mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-17 11:43:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
22,131 Commits 172 Branches 267 Tags
Commit Graph

7614 Commits

Author SHA1 Message Date
Ronald Cron
d12922a69a
Merge pull request #6486 from xkqian/tls13_add_early_data_indication 
The merge job of the internal CI ran successfully. This is good to go.
 2022-11-17 12:48:50 +01:00
Xiaokang Qian
e9622ac4ba Remove the fore_tls13 option case from client side 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-17 09:23:32 +00:00
Xiaokang Qian
e7bab00825 Update enabled guards for early data cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-16 10:06:50 +00:00
Xiaokang Qian
f3cefb4f4c Move early data test cases to tls13-misc.sh 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-16 03:23:46 +00:00
Xiaokang Qian
2dbfedae4a Update early data test cases with latest code message 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-16 02:01:49 +00:00
Gilles Peskine
23875ceb11 Fix autocucumber in documentation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-15 20:49:58 +01:00
Gilles Peskine
b9b9026c53 Pacify pylint 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-15 20:49:43 +01:00
Gilles Peskine
35af02171d Add negative zero as an input to automatically generated tests 
Although negative zero is officially unsupported, we've had bugs related to
it in the past. So do test functions with a negative zero input.

There will likely be cases where we don't want to accept negative zero as if
it was valid, because it's too hard to handle. We'll add exceptions on a
case by case basis.

For the functions that are currently tested by the generated tests, the new
test cases pass.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-15 20:47:07 +01:00
Gilles Peskine
ca6e8aac58 Support negative zero as MPI test input 
The bignum module does not officially support "negative zero" (an
mbedtls_mpi object with s=-1 and all limbs zero). However, we have a
history of bugs where a function that should produce an official
zero (with s=1), produces a negative zero in some circumstances. So it's
good to check that the bignum functions are robust when passed a negative
zero as input. And for that, we need a way to construct a negative zero
from test case arguments.

There are checks that functions don't produce negative zeros as output in
the test suite. Skip those checks if there's a negative zero input: we
don't want functions to _create_ negative zeros, but we don't mind if
they _propagate_ negative zeros.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-15 20:47:07 +01:00
Gilles Peskine
2909f53740
Merge pull request #6604 from tom-cosgrove-arm/call-mbedtls_mpi_mod_modulus_init-first-cid-381893-381894 
Bignum: Must call mbedtls_mpi_mod_modulus_init() before anything else in tests
 2022-11-15 12:33:13 +01:00
Manuel Pégourié-Gonnard
edce0b42fb
Merge pull request #6454 from valeriosetti/issue4577 
Adding unit test for mbedtls_x509write_csr_set_extension()
 2022-11-15 09:39:07 +01:00
Tom Cosgrove
f90111b2b5 Must call mbedtls_mpi_mod_modulus_init() before anything else in tests 
Fixes (new) Coverity issues 381893 and 381894

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-11-15 06:15:15 +00:00
Xiaokang Qian
9a0aafbe79 Enable/disable MBEDTLS_SSL_EARLY_DATA for cases in ssl-opt.sh 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-15 02:49:46 +00:00
Valerio Setti
48e8fc737a Adding unit test for mbedtls_x509write_csr_set_extension() 
The already existing "x509_csr_check()" function is extended in order
to support/test also CSR's extensions. The test is performed by
adding an extended key usage.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-11-14 13:32:07 +01:00
Janos Follath
1b9cb62702
Merge pull request #6573 from tom-cosgrove-arm/convert-mpi_mod_int-test-cases-to-hex 
Enable mpi_mod_int test case to take full-range MPI integers
 2022-11-14 12:04:09 +00:00
Janos Follath
4d0ea7f4cc
Merge pull request #6550 from minosgalanakis/minos/6017_add_montgomery_conversion 
Bignum: Add Montgomery conversion from/to cannonical form
 2022-11-14 11:12:13 +00:00
Xiaokang Qian
402bb1ee90 Update documents and check 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:16:22 +00:00
Xiaokang Qian
50a47940b6 Update early data test case with gnutls 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:16:22 +00:00
Xiaokang Qian
f447e8a8d3 Address comments base on reviews 
Improve early data indication check
Update test case to gnutls server

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:15:36 +00:00
Xiaokang Qian
b0c32d8b20 Update early data test cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:15:05 +00:00
Xiaokang Qian
0e97d4d16d Add early data indication to client side 
Add fields to mbedtls_ssl_context
Add write early data indication function
Add check whether write early data indication
Add early data option to ssl_client2
Add test cases for early data

