AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
17,819 Commits 1 Branch 0 Tags 61 MiB
57b2aff8a8
Commit Graph

17819 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
236bf98cfd Move some code of run_test into auxiliary functions 
No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-19 16:45:29 +02:00
Gilles Peskine
6210320215
Merge pull request #4989 from AndrzejKurek/remove-ssl-export-keys 
Remove MBEDTLS_SSL_EXPORT_KEYS, making it always on
 2021-10-18 17:53:56 +02:00
Gilles Peskine
e7997c494b
Merge pull request #5085 from daverodgman/fix_naming 
Fix naming examples in TLS 1.3 style guide
 2021-10-18 17:52:07 +02:00
Gilles Peskine
bf21c07923
Merge pull request #5072 from mprse/issue_5065 
Use switch statement instead if-else in psa_aead_check_nonce_length() and psa_aead_set_lengths(). Fixes #5065
 2021-10-18 17:51:50 +02:00
Dave Rodgman
c8aaac89d0 Fix naming examples in TLS 1.3 style guide 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-10-18 13:00:51 +01:00
Gilles Peskine
7637ab0d8b
Merge pull request #5037 from mprse/issue_4551 
Fix psa_generate_key(): return PSA_ERROR_INVALID_ARGUMENT for public key
 2021-10-18 10:39:21 +02:00
Gilles Peskine
0d4640ad90
Merge pull request #4984 from gilles-peskine-arm/check-names-files 
check_names.py: more robust handling of excluded files
 2021-10-15 13:33:50 +02:00
Przemyslaw Stekiel
316c4fa3ce Address review comments 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2021-10-15 08:04:53 +02:00
Gilles Peskine
2bb5e9c973
Merge pull request #4760 from gilles-peskine-arm/ecb-alt-ret-3.0 
Catch failures of mbedtls_aes_crypt_ecb and its DES equivalents
 2021-10-14 12:11:20 +02:00
Przemyslaw Stekiel
ed61c5e8b0 Add change-log file (issue #5065) 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2021-10-14 09:14:09 +02:00
Gilles Peskine
1c66bf8061
Merge pull request #5070 from mpg/fix-resumption-openssl-client-tests 
Use newer OpenSSL for tests failing with the old
 2021-10-13 21:05:15 +02:00
Paul Elliott
0421715ade Use 127.0.0.1 rather than localhost 
This was causing some tests using the openssl s_client to not connect -
I suspect this was due to localhost (at least on my machine) resolving
to ::1 rather than 127.0.0.1. Note that the error seen would have been
that the session file specified with -sess_out did not get created.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-10-13 16:14:47 +01:00
Paul Elliott
1428f252ad Fix incorrect check for DTLS 
Missing wildcards meant that some servers were not identified as DTLS,
which lead to port checking on TCP rather than UDP, and thus mistakenly
cancelling tests as the server had not come up.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-10-13 16:14:40 +01:00
Paul Elliott
09cfa18976 Spelling fix 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-10-13 16:13:44 +01:00
Przemyslaw Stekiel
4cad4fc8a9 psa_crypto.c: use switch instead if-else in psa_aead_check_nonce_length and psa_aead_set_lengths (fixes #5065) 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2021-10-13 14:04:36 +02:00
Przemyslaw Stekiel
1ecfdea002 all.sh: add full - MBEDTLS_CHACHAPOLY_C without PSA_WANT_ALG_GCM and PSA_WANT_ALG_CHACHA20_POLY1305 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2021-10-13 13:27:34 +02:00
Manuel Pégourié-Gonnard
d60950c2d0 Use newer OpenSSL for tests failing with the old 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2021-10-13 13:12:47 +02:00
Ronald Cron
e3e16d5d67
Merge pull request #4982 from yuhaoth/pr/add-read-ptr-and-handshake-kex-modes 
TLS1.3:add read ptr and handshake kex modes
CI merge job: only "Session resume using tickets, DTLS: openssl client" failed in one component thus CI can be considered as passed.
 2021-10-11 19:23:12 +02:00
Przemyslaw Stekiel
77804132ba Use PSA_HASH_LENGTH instead hardcoded integer values 2021-10-11 16:38:17 +02:00
Ronald Cron
e23bba04ee
Merge pull request #4927 from yuhaoth/pr/add-tls13-serverhello-utils 
TLS 1.3: ServerHello: add  utils functions used by ServerHello
Regarding the merge job, there was only one of the failure we currently encounter on almost all PR (Session resume using tickets, DTLS: openssl client test case see #5012) thus we can consider that this PR passed CI.
 2021-10-11 11:01:11 +02:00
Przemyslaw Stekiel
b576c7b779 Address review comments 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2021-10-11 10:43:17 +02:00
Jerry Yu
e4eefc716a Improve document for chk_buf_read_ptr 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-09 10:40:40 +08:00
Gilles Peskine
f6892dec2a Readability improvements 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-08 16:28:32 +02:00
Jerry Yu
fd320e9a6e Replace zeroize with memset 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 21:52:41 +08:00
Gilles Peskine
09c46da27e Implement PSA_WANT_KEY_TYPE_ARIA 
Follow what has been done for CAMELLIA.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-08 15:48:16 +02:00
Przemyslaw Stekiel
25f7063533 enerate_psa_tests.py fix format 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2021-10-08 15:28:45 +02:00
Jerry Yu
88b756bacb move tls1_3 max md size 
It should be internal definition

