mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-05 16:13:36 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
29,984 Commits 172 Branches 263 Tags
Commit Graph

10857 Commits

Author SHA1 Message Date
Ryan Everett
fbf815d9cb Add key_destroyable parameter to key export smoke tests 
These are only called from mbedtls_test_psa_exercise_key

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-13 14:31:11 +00:00
Ryan Everett
73e4ea37f4 Add key_destroyable parameter to non-raw key agreement smoke tests 
All current usages have this parameter set to 0 (this means the tests are unchanged).
Remove the GENERIC_ERROR return behaviour, in favour of returning the actual status.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-13 14:31:11 +00:00
Ryan Everett
8163028fbd Add key_destroyable parameter to raw key agreement smoke tests 
All current usages have this parameter set to 0 (meaning the behaviour
of these tests hasn't changed). We also now return the actual error code, not GENERIC_ERROR

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-12 17:01:09 +00:00
Ryan Everett
c1cc6686f0 Add key_destroyable parameter to key derivation smoke tests 
All current usages have this parameter set to 0 (in this case the behaviour of
the test is unchanged)

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-12 17:01:09 +00:00
Ryan Everett
d48fc102d3 Add key_destroyable parameter to exercise_asymmetric_encryption_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-12 17:01:09 +00:00
Ryan Everett
6edd40819e Add key_destroyable parameter to exercise_signature_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-12 17:01:09 +00:00
Ryan Everett
fbe703de2a Add key_destroyable parameter to exercise_aead_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-12 17:01:09 +00:00
Ryan Everett
70691f3082 Add key_destroyable parameter to psa_exercise_cipher_key 
If the key has been destroyed (and the new parameter is 1), we test that
psa_cipher_abort succeeds in this scenario.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-12 17:01:09 +00:00
Ryan Everett
7763550884 Add key_destroyable parameter to exercise_mac_key 
If the key has been destroyed (and the new parameter is 1) then we test that
psa_mac_abort succeeds in this scenario.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-12 17:01:09 +00:00
Ryan Everett
f08a93fbe5 Add key_destroyable parameter to check_key_attributes_sanity 
This function is currently only used in the exercise_key smoke test.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-12 17:01:09 +00:00
Ryan Everett
0a271fde76 Add key_destroyable parameter to mbedtls_test_psa_exercise_key 
This will allow us to use this smoke test to ensure that key slot content reads are
only performed when we are registered to read a full slot. We will destroy the key
on another thread while the key is being exercised, and fail the test if an unexpected
error code is hit. Future commits will incrementally implement this new parameter.

All current usages of this function have this parameter set to 0, in which case
the new behaviour must be the same as the old behaviour

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-12 17:01:09 +00:00
Ronald Cron
ec4ed8eae4
Merge pull request #8857 from ronald-cron-arm/tls13-cli-max-early-data-size 
TLS 1.3: Enforce max_early_data_size on client
 2024-03-12 13:31:20 +00:00
Dave Rodgman
a7f3c4e1d0
Merge pull request #8822 from daverodgman/sha3-perf 
SHA-3 performance & code size
 2024-03-12 13:14:40 +00:00
Janos Follath
43edc75e31
Merge pull request #8882 from Ryan-Everett-arm/threading-key-tests 
Test multi-threaded key generation
 2024-03-11 15:07:48 +00:00
Dave Rodgman
9cc01ccbf8
Merge pull request #8831 from yanesca/switch_to_new_exp 
Use mpi_core_exp_mod in bignum
 2024-03-11 13:40:46 +00:00
Manuel Pégourié-Gonnard
af3e574f5f
Merge pull request #8862 from valeriosetti/issue8825 
Improve support of mbedtls_psa_get_random in client-only builds
 2024-03-10 20:06:27 +00:00
Ronald Cron
61fd13c6a5 Merge remote-tracking branch 'mbedtls/development' into tls13-cli-max-early-data-size 2024-03-10 18:09:47 +01:00
Ronald Cron
7e1f9f290f
Merge pull request #8854 from ronald-cron-arm/tls13-srv-max-early-data-size 
TLS 1.3: Enforce max_early_data_size on server
 2024-03-09 00:16:07 +00:00
Ronald Cron
e1295fabaf tests: ssl: early data: Fix comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 17:05:27 +01:00
Janos Follath
080a5171e2
Merge pull request #8861 from ronald-cron-arm/tls13-srv-select-kex 
TLS 1.3: SRV: Improve key exchange mode selection
 2024-03-08 14:58:36 +00:00
Ronald Cron
52472104a2 tests: suite: early data: Add comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 14:51:20 +01:00
Ronald Cron
4facb0a9cd tests: ssl: Improve early data test code 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 14:51:20 +01:00
Ronald Cron
1a13e2f43e tests: ssl: Improve test code for very small max_early_data_size 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 14:51:20 +01:00
Ronald Cron
e14770fc42 ssl-opt.sh: Fix early data test option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:57:36 +01:00
Ronald Cron
1f63fe4d74 tls13: srv: Fix resume flag in case of cancelled PSK 
If we prefer ephemeral key exchange mode over
the pure PSK one, make sure the resume flag is
disabled as eventually we are not going to
resume a session even if we aimed to at some
point.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
cf284565c5 tls13: srv: Determine best key exchange mode for a PSK 
Determine best key exchange for for ticket based and
external PSKs.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
12e72f1664 tls13: srv: Always parse the pre-shared key extension 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-08 08:43:41 +01:00
Ronald Cron
139a4185b1
Merge pull request #8587 from yanrayw/issue/4911/ssl_setup-check-RNG-configuration 
TLS: check RNG when calling mbedtls_ssl_setup()
 2024-03-08 07:38:39 +00:00
Ryan Everett
63c1cf7eaa Remove MBEDTLS_THREADING_C check in check_test_dependencies 
At the moment our tests only check for MBEDTLS_THREADIN_PTHREAD

