Merge remote-tracking branch 'tls/development' into development
Resolve conflicts by performing the following operations: - Reject changes to files removed during the creation of Mbed Crypto from Mbed TLS. - Reject the addition of certificates that would not be used by any tests, including rejecting the addition of Makefile rules to generate these certificates. - Reject changes to error.c referencing modules that are not part of Mbed Crypto. * origin/development: (80 commits) Style fix Fix test data Update test data Add some negative test cases Fix minor issues Add ChangeLog entry about listing all SAN Remove unneeded whitespaces Fix mingw CI failures Initialize psa_crypto in ssl test Check that SAN is not malformed when parsing Documentation fixes Fix ChangeLog entry Fix missing tls version test failures Fix typo Fix ChangeLog entry location Add changeLog entry Add test for export keys functionality Add function to retrieve the tls_prf type Add tests for the public tls_prf API Add public API for tls_prf ...
This commit is contained in:
commit
3d07ffade2
11 changed files with 131 additions and 11 deletions
29
.gitignore
vendored
29
.gitignore
vendored
|
@ -1,8 +1,20 @@
|
|||
# Random seed file created by test scripts and sample programs
|
||||
seedfile
|
||||
|
||||
# CMake build artifacts:
|
||||
CMakeCache.txt
|
||||
CMakeFiles
|
||||
CTestTestfile.cmake
|
||||
cmake_install.cmake
|
||||
Testing
|
||||
# CMake generates *.dir/ folders for in-tree builds (used by MSVC projects), ignore all of those:
|
||||
*.dir/
|
||||
# MSVC files generated by CMake:
|
||||
/*.sln
|
||||
/*.vcxproj
|
||||
/*.filters
|
||||
|
||||
# Test coverage build artifacts:
|
||||
Coverage
|
||||
*.gcno
|
||||
*.gcda
|
||||
|
@ -10,11 +22,6 @@ Coverage
|
|||
# generated by scripts/memory.sh
|
||||
massif-*
|
||||
|
||||
# MSVC files generated by CMake:
|
||||
/*.sln
|
||||
/*.vcxproj
|
||||
/*.filters
|
||||
|
||||
# MSVC build artifacts:
|
||||
*.exe
|
||||
*.pdb
|
||||
|
@ -24,5 +31,13 @@ massif-*
|
|||
# Python build artifacts:
|
||||
*.pyc
|
||||
|
||||
# CMake generates *.dir/ folders for in-tree builds (used by MSVC projects), ignore all of those:
|
||||
*.dir/
|
||||
# Generated documentation:
|
||||
/apidoc
|
||||
|
||||
# Editor navigation files:
|
||||
/GPATH
|
||||
/GRTAGS
|
||||
/GSYMS
|
||||
/GTAGS
|
||||
/TAGS
|
||||
/tags
|
||||
|
|
3
.globalrc
Normal file
3
.globalrc
Normal file
|
@ -0,0 +1,3 @@
|
|||
default:\
|
||||
:langmap=c\:.c.h.function:\
|
||||
|
|
@ -84,8 +84,14 @@ set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE}
|
|||
# to the corresponding path in the source directory.
|
||||
function(link_to_source base_name)
|
||||
# Get OS dependent path to use in `execute_process`
|
||||
file(TO_NATIVE_PATH "${CMAKE_CURRENT_BINARY_DIR}/${base_name}" link)
|
||||
file(TO_NATIVE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/${base_name}" target)
|
||||
if (CMAKE_HOST_WIN32)
|
||||
#mklink is an internal command of cmd.exe it can only work with \
|
||||
string(REPLACE "/" "\\" link "${CMAKE_CURRENT_BINARY_DIR}/${base_name}")
|
||||
string(REPLACE "/" "\\" target "${CMAKE_CURRENT_SOURCE_DIR}/${base_name}")
|
||||
else()
|
||||
set(link "${CMAKE_CURRENT_BINARY_DIR}/${base_name}")
|
||||
set(target "${CMAKE_CURRENT_SOURCE_DIR}/${base_name}")
|
||||
endif()
|
||||
|
||||
if (NOT EXISTS ${link})
|
||||
if (CMAKE_HOST_UNIX)
|
||||
|
|
9
Makefile
9
Makefile
|
@ -116,3 +116,12 @@ apidoc:
|
|||
apidoc_clean:
|
||||
rm -rf apidoc
|
||||
endif
|
||||
|
||||
## Editor navigation files
|
||||
C_SOURCE_FILES = $(wildcard include/*/*.h library/*.[hc] programs/*/*.[hc] tests/suites/*.function)
|
||||
tags: $(C_SOURCE_FILES)
|
||||
ctags -o $@ $(C_SOURCE_FILES)
|
||||
TAGS: $(C_SOURCE_FILES)
|
||||
etags -o $@ $(C_SOURCE_FILES)
|
||||
GPATH GRTAGS GSYMS GTAGS: $(C_SOURCE_FILES)
|
||||
ls $(C_SOURCE_FILES) | gtags -f - --gtagsconf .globalrc
|
||||
|
|
|
@ -74,6 +74,12 @@ typedef enum {
|
|||
#define MBEDTLS_MD_MAX_SIZE 32 /* longest known is SHA256 or less */
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#define MBEDTLS_MD_MAX_BLOCK_SIZE 128
|
||||
#else
|
||||
#define MBEDTLS_MD_MAX_BLOCK_SIZE 64
|
||||
#endif
|
||||
|
||||
/**
|
||||
* Opaque struct defined in md_internal.h.
