mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-11 00:40:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
31,080 Commits 170 Branches 263 Tags
Commit Graph

11362 Commits

Author SHA1 Message Date
Gilles Peskine
df0ef8a624
Merge pull request #9281 from mpg/rsapub 
[3.6] Reduce performance regression in RSA public operations
 2024-08-22 16:50:38 +00:00
Janos Follath
5f316972b2 Add header for mbedtls_mpi_exp_mod_unsafe() 
To silence no previous prototype warnings. And this is the proper way to
do it anyway.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-08-22 15:00:09 +01:00
Manuel Pégourié-Gonnard
273d07b0c0
Merge pull request #9240 from gilles-peskine-arm/psa-keystore-dynamic-3.6 
Backport 3.6: dynamically sized key store
 2024-08-22 12:53:32 +00:00
Janos Follath
878af12807 Fix memory corruption in exp_mod tests 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-08-20 12:33:42 +01:00
Janos Follath
8786dd79f7 Disable optionally safe test hook in threading builds 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-08-20 10:21:54 +01:00
Janos Follath
7342656098 Add tests for optionally unsafe code paths 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-08-13 11:39:03 +01:00
Janos Follath
e0842aa751 Add tests for optionally safe codepaths 
The new test hooks allow to check whether there was an unsafe call of an
optionally safe function in the codepath. For the sake of simplicity the
MBEDTLS_MPI_IS_* macros are reused for signalling safe/unsafe codepaths
here too.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-08-13 08:40:31 +01:00
Gilles Peskine
7f9470ac02
Merge pull request #9451 from minosgalanakis/fix-v3.6-issues-9186-and-9188-bp 
[Backport 3.6] Fix v3.6 issues 9186 and 9188 bp
 2024-08-12 09:34:19 +00:00
Gilles Peskine
9dc903a316 Add test components with the PSA static key store 
We were only testing the static key store (MBEDTLS_PSA_KEY_STORE_DYNAMIC
disabled) with configs/*.h. Add a component with the static key store and
everything else (including built-in keys), and a component with the static
key store and CTR_DBRG using PSA for AES (which means PSA uses a volatile
key internally).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-09 13:54:56 +02:00
Gilles Peskine
3bc9d2b5b9 Dynamic key store: make full-key-store tests work effectively 
Add a practical way to fill the dynamic key store by artificially limiting
the slice length through a test hook.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-09 13:54:54 +02:00
Gilles Peskine
b5891cc2cd Dynamic key store: disable full-key-store tests 
It's impractical to fill the key store when it can grow to accommodate
millions of keys.

A later commit will restore those tests in test configurations with the
dynamic key store.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-09 13:52:50 +02:00
Gilles Peskine
2bfd749e86 Dynamic key store: new compilation option 
Create a new compilation option for a dynamically resized key store. The
implementation will follow in subsequent commits.

This option is off by default with custom configuration files, which is best
for typical deployments on highly constrained platforms. This option is on
by default with the provided configuration file, which is best for typical
deployments on relatively high-end platforms.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-09 13:52:30 +02:00
Gilles Peskine
3b41e1d2a5
Merge pull request #9403 from gilles-peskine-arm/psa-keystore-dynamic-prep-3.6 
Backport 3.6: prepare for dynamic key store
 2024-08-09 08:00:03 +00:00
Gilles Peskine
aaa96721d1 Improve documentation in some tests 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-08 15:56:46 +02:00
Gilles Peskine
a9083b752c PSA_DONE: account for MBEDTLS_TEST_PSA_INTERNAL_KEYS 
Replace the hard-coded 1 by the proper constant now that the proper constant
exists.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 20:09:08 +02:00
Tom Cosgrove
4306a69931
Merge pull request #9437 from tom-daubney-arm/bp_3-6_standardise_proj_detection 
[3.6 Backport] Standardise Project Detection
 2024-08-07 07:18:43 +00:00
Thomas Daubney
5f0b64aadf Move some proj detection code inside pre_check_environment 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 17:38:19 +01:00
Gilles Peskine
472c10f4a5 key_custom: update analyze_outcomes.py 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:13:05 +02:00
Gilles Peskine
f5db72bbb9 Test cpp_dummy_build in pedantic mode 
In public headers, we want to avoid things that are not standard C++,
including features that GCC and Clang support as extensions, such as
flexible array members. So compile with `-pedantic`.

