mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-04 15:39:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
21,764 Commits 170 Branches 263 Tags
Commit Graph

7464 Commits

Author SHA1 Message Date
Gilles Peskine
bdc7b8bb6a Allow test assertions on constant-flow scalar data 
When testing a function that is supposed to be constant-flow, we declare the
inputs as constant-flow secrets with TEST_CF_SECRET. The result of such a
function is itself a constant-flow secret, so it can't be tested with
comparison operators.

In TEST_EQUAL, TEST_LE_U and TEST_LE_S, declare the values to be compared as
public. This way, test code doesn't need to explicitly declare results as
public if they're only used by one of these macros.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-09-30 18:51:41 +02:00
Gilles Peskine
97483b0fd4 Remove incorrect comment 
This comment (which used to be attached to the implementation, and should
not have been moved to the header file) is incorrect: the library function
mbedtls_mpi_read_string preserves leading zeros as desired, but does not
create a zero-limb object for an empty string.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-09-30 18:51:41 +02:00
Gabor Mezei
ec5685f1ee
Use exact-size buffers for inputs and outputs to library functions in tests 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-09-30 14:48:54 +02:00
Gabor Mezei
f5ca726ce1
Rename variables to match bettr to its purpose 
The length in bytes is used with the 'len' prefix and
the length in limbs is used with the 'limbs' prefix.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-09-30 14:35:42 +02:00
Gabor Mezei
8b05e3b148
Add memory freeing 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-09-30 13:36:41 +02:00
Gabor Mezei
a7584888da
Use exact-size buffers for inputs and outputs to library functions in tests 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-09-30 13:36:41 +02:00
Gabor Mezei
821d15107b
Check true and false condition in the same test case 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-09-30 13:36:41 +02:00
Gabor Mezei
3eff425b1a
Use only one limb parameter for assign 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-09-30 13:36:40 +02:00
Gabor Mezei
027d696434
Remove unused code 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-09-30 13:36:40 +02:00
Gabor Mezei
b2763ef507
Do not read uninitialized memory 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-09-30 13:36:40 +02:00
Gabor Mezei
cfc0eb8d22
Remove unused parameter 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-09-30 13:36:39 +02:00
Gabor Mezei
53e455db7b
Remove return value checking from test functions of assign and swap 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-09-30 13:36:39 +02:00
Gabor Mezei
b27b1c5db0
Add tests for conditional assign and swap functions 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-09-30 13:36:30 +02:00
Gilles Peskine
845de0898e
Merge pull request #6083 from tom-cosgrove-arm/issue-6015-montgomery-multiplication 
Montgomery multiplication from bignum prototype
 2022-09-30 10:35:21 +02:00
Tom Cosgrove
4386ead662 Correct the aliasing requirements in doc for mbedtls_mpi_core_montmul(), and test them 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-09-29 14:40:21 +01:00
Przemek Stekiel
48a6a666a0 Add ssl-opt tls 1.2 tests for single cipher builds 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-29 15:29:33 +02:00
Przemek Stekiel
8d4b241028 Remove redundant indirect dependencies after optimizing setup for one cipher components 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-29 10:13:40 +02:00
Przemek Stekiel
a891a091a3 test_suite_cmac.data: fix bug: use cipher type instead cipher id 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-29 09:53:20 +02:00
Przemek Stekiel
68db0d2f67 Optimize one cipher only components and adapt nemes 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-29 08:32:25 +02:00
Ronald Cron
77c691f099
Merge pull request #6194 from xkqian/tls13_add_psk_client_cases 
TLS 1.3: Add PSK client cases
 2022-09-28 17:08:06 +02:00
Przemek Stekiel
0cc3466c9e Change testing strategy to default + one cypher only (psa/no psa) 
In full config TLS 1.2 is disabled.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 12:06:57 +02:00
Przemek Stekiel
b0de1c040b Add components to build and test default/full config with legacy-ccm cipher only 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 11:15:16 +02:00
Przemek Stekiel
9550c05757 Add component to build and test full config with stream cipher only 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 09:51:55 +02:00
Xiaokang Qian
a70bd9108a Fix the description of psk client cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-28 07:50:13 +00:00
Manuel Pégourié-Gonnard
e3358e14b2
Merge pull request #6051 from mprse/permissions_2b_v2 
Permissions 2b: TLS 1.3 sigalg selection
 2022-09-28 09:50:04 +02:00
Manuel Pégourié-Gonnard
f3f9e450b6
Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2 
Ad-hoc KDF for EC J-PAKE in TLS 1.2
 2022-09-28 09:47:32 +02:00
Przemek Stekiel
d582a01073 Make MBEDTLS_SSL_CONTEXT_SERIALIZATION dependent on AEAD 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 07:59:01 +02:00
Xiaokang Qian
ca343ae280 Improve message logs and test cases description in psk 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-28 02:07:54 +00:00
Gabor Mezei
0bb138241b
Add initialization for structures 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-09-27 18:48:44 +02:00
Przemek Stekiel
6f29a6c4b4 test_suite_cipher.function: always include aes.h 
It is done to have MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH macro available (used in tests)

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-27 15:04:14 +02:00
Przemek Stekiel
a82290b727 Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions 
Both functions are calling mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions. These functions are guarded with MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C flags - make it consistent.
As a result ssl_server2 won't build now with MBEDTLS_SSL_SESSION_TICKETS enabled (mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions not available).
Mark MBEDTLS_SSL_SESSION_TICKETS as dependent on MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C and disable MBEDTLS_SSL_SESSION_TICKETS in stream cipher only build.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-27 15:04:14 +02:00
Przemek Stekiel
11c362a050 Add component to build and test default config with stream cipher only 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-27 15:04:08 +02:00
Xiaokang Qian
9c172042b6 Change cases description base on comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-27 11:41:50 +00:00
Xiaokang Qian
e12d30d751 Move psk related cases into tls13-kex-modes.sh 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-27 11:34:14 +00:00
Andrzej Kurek
3539f2c90b Improve readability in ecjpake tests 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-26 10:56:02 -04:00
Xiaokang Qian
954d5769ef PSK: change descriptions base on comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-26 08:40:10 +00:00
Xiaokang Qian
ac8195f4f7 Fix wrongly kex mode fallback issue in psk cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-26 06:31:58 +00:00
Gilles Peskine
12a1e85caa
Merge pull request #6138 from Zaya-dyno/validation_remove_change_key_agree 
Validation remove change key agree
 2022-09-23 17:04:20 +02:00
Gilles Peskine
f70f4ead7f
Merge pull request #6248 from gilles-peskine-arm/all-sh-force-3.2 
Fix all.sh --force
 2022-09-23 17:04:00 +02:00
Gilles Peskine
87953f228f
Merge pull request #6091 from Zaya-dyno/validation_remove_change_pk 
Validation remove change pk
 2022-09-23 17:03:30 +02:00
Paul Elliott
2c282c9bd0
Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets 
TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.
 2022-09-23 15:48:33 +01:00
Gabor Mezei
f29c2a5313
Add initialization for structures 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-09-23 15:25:27 +02:00
Xiaokang Qian
210727f3b1 Skip some psk cases cause wrong fallback to ephemeral 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 07:25:40 +00:00
Xiaokang Qian
dea2cbe199 Fix various test issues in psk m->m cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian
658204c71e Remove negative test cases for m->O and m->G 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian
8939930b82 Rebase and fix some test failures 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian
cffb18cee7 Fix various issues 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian
8f7d7c7aaf Address comments about description of psk cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian
edc35e7ffd Refine the psk test cases for m->G 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian
2efece22a0 Refine the psk test cases for m->O 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00