mbedtls

Author	SHA1	Message	Date
Paul Elliott	02758a51df	Add tls CID tests Add tests to test tls coneection id functionality, including the new 'own cid' accessor. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-03-31 19:21:41 +01:00
Manuel Pégourié-Gonnard	cefa904759	Merge pull request #5622 from paul-elliott-arm/timing_delay_accessor Accessor for mbedtls_timing_delay_context final delay	2022-03-25 09:14:41 +01:00
Paul Elliott	42d5e51a98	Make test function name more accurate Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-03-24 19:41:28 +00:00
Paul Elliott	b9af2db4cf	Add accessor for timing final delay Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-03-21 15:26:19 +00:00
Manuel Pégourié-Gonnard	f4042f076b	Merge pull request #5573 from superna9999/5176-5177-5178-5179-tsl-record-hmac TLS record HMAC	2022-03-21 11:36:44 +01:00
Neil Armstrong	8f92bf3a26	Only make PSA HMAC key exportable when NULL or CBC & not EtM in build_transforms() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 11:10:09 +01:00
Manuel Pégourié-Gonnard	8d4bc5eeb9	Merge pull request #5481 from gabor-mezei-arm/5401_implement_hkdf_extract_based_on_psa_hmac HKDF 1a: Implement Extract in TLS 1.3 based on PSA HMAC	2022-03-17 11:55:48 +01:00
Gabor Mezei	88f3b2e502	Update old style test function parameter handling Use data_t type for hex string parameters. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-16 16:53:23 +01:00
Manuel Pégourié-Gonnard	10e5cdbbbf	Merge pull request #5454 from gstrauss/cert_cb-user_data server certificate selection callback	2022-03-10 11:51:42 +01:00
Gilles Peskine	9c656ec718	Fix unused function warning Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-26 19:56:12 +01:00
Glenn Strauss	36872dbd0b	Provide means to reset handshake cert list Extend mbedtls_ssl_set_hs_own_cert() to reset handshake cert list if cert provided is null. Previously, mbedtls_ssl_set_hs_own_cert() only provided a way to append to the handshake certificate list, without providing a way to replace the handshake certificate list. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-25 19:55:48 -05:00
Neil Armstrong	e858996413	Use PSA version of mbedtls_ct_hmac() in mbedtls_ssl_decrypt_buf() Due to mbedtls_ct_hmac() implementation the decryption MAC key must be exportable. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:17:50 +01:00
Neil Armstrong	2968d306e4	Implement mbedtls_ct_hmac() using PSA hash API Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:50 +01:00
Neil Armstrong	cf8841a076	Remove non-PSA MAC keys in mbedtls_ssl_transform when MBEDTLS_USE_PSA_CRYPTO is defined Also remove last usage of non-PSA MAC keys in ssl_decrypt_non_etm_cbc() SSL test. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:49 +01:00
Neil Armstrong	4f091290bd	Remove Obsolete SSLs tests with truncated MAC tags & NULL/CBC cipher These tests are related to an obsolete feature removed from the library. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:49 +01:00
Neil Armstrong	f4cc062935	Setup MAC PSA keys in build_transforms() to pass ssl_crypt_record() with PSA crypto Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:49 +01:00
Neil Armstrong	46a1760922	Allow USE_PSA_CRYPTO for handshake TLS tests Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:49 +01:00
Gabor Mezei	4fded1359a	Use PSA_INIT() Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:47:24 +01:00
Gabor Mezei	5d7d201b87	Update test Testing the hash length in this context is not applicable because there is no way to specify it when calling mbedtls_psa_hkdf_extract. Change to test invalid `alg` parameter. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:33 +01:00
Gabor Mezei	ebc9368173	typo Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:44:51 +01:00
Gabor Mezei	298a2d6109	Use ASSERT_ALLOC Change the calloc functions to ASSERT_ALLOC to check the return value of calloc as well. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:43:52 +01:00
Gabor Mezei	62bf024025	Make the mbedtls_psa_hkdf_extract function more PSA compatible Change the return value to `psa_status_t`. Add `prk_size` and `prk_len` parameters. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:42:57 +01:00
Gabor Mezei	73cb6f54de	Add tests for mbedtls_psa_hkdf_extrct The tests are based on the the test of mbedtls_hkdf_extract. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:41:42 +01:00