|
||||
*/
|
||||
|
|
|
@ -212,7 +212,10 @@
|
|||
* { iso(1) identified-organization(3) dod(6) internet(1)
|
||||
* private(4) enterprise(1) WiSUN(45605) FieldAreaNetwork(1) }
|
||||
*/
|
||||
#define MBEDTLS_OID_WISUN_FAN MBEDTLS_OID_INTERNET "\x04\x01\x82\xe4\x25\x01"
|
||||
#define MBEDTLS_OID_WISUN_FAN MBEDTLS_OID_INTERNET "\x04\x01\x82\xe4\x25\x01"
|
||||
|
||||
#define MBEDTLS_OID_ON MBEDTLS_OID_PKIX "\x08" /**< id-on OBJECT IDENTIFIER ::= { id-pkix 8 } */
|
||||
#define MBEDTLS_OID_ON_HW_MODULE_NAME MBEDTLS_OID_ON "\x04" /**< id-on-hardwareModuleName OBJECT IDENTIFIER ::= { id-on 4 } */
|
||||
|
||||
/*
|
||||
* PKCS definition OIDs
|
||||
|
@ -259,6 +262,8 @@
|
|||
|
||||
#define MBEDTLS_OID_DIGEST_ALG_SHA512 MBEDTLS_OID_NIST_ALG "\x02\x03" /**< id-mbedtls_sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 3 } */
|
||||
|
||||
#define MBEDTLS_OID_DIGEST_ALG_RIPEMD160 MBEDTLS_OID_TELETRUST "\x03\x02\x01" /**< id-ripemd160 OBJECT IDENTIFIER :: { iso(1) identified-organization(3) teletrust(36) algorithm(3) hashAlgorithm(2) ripemd160(1) } */
|
||||
|
||||
#define MBEDTLS_OID_HMAC_SHA1 MBEDTLS_OID_RSA_COMPANY "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */
|
||||
|
||||
#define MBEDTLS_OID_HMAC_SHA224 MBEDTLS_OID_RSA_COMPANY "\x02\x08" /**< id-hmacWithSHA224 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 8 } */
|
||||
|
|
|
@ -627,6 +627,12 @@ static const oid_md_alg_t oid_md_alg[] =
|
|||
MBEDTLS_MD_SHA512,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#if defined(MBEDTLS_RIPEMD160_C)
|
||||
{
|
||||
{ ADD_LEN( MBEDTLS_OID_DIGEST_ALG_RIPEMD160 ), "id-ripemd160", "RIPEMD-160" },
|
||||
MBEDTLS_MD_RIPEMD160,
|
||||
},
|
||||
#endif /* MBEDTLS_RIPEMD160_C */
|
||||
{
|
||||
{ NULL, 0, NULL, NULL },
|
||||
MBEDTLS_MD_NONE,
|
||||
|
|
|
@ -148,7 +148,8 @@ class AbiChecker(object):
|
|||
my_environment = os.environ.copy()
|
||||
my_environment["CFLAGS"] = "-g -Og"
|
||||
my_environment["SHARED"] = "1"
|
||||
my_environment["USE_CRYPTO_SUBMODULE"] = "1"
|
||||
if os.path.exists(os.path.join(git_worktree_path, "crypto")):
|
||||
my_environment["USE_CRYPTO_SUBMODULE"] = "1"
|
||||
make_output = subprocess.check_output(
|
||||
[self.make_command, "lib"],
|
||||
env=my_environment,
|
||||
|
|
|
@ -57,3 +57,35 @@ oid_get_x509_extension:"5533445566":0
|
|||
|
||||
OID get x509 extension - wrong oid - id-ce
|
||||
oid_get_x509_extension:"551D":0
|
||||
|
||||
OID hash id - id-md5
|
||||
depends_on:MBEDTLS_MD5_C
|
||||
oid_get_md_alg_id:"2A864886f70d0205":MBEDTLS_MD_MD5
|
||||
|
||||
OID hash id - id-sha1
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
oid_get_md_alg_id:"2b0e03021a":MBEDTLS_MD_SHA1
|
||||
|
||||
OID hash id - id-sha224
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
oid_get_md_alg_id:"608648016503040204":MBEDTLS_MD_SHA224
|
||||
|
||||
OID hash id - id-sha256
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
oid_get_md_alg_id:"608648016503040201":MBEDTLS_MD_SHA256
|
||||
|
||||
OID hash id - id-sha384
|
||||
depends_on:MBEDTLS_SHA512_C
|
||||
oid_get_md_alg_id:"608648016503040202":MBEDTLS_MD_SHA384
|
||||
|
||||
