 15:45:49 +00:00
Jonathan Winzig
af553bf719 Add required dependency to the testcase 
Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com>
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
 2024-01-22 15:31:05 +00:00
Jonathan Winzig
acd35a55c8 Remove unneeded testcase 
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
 2024-01-22 15:31:05 +00:00
Jonathan Winzig
144bfde1cd Update test-data to use SIZE_MAX 
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
 2024-01-22 15:31:05 +00:00
Jonathan Winzig
93f5240ae5 Add missing newline at the end of test_suite_x509write.data 
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
 2024-01-22 15:31:05 +00:00
Jonathan Winzig
1c7629c1c0 Add tests for Issue #8687 
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
 2024-01-22 15:31:05 +00:00
Manuel Pégourié-Gonnard
34c6e8a770
Merge pull request #8700 from valeriosetti/issue8461 
psa_asymmetric_encrypt() doesn't work with opaque driver
 2024-01-22 08:43:08 +00:00
Gilles Peskine
4d4891e18a
Merge pull request #8666 from valeriosetti/issue8340 
Export the mbedtls_md_psa_alg_from_type function
 2024-01-18 13:58:55 +00:00
Gilles Peskine
b1f96c0354
Merge pull request #7815 from gilles-peskine-arm/ecp-export-partial 
ECP keypair utility functions
 2024-01-18 10:29:05 +00:00
Gilles Peskine
c9077cccd3
Merge pull request #8664 from valeriosetti/issue7764 
Conversion function from ecp group to PSA curve
 2024-01-18 10:28:55 +00:00
Valerio Setti
4f34b155f5 test_driver_key_management: keep mbedtls_test_opaque_wrap_key() private 
Only mbedtls_test_opaque_unwrap_key() is actually needed by other
test drivers to deal with opaque keys. mbedtls_test_opaque_wrap_key()
can be kept private to test_driver_key_management.c.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-18 08:44:13 +01:00
David Horstmann
d3efb92922 Add underflow check to UNPOISON counter decrement 
Make sure that extra UNPOISON calls do not cause the poisoning counter
to underflow and wrap around.

Memory that is unpoisoned multiple times should remain unpoisoned.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-17 15:27:50 +00:00
David Horstmann
9de6edd462 Separate memory poisoning tests from generic ASan 
Some platforms may support ASan but be C99-only (no C11 support).
These platforms will support ASan metatests but not memory poisoning,
which requires C11 features.

To allow for this, create a separate platform requirement, "poison",
in metatest.c to distinguish generic ASan metatests from ones that
require suppport for memory poisoning.

In practice our platforms support both, so run "poison" tests in
the same all.sh components where we run "asan" ones.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-17 14:53:08 +00:00
David Horstmann
fad038c501 Change memory poisoning flag to a count 
This allows unusually-nested memory poisoning to work correctly, since
it keeps track of whether any buffers are still poisoned, rather than
just disabling poisoning at the first call to the UNPOISON() macro.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-17 14:23:20 +00:00
David Horstmann
c2ab398d01 Request C11 in CMake (but only for tests) 
Set the C_STANDARD property on the mbedtls_test target to 11.
This requests C11 for the tests only.

If C11 is not supported the build will not fail, since
C_STANDARD_REQUIRED is not set, and memory poisoning will be disabled
by a preprocessor check on __STDC_VERSION__.

Additionally, reintroduce previous C99 enforcement on the rest of the
library.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-17 14:02:40 +00:00
Dave Rodgman
9039ba572b Fix test dependencies 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-16 18:38:55 +00:00
Dave Rodgman
b7778b2388 Fix ASAN error in test 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-16 16:27:34 +00:00
Dave Rodgman
24ad1b59e8 Add NIST AES-CTR test vectors 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-16 13:24:45 +00:00
Dave Rodgman
4cc6fb9039 add test for multipart AES-CTR 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-16 13:24:45 +00:00