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 18:41:38 +08:00
Przemyslaw Stekiel
d9d630cdf3 Addapt psa_generate_key() tests 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2021-10-08 12:26:21 +02:00
Gilles Peskine
f4d2fd4a05 Fix cmake invocation syntax 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-08 11:45:47 +02:00
Jerry Yu
d1ab262844 define max md size for tls1_3 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 16:19:24 +08:00
Jerry Yu
205fd82f7e fix check_name fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 16:16:24 +08:00
Jerry Yu
ae0b2e2a2f Rename counter_len 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 15:40:14 +08:00
Jerry Yu
c1ddeef53a fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 15:40:14 +08:00
Jerry Yu
dca3d5ddf9 fix document issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 14:19:29 +08:00
Jerry Yu
0cabad375b fix doxygen parameter wrong 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 14:00:29 +08:00
Jerry Yu
adf861aad4 Address kex_modes check function 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 14:00:29 +08:00
Jerry Yu
e15e665cfb fix comments and check return issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 14:00:29 +08:00
Jerry Yu
1b7c4a464c tls13: add key exchange modes in handshake params 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 14:00:29 +08:00
Jerry Yu
34da3727d6 Add check read ptr macro 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-10-08 14:00:29 +08:00
Gilles Peskine
dbf7b7eeb5 Switch cmake -O2 builds around to where we test a lot 
Use Release mode (-O2) for component_test_full_cmake_clang which runs SSL
tests.

To have some coverage with Check mode (which enables more compiler warnings
but compiles with -Os), change a few other builds that only run unit tests
at most to Check mode.

Don't add any new builds, to keep the total build volume down. We don't need
extensive coverage of all combinations, just a reasonable set.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-07 19:38:32 +02:00
Gilles Peskine
77f0535a93 Clarify a comment 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-07 19:27:16 +02:00
Gilles Peskine
cf52222694 Correct support function name 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-07 19:25:29 +02:00
Gilles Peskine
4086159910 Remove obsolete specification draft 
See https://armmbed.github.io/mbed-crypto/psa/#hardware-abstraction-layer
instead.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-07 19:14:01 +02:00
Przemyslaw Stekiel
db0ed7c579 ssl_server2.c: fix build err (key_slot - unused variable) 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2021-10-07 15:11:43 +02:00
Przemyslaw Stekiel
770153e836 Add change-log entry 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2021-10-07 11:12:41 +02:00
Przemyslaw Stekiel
c0fe820dc9 psa_generate_key(): return PSA_ERROR_INVALID_ARGUMENT for public key 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2021-10-07 11:08:56 +02:00
Gilles Peskine
0c7c524b25
Merge pull request #5001 from gilles-peskine-arm/readme-add-contacts 
Add contact information directly on the home page
 2021-10-06 19:35:52 +02:00
Gilles Peskine
bf3ec84b1c
Merge pull request #5003 from gilles-peskine-arm/all.sh-makeflags-nproc 
Limit make parallelism to the number of CPUs in all.sh
 2021-10-06 19:35:12 +02:00
Przemyslaw Stekiel
575f23c3d5 add client/server opaque test 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2021-10-06 14:36:41 +02:00
Gilles Peskine
b9b817e977 Fix PSA_ALG_RSA_PSS verification accepting an arbitrary salt length 
PSA_ALG_RSA_PSS algorithm now accepts only the same salt length for
verification that it produces when signing, as documented.

Fixes #4946.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-05 14:26:25 +02:00