OID hash id - id-sha512
|
||||
depends_on:MBEDTLS_SHA512_C
|
||||
oid_get_md_alg_id:"608648016503040203":MBEDTLS_MD_SHA512
|
||||
|
||||
OID hash id - id-ripemd160
|
||||
depends_on:MBEDTLS_RIPEMD160_C
|
||||
oid_get_md_alg_id:"2b24030201":MBEDTLS_MD_RIPEMD160
|
||||
|
||||
OID hash id - invalid oid
|
||||
oid_get_md_alg_id:"2B864886f70d0204":-1
|
||||
|
||||
|
|
|
@ -28,6 +28,7 @@ void oid_get_certificate_policies( data_t *oid, char *result_str )
|
|||
}
|
||||
else
|
||||
{
|
||||
TEST_ASSERT( ret == 0 );
|
||||
TEST_ASSERT( strcmp( ( char* )desc, result_str ) == 0 );
|
||||
}
|
||||
}
|
||||
|
@ -51,6 +52,7 @@ void oid_get_extended_key_usage( data_t *oid, char *result_str )
|
|||
}
|
||||
else
|
||||
{
|
||||
TEST_ASSERT( ret == 0 );
|
||||
TEST_ASSERT( strcmp( ( char * )desc, result_str ) == 0 );
|
||||
}
|
||||
}
|
||||
|
@ -74,7 +76,34 @@ void oid_get_x509_extension( data_t *oid, int exp_type )
|
|||
}
|
||||
else
|
||||
{
|
||||
TEST_ASSERT( ret == 0 );
|
||||
TEST_ASSERT( ext_type == exp_type );
|
||||
}
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void oid_get_md_alg_id( data_t *oid, int exp_md_id )
|
||||
{
|
||||
mbedtls_asn1_buf md_oid = { 0, 0, NULL };
|
||||
int ret;
|
||||
mbedtls_md_type_t md_id = 0;
|
||||
|
||||
md_oid.tag = MBEDTLS_ASN1_OID;
|
||||
md_oid.p = oid->x;
|
||||
md_oid.len = oid->len;
|
||||
|
||||
ret = mbedtls_oid_get_md_alg( &md_oid, &md_id );
|
||||
|
||||
if( exp_md_id < 0 )
|
||||
{
|
||||
TEST_ASSERT( ret == MBEDTLS_ERR_OID_NOT_FOUND );
|
||||
TEST_ASSERT( md_id == 0);
|
||||
}
|
||||
else
|
||||
{
|
||||
TEST_ASSERT( ret == 0 );
|
||||
TEST_ASSERT( (mbedtls_md_type_t)exp_md_id == md_id );
|
||||
}
|
||||
}
|
||||
/* END_CASE */
|
||||
|
|
|
@ -258,6 +258,14 @@ RSA PKCS1 Sign #9 Verify (Invalid Digest type)
|
|||
depends_on:MBEDTLS_PKCS1_V15
|
||||
mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:255:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
|
||||
|
||||
RSA PKCS1 Sign #10 (RIPEMD160, 2048 bits RSA)
|
||||
depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_PKCS1_V15
|
||||
mbedtls_rsa_pkcs1_sign:"616263":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0
|
||||
|
||||
RSA PKCS1 Verify #10 (RIPEMD160, 2048 bits RSA)
|
||||
depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_PKCS1_V15
|
||||
mbedtls_rsa_pkcs1_verify:"616263":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0
|
||||
|
||||
RSA PKCS1 Encrypt #1
|
||||
depends_on:MBEDTLS_PKCS1_V15
|
||||
mbedtls_rsa_pkcs1_encrypt:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"b0c0b193ba4a5b4502bfacd1a9c2697da5510f3e3ab7274cf404418afd2c62c89b98d83bbc21c8c1bf1afe6d8bf40425e053e9c03e03a3be0edbe1eda073fade1cc286cc0305a493d98fe795634c3cad7feb513edb742d66d910c87d07f6b0055c3488bb262b5fd1ce8747af64801fb39d2d3a3e57086ffe55ab8d0a2ca86975629a0f85767a4990c532a7c2dab1647997ebb234d0b28a0008bfebfc905e7ba5b30b60566a5e0190417465efdbf549934b8f0c5c9f36b7c5b6373a47ae553ced0608a161b1b70dfa509375cf7a3598223a6d7b7a1d1a06ac74d345a9bb7c0e44c8388858a4f1d8115f2bd769ffa69020385fa286302c80e950f9e2751308666c":0
|
||||
|
|
Loading…
Reference in a new issue