Non-regression for https://github.com/Mbed-TLS/mbedtls/issues/9020.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:13:04 +02:00
Gilles Peskine
14134e7ddc Remove some tests of psa_generate_key_ext 
We know it's a thin wrapper around psa_generate_key_custom, so we just need
to check that it's passing the information through, we don't need coverage
of the parameter interpretation.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:12:06 +02:00
Gilles Peskine
a8e39f2156 Update PSA wrappers 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:12:06 +02:00
Gilles Peskine
f36d785188 Implement psa_generate_key_custom 
Implement `psa_generate_key_custom()` and
`psa_key_derivation_output_key_custom()`. These functions replace
`psa_generate_key_ext()` and `psa_key_derivation_output_key_ext()`.
They have the same functionality, but a slightly different interface:
the `ext` functions use a structure with a flexible array member to pass
variable-length data, while the `custom` functions use a separate parameter.

Keep the `ext` functions for backward compatibility with Mbed TLS 3.6.0.
But make them a thin wrapper around the new `custom` functions.

Duplicate the test code and data. The test cases have to be duplicated
anyway, and the test functions are individually more readable this way.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:12:06 +02:00
Michael Schuster
9bf1875146 Revert commit 33af72df in order to not depend on test code 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
ab4951fbef Add missing include in tests/src/psa_memory_poisoning_wrappers.c to fix missing-prototype error 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
6a3573a1dd Fix Uncrustify errors in modified tests/suites to satisfy check_code_style test 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
275b698ee7 Use correct test case conditionals for helper functions in tests/suites 
Fix unused-function errors.

Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
6d6cae53ad Fix tests build with MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS enabled 
In that case mbedtls_psa_platform_get_builtin_key is already declared.

Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
31b1cb8601 Adjust spacing in tests/suites function sources 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
b1e33fb707 Fix missing-prototype errors in tests/suites 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
8cc43f23b6 Fix unused-function error for ecjpake_operation_setup in test_suite_psa_crypto.function 
This function is not referenced anywhere in the whole codebase.

Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
3a4c43174c Move print_buf into mbedtls_test_print_buf helper function in sample programs 
Reduce code duplication and fix missing-prototype error for print_buf

Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
b4d55bb5db Add missing include in tests/src/asn1_helpers.c 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Minos Galanakis
83222b8c41 Add -Wmissing-prototypes to component_build_no_ssl_srv and component_build_no_ssl_cli in all.sh 
Signed-off-by: Michael Schuster <michael@schuster.ms>
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-06 12:09:13 +01:00
Manuel Pégourié-Gonnard
095cf69bc6
Merge pull request #9444 from minosgalanakis/all-sh-separate-components_36bp 
Backport 3.6:  Separate all.sh from its components
 2024-08-06 07:58:03 +00:00
Minos Galanakis
bd6b98fd40 all.sh/components: Removed components.sh 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-05 12:20:26 +01:00
Minos Galanakis
bb427371e6 all.sh/components: Moved build_aes_via_padlock to platform component. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-05 12:20:26 +01:00
Minos Galanakis
5f6d2e3120 all.sh/components: Moved driver components to configuration crypto. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-05 12:20:26 +01:00
Minos Galanakis
0c0c3e1713 all.sh/components: Moved more components to configuration crypto. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-05 12:20:26 +01:00
Minos Galanakis
4ca7b14060 all.sh/components: Fixed a typo in configuration-tls. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-05 12:20:21 +01:00
Minos Galanakis
85347d15c6 all.sh/components: Moved more components to configuration tls. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-05 12:19:27 +01:00
Minos Galanakis
4a2a351df8 Extract sanitizer components into a separate file. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-05 12:02:39 +01:00
Minos Galanakis
f0cd95b6f6 Extract platform components into a separate file. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-05 12:02:39 +01:00
Minos Galanakis
93a8c08910 Extract configuration components into a separate file. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-05 12:02:37 +01:00
Minos Galanakis
27968c1660 Extract configuration-x509 components into a separate file. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-05 12:01:55 +01:00
Minos Galanakis
5b4386c640 Extract configuration-platform components into a separate file. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-05 12:01:53 +01:00
Minos Galanakis
3ece57e173 Extract configuration-crypto-components into a separate file. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-05 12:01:08 +01:00
Minos Galanakis
b298d1f8d2 Extract compliance-components into a separate file. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-02 02:08:54 +01:00
Minos Galanakis
3bd6c30e13 Extract compiler-components into a separate file. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-02 02:08:54 +01:00
Minos Galanakis
2148e5c603 Extract build-components into a separate file. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-02 02:08:54 +01:00
Minos Galanakis
e431739c72 Extract basic-components into a separate file. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-08-02 02:08:54 +01:00