Gilles Peskine
476b157dc4
Merge pull request #5305 from gilles-peskine-arm/test-missing-ret-check-202112-development
...
Missing error checks + test bug on unlikely failure
2021-12-10 17:41:52 +01:00
Gilles Peskine
0ca219575a
mbedtls_pk_parse_key: don't allocate if not needed
...
mbedtls_pk_parse_key() makes a temporary copy of the key when it calls
pk_parse_key_pkcs8_encrypted_der(), because that function requires a
writable buffer. pk_parse_key_pkcs8_encrypted_der() always rejects an
empty password, so skip calling it in that case, which allows us to
skip the allocation as well.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-12-10 17:36:37 +01:00
Minos Galanakis
c10086e33e
changelog: Addressed review comments #6
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2021-12-10 15:52:54 +00:00
Jerry Yu
29ceb564f8
fix help message issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 23:38:57 +08:00
Minos Galanakis
8340ea80cd
changelog: Addressed review comments #5
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2021-12-10 15:31:23 +00:00
Ronald Cron
64bff9f261
tests: data_files: Avoid symbolic links
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 15:09:57 +01:00
Jerry Yu
b54b53142a
fix msvc build faile
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 21:38:12 +08:00
Gilles Peskine
dc8ecda46f
Don't fail until everything is initialized
...
Can't call mbedtls_cipher_free(&invalid_ctx) in cleanup if
mbedtls_cipher_init(&invalid_ctx) hasn't been called.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-12-10 14:28:31 +01:00
Ronald Cron
b1822efe22
docs: TLS 1.3: Improve wording
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 14:28:13 +01:00
Gilles Peskine
f1c30b2a94
Check return values in more places
...
Selective replacement of
```
^\( *\)\(mbedtls_\(md\|cipher\)_[A-Z_a-z0-9]+\)\((.*)\);
```
by
```
\1if( \2\4 != 0 )
\1{
\1 mbedtls_fprintf( stderr, "\2() returned error\\n" );
\1 goto exit;
\1}
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-12-10 14:25:45 +01:00
Ronald Cron
db6adc5aad
ssl: Fix some compilation guards for TLS 1.3 signature algorithms
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 14:25:35 +01:00
Ronald Cron
bb27b43013
build: Fix TLS 1.3 prerequisites
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 14:22:52 +01:00
Ronald Cron
6aeda5305c
Add change log for TLS 1.3 MVP
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 13:48:12 +01:00
Ronald Cron
6f135e1148
Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3
...
As we have now a minimal viable implementation of TLS 1.3,
let's remove EXPERIMENTAL from the config option enabling
it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 13:47:55 +01:00
Jerry Yu
2e8b00172b
Beauty source code
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 20:29:02 +08:00
Ronald Cron
7aa6fc1992
docs: TLS 1.3: Update prototype upstreaming status
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 13:22:21 +01:00
Ronald Cron
653d5bc781
docs: TLS 1.3: Swap prototype upstreaming status and MVP definition
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 13:22:21 +01:00
Ronald Cron
43ffc9d659
docs: TLS 1.3: Update TLS 1.3 documentation file name
...
Update TLS 1.3 documentation file name and its
overview section.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 13:22:21 +01:00
Ronald Cron
0abf07ca2c
Make PSA crypto mandatory for TLS 1.3
...
As we want to move to PSA for cryptographic operations
let's mandate PSA crypto from the start.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 13:22:21 +01:00
Dave Rodgman
76a2b306ac
Merge pull request #4981 from yuhaoth/pr/add-debug-helpers-generated
...
Add debug helpers generated
2021-12-10 11:56:55 +00:00
Manuel Pégourié-Gonnard
4525cce691
Merge pull request #5256 from yuhaoth/pr/clean-up-secrets-after-done
...
TLS1.3 MVP: Erase secrets when they are not necessary anymore.
2021-12-10 12:48:25 +01:00
Minos Galanakis
5f173c62a4
changelog: Addressed review comments #4
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2021-12-10 11:07:27 +00:00
Ronald Cron
6b07916e40
Merge pull request #5230 from ronald-cron-arm/tls13_ccs_client
...
Add initial support for "Middlebox Compatibility Mode"
2021-12-10 11:58:05 +01:00
Minos Galanakis
3f46f38095
changelog: Addressed review comments #3
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2021-12-10 10:54:06 +00:00
Jerry Yu
d0fcf7f6a0
fix ci fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 18:45:51 +08:00
Minos Galanakis
3a77949c89
changelog: Addressed review comments #2
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2021-12-10 10:45:37 +00:00
Jerry Yu
a5563f6115
move position of base_key init
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 18:14:36 +08:00
Jerry Yu
b737f6a9be
move base_key init
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 17:55:59 +08:00
Gilles Peskine
fe051f6aab
Merge pull request #5297 from paul-elliott-arm/test_suite_cipher_returns
...
Add checked return to cipher setup in Cipher tests
2021-12-10 10:39:57 +01:00
Ronald Cron
9eab5a6f11
tests: TLS 1.3: Remove unnecessary test requirement
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 10:27:25 +01:00
Ronald Cron
574ace48d8
Remove unnecessary blank line
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 10:27:25 +01:00
Ronald Cron
ae93725ae8
tests: Make compat mode optional in script generating tests
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 10:27:07 +01:00
Minos Galanakis
ca14ab3c2e
changelog: Addressed review comments
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2021-12-10 09:21:37 +00:00
Jerry Yu
9c07473ebc
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 17:12:43 +08:00
Jerry Yu
d04fd35c06
Replace configs_enabled check with query_compile_time_config
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 16:31:04 +08:00
Jerry Yu
a15f3cc350
Add list_config into query_comile_time_config
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 16:31:01 +08:00
Jerry Yu
84e63a73cd
Add list_config generation
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 16:30:57 +08:00
Jerry Yu
bc8b22ecc8
fix tls13 test fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 15:54:38 +08:00
Jerry Yu
0cb2cf6cb4
fix build fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 14:23:37 +08:00
Jerry Yu
889b3b76da
fix clang build fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 12:57:45 +08:00
Jerry Yu
9817e3e621
fix generate check fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 12:47:03 +08:00
Jerry Yu
d05e1cec4b
fix build fail on check_*
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 12:47:03 +08:00
Jerry Yu
e6369b0061
fix test_cmake_as_package fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 12:47:03 +08:00
Jerry Yu
eb96fb508e
Add cmake generator
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 12:47:03 +08:00
Jerry Yu
6389b254c9
fix typos error
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 12:47:03 +08:00
Jerry Yu
cdcc55f46f
update test check strings
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 12:47:02 +08:00
Jerry Yu
e988f0f7a7
fix wrong typo
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 12:45:52 +08:00
Jerry Yu
e3b3412bc4
Add tests for enum helper
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 12:45:52 +08:00
Jerry Yu
e78ee99624
add enum value to string helpers
...
Only add helpers for enum in `ssl.h`.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 12:43:30 +08:00
Jerry Yu
4a2fa5d0aa
Move erase handshake secrets
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 10:37:14 +08:00