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:13:50 +00:00
Paul Elliott
aeb8bf2ab0
Merge pull request #6170 from yuhaoth/pr/tls13-cleanup-extensions-parser 
TLS 1.3: Add extension check for message parsers
 2022-11-11 19:00:46 +00:00
Minos Galanakis
47691fb756 bignum_tests: Refactored mpi_mod_raw_to/fromt_mont_rep 
This patch migrates the tests to use the `mbedtls_test_read_mpi_core()`.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2022-11-11 10:55:08 +00:00
Minos Galanakis
df070d660d bignum_tests: Added test for mbedtls_mpi_mod_raw_from_mont_rep() 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2022-11-11 10:55:08 +00:00
Minos Galanakis
631b491cbf bignum_tests: Added test for mbedtls_mpi_mod_raw_to_mont_rep() 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2022-11-11 10:55:08 +00:00
Tom Cosgrove
163d8952b3 Add additional (would fail) test cases for mpi_mod_int with 0 remainder 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-11-10 12:17:36 +00:00
Tom Cosgrove
9feb19f98d Use mbedtls_mpi_sint not mbedtls_mpi_uint in mpi_mod_int test 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-11-10 12:05:55 +00:00
Minos Galanakis
5566eff657 generate_bignum_tests: Enabled BignumModRaw automatic generation 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2022-11-10 11:37:33 +00:00
Gilles Peskine
b4eb444a5c
Merge pull request #6535 from davidhorstmann-arm/change-test-templating-syntax 
Change test templating syntax to be valid C
 2022-11-10 12:05:55 +01:00
Gilles Peskine
9a571ddfd9
Merge pull request #6543 from mpg/improve-test-suites-listing 
Improve test suite detection in run-test-suites.pl
 2022-11-09 19:03:03 +01:00
Gilles Peskine
ed4b34aa7c
Merge pull request #6570 from gilles-peskine-arm/bignum-mbedtls_test_read_mpi_core-nonempty 
Forbid empty mpi_core in test data
 2022-11-09 19:02:24 +01:00
David Horstmann
360f8e4429 Minor improvements to test code script 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-09 17:27:33 +00:00
Jerry Yu
97be6a913e fix various issues 
- typo error
- replace `ssl->hanshake` with handshake

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-09 22:43:31 +08:00
Tom Cosgrove
91e35e3c32 Enable mpi_mod_int test case to take full-range MPI integers 
Also add commented-out test cases that currently fail

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-11-09 11:45:29 +00:00
Manuel Pégourié-Gonnard
b9581824f7
Merge pull request #6561 from AndrzejKurek/ecjpake-error-injection 
Improve error injection in EC J-PAKE tests
 2022-11-09 11:48:36 +01:00
Gilles Peskine
95b5addcd6 Don't test mbedtls_mpi_core_lt_ct with 0 limbs 
A core MPI must have at least 1 limb. We can no longer test with 0 limbs,
and we don't need to anyway, so don't try.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-09 11:18:38 +01:00
Gilles Peskine
0b7e07904e Forbid empty mpi_core in test data 
This way static analyzers have a chance of knowing we don't expect the
bignum functions to support empty inputs. As things are, Coverity keeps
complaining about it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-09 10:45:15 +01:00
Gilles Peskine
4a480ac5a1
Merge pull request #6265 from Kabbah/x509-info-hwmodulename-hex 
`x509_info_subject_alt_name`: Render HardwareModuleName as hex
 2022-11-08 17:11:07 +01:00
Jerry Yu
616ba75c23 move test cases and mark tls13-kex-modes.sh as locked 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-08 23:51:39 +08:00
Andrzej Kurek
c018204019 Improve error injection in EC J-PAKE tests 
Instead of corrupting the public key part of the message,
corrupt the proof part. A proof is conceptually similar to a signature,
and changing anything in it should make it invalid with 
a high probability.
Also, instead of shifting data, perform a bitflip.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-11-08 08:12:56 -05:00
Gilles Peskine
42d75f2daf
Merge pull request #6013 from gstrauss/asn1-type-free 
Shared code to free x509 structs like mbedtls_x509_named_data
 2022-11-08 12:20:20 +01:00
Gilles Peskine
433f1f1809
Merge pull request #6456 from gabor-mezei-arm/6237_test_update_cond_assign_swap 
Update tests to use conditional assign and swap
 2022-11-08 12:15:07 +01:00
Jerry Yu
e5991328ff fix tls13 psk only test fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-08 16:16:29 +08:00
Glenn Strauss
2a64299648
Update tests/suites/test_suite_asn1parse.function 
Co-authored-by: Andrzej Kurek <andrzej.kurek@arm.com>
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-11-07 20:09:38 -05:00
Glenn Strauss
aa36c2a6f6
Update tests/suites/test_suite_asn1parse.function 
Co-authored-by: Andrzej Kurek <andrzej.kurek@arm.com>
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-11-07 20:08:54 -05:00
Glenn Strauss
82ba274c01 Deprecate mbedtls_asn1_free_named_data() 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-11-07 15:42:44 -05:00
Gilles Peskine
faefe62013
Merge pull request #6390 from mpg/fix-ecjpake-psa-format 
Fix ecjpake PSA format
 2022-11-07 17:35:44 +01:00
Gilles Peskine
bf249accc7
Merge pull request #6498 from yuhaoth/pr/fix-session-resumption-fail-when-hostname-is-not-localhost 
BUG: Fix session resumption fail when hostname is not localhost
 2022-11-07 17:33:38 +01:00
Gilles Peskine
34c09469f3
Merge pull request #5396 from SiliconLabs/codegen_1.1 
Driver dispatch Codegen 1.1
 2022-11-07 15:27:41 +01:00
Gabor Mezei
a8cf998bc9
Let the allocated memory visible for the memory sanitizer 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-11-07 15:14:49 +01:00