Gilles Peskine	49d7ddf7f3	Serializing a context does not save the user data The user data is typically a pointer to a data structure or a handle which may no longer be valid after the session is restored. If the user data needs to be preserved, let the application do it. This way, it is a conscious decision for the application to save/restore either the pointer/handle itself or the object it refers to. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	80dae04f24	Make user_data fields private Add accessor functions. Add unit tests for the accessor functions. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	1255b0de98	Positive unit testing for SSL context version functions Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Paul Elliott	436b72690d	Merge pull request #5362 from yuhaoth/pr/enable-tls13-only-build TLS1.3:Enable tls13 only build	2022-02-21 11:22:37 +00:00
Jerry Yu	baa4934e7b	Add check tests Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	53d23e2c95	Guards tls_prf functions with TLS1_2 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Gabor Mezei	cbe5ba500a	Add tests for mbedtls_psa_hkdf_expand Add test cases which test psa_import_key and psa_mac_sign_setup function call if they return error. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-17 17:01:49 +01:00
Gabor Mezei	8e3602569b	Typo Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-17 11:50:02 +01:00
Gabor Mezei	d917081b8b	Typo Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-15 16:25:27 +01:00
Gabor Mezei	7381242748	Use PSA_INIT() Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-15 16:24:58 +01:00
Gabor Mezei	b35759ded8	Add tests for mbedtls_psa_hkdf_expand The tests are based on the test of mbedtls_hkdf_expand. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-10 10:57:24 +01:00
Przemyslaw Stekiel	5648d577a4	Optimize psa_cipher_encrypt_helper() Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-03 14:55:24 +01:00
Przemyslaw Stekiel	8c010eb467	Fix comments, code style, remove debug code Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-03 14:55:24 +01:00
Przemyslaw Stekiel	d66387f8fa	Init psa status to PSA_ERROR_CORRUPTION_DETECTED Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-03 09:16:41 +01:00
Przemyslaw Stekiel	f4facef9ba	Adapt ssl_decrypt_non_etm_cbc() test for psa crypto and remove redundant test cases Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-03 09:16:41 +01:00
Przemyslaw Stekiel	77aec8d181	Rename ssl_psa_status_to_mbedtls->psa_ssl_status_to_mbedtls Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 20:22:53 +01:00
Przemyslaw Stekiel	89dad93a78	Rename psa_status_to_mbedtls->ssl_psa_status_to_mbedtls and add conversion for PSA_ERROR_INVALID_SIGNATURE Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel	4a36dd3da6	ssl test ssl_decrypt_non_etm_cbc(): add missing ret check Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	f4ca3f0e52	ssl test build_transforms(): in psa mode distinguish encrypt/decrypt keys Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	f57b45660d	Rename tls_mbedtls_cipher_to_psa() to be consistent with function naming convention. New function name: mbedtls_ssl_cipher_to_psa(). Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	93cf4eea67	Adapt test_suite_ssl for psa crypto Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Andrzej Kurek	03e01461ad	Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO Fix library references, tests and programs. Testing is performed in the already present all.sh test. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-03 12:53:24 +01:00
Ronald Cron	6f135e1148	Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3 As we have now a minimal viable implementation of TLS 1.3, let's remove EXPERIMENTAL from the config option enabling it. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-10 13:47:55 +01:00
Paul Elliott	46a6c20d0c	Add checked returns to tests without them. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-12-09 18:16:13 +00:00
Xiaofei Bai	d25fab6f79	Update based on comments Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-12-02 06:36:27 +00:00
Xiaofei Bai	746f9481ea	Fix 1_3/13 usages in macros and function names Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-26 08:08:36 +00:00
Gilles Peskine	161d661d90	Merge pull request #5222 from paul-elliott-arm/fix_test_suite_ssl Fix test_suite_ssl compilation errors with GCC11	2021-11-25 22:02:43 +01:00

1 2 3 4 5

209 commits