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-06 16:46:15 +00:00
Paul Elliott
16d5160504 Allow the use of threading dependancies in PSA tests. 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-03-06 16:46:15 +00:00
Ryan
b0b3c0d80a Disable MBEDTLS_SELF_TEST in the TSan config 
Enabling this causes TSan warnings, as some self-tests use unprotected globals
(see X_count variables in ecp.c). This isn't an issue, as these globals are only
read in self tests, which do not use threads.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-06 16:46:08 +00:00
Ryan
2066d0451f Add test cases for concurrently_generate_keys 
For every generate_key test there is now a concurrently_generate_keys test.
8 threads per test, and 5 repetitions.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-06 16:46:00 +00:00
Ryan
3a1b786d5d Add a concurrent key generation test function 
Split into n threads, each thread will repeatedly generate,
exercise and destroy a key.
Then join the threads, and ensure using PSA_DONE that no keys still exist.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-06 16:45:36 +00:00
Paul Elliott
8a2062c538
Merge pull request #8892 from paul-elliott-arm/add_threading_to_drivers 
Ensure drivers have threading enabled if required
 2024-03-06 14:35:49 +00:00
Gilles Peskine
31403a4ca8
Merge pull request #8678 from daverodgman/quietbuild 
Make builds less verbose
 2024-03-05 18:04:16 +00:00
Gilles Peskine
71cc260563
Merge pull request #8728 from minosgalanakis/features/add_mbedtls_x509_crt_get_ca_istrue_accesor_6151 
[MBEDTLS_PRIVATE] Add mbedtls_x509_crt_get_ca_istrue() accesor
 2024-03-05 18:04:06 +00:00
Dave Rodgman
3c4166aef3
Merge pull request #8863 from minosgalanakis/feature/add_ecdh_context_5016 
[MBEDTLS_PRIVATE] Add a getter for the ECDH context->grp.id member.
 2024-03-05 16:58:13 +00:00
Minos Galanakis
581e63637a test_suite_x509parse: Added test-case for legacy certificate 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-05 14:39:23 +00:00
Paul Elliott
053b7886e5 Ensure drivers have threading enabled if required 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-03-05 14:27:23 +00:00
Gilles Peskine
8462146d01
Merge pull request #8867 from gilles-peskine-arm/psa_key_attributes-remove_core 
Merge psa_core_key_attributes_t back into psa_key_attributes_t
 2024-03-05 09:59:24 +00:00
Ronald Cron
987cf898db ssl_helpers: Restore rng_seed incrementation 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-04 10:24:27 +01:00
Gilles Peskine
fad79fcdd9 Merge remote-tracking branch 'development' into ecp-write-ext-3.6 
Conflicts:
* library/pk.c: mbedtls_pk_wrap_as_opaque() changed in the feature branch
  and was removed in the target branch.
 2024-03-04 08:52:08 +01:00
Minos Galanakis
a83ada4eba tests: Added test for mbedtls_x509_crt_get_ca_istrue() 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-04 02:22:01 +00:00
Ronald Cron
e93cd1b580 tests: ssl: Free write/read test buffers 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 19:30:00 +01:00
Ronald Cron
7c07aab72e tests: write early data: Improve tls13_cli_max_early_data_size 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 19:07:40 +01:00
Ronald Cron
ae6f9a58a9 tests: write early data: Allocate buffer to write/read 
Allocate the buffer to write/read early data. That
way in ASan builds. buffer overwrite/overread can
be detected.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 19:07:34 +01:00
Valerio Setti
ada2ec3482 psa_crypto_stubs/changelog: fix typos 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-01 18:04:14 +01:00
Ronald Cron
aab4a546bf tests: Set the default conf then customize 
Set the default conf then customize, not the
other way around.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 17:09:22 +01:00
Ronald Cron
10b040fa6f tests: ssl_helpers: Rename rng_get to mbedtls_test_random 
mbedtls_test_ as the prefix for test APIs
_random like in mbedtls_ctr/hmac_drbg_random

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 17:00:38 +01:00
Manuel Pégourié-Gonnard
e33b349c90
Merge pull request #8864 from valeriosetti/issue8848 
Deprecate or remove mbedtls_pk_wrap_as_opaque
 2024-03-01 15:54:32 +00:00