yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
23419 commits 1 branch 0 tags 94 MiB
Commit graph

23419 commits

This branch
This branch
All branches
Author SHA1 Message Date
Janos Follath
04fa1a4054 Threat Model: fix copy paste 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-03-16 15:04:21 +00:00
Janos Follath
9118bf5791 Threat Model: adjust modality 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-03-14 15:43:24 +00:00
Janos Follath
ba75955cd8 Threat Model: remove references 
Remove references to scientific papers as they are too specific and
might be misleading.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-03-14 14:54:44 +00:00
Janos Follath
4317a9ef1f Threat Model: clarify stance on timing attacks 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-03-14 14:53:03 +00:00
Janos Follath
c51a413c47 Threat Model: improve wording and grammar 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-03-14 12:47:27 +00:00
Janos Follath
042e433eda Threat Model: clarify attack vectors 
Timing attacks can be launched by any of the main 3 attackers. Clarify
exactly how these are covered.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-03-08 20:07:59 +00:00
Janos Follath
d5a09400ae Threat Model: improve wording 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-03-08 19:58:29 +00:00
Janos Follath
3d377605f3 Threat Model: move the block cipher section 
The block cipher exception affects both remote and local timing attacks.
Move them to the Caveats section and reference it from both the local
and the remote attack section.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-03-08 16:58:01 +00:00
Janos Follath
ecaa293d32 Threat model: explain dangling countermeasures 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-03-08 16:38:07 +00:00
Janos Follath
fef82fd39b Threat Model: increase classification detail 
Originally for the sake of simplicity there was a single category for
software based attacks, namely timing side channel attacks.

Be more precise and categorise attacks as software based whether or not
they rely on physical information.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-03-08 16:10:39 +00:00
Janos Follath
9ec195c984 Threat Model: reorganise threat definitions 
Simplify organisation by placing threat definitions in their respective
sections.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-03-06 14:54:59 +00:00
Janos Follath
144dd7d2fa Threat Model: Miscellaneous clarifications 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-03-03 14:56:38 +00:00
Janos Follath
24792d0a33
Threat Model: Improve wording 
Signed-off-by: Janos Follath <janos.follath@arm.com>

Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-03 14:16:12 +00:00
Janos Follath
18d417340f Add Threat Model Summary 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-02-24 16:00:21 +00:00
Manuel Pégourié-Gonnard
718eb4f190
Merge pull request #7025 from AndrzejKurek/uri_san 
Add the uniformResourceIdentifier subtype for the subjectAltName
 2023-02-20 11:29:59 +01:00
Andrzej Kurek
81b0b89a34 Clarify comments on subjectAltName types 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-16 06:55:10 -05:00
Gilles Peskine
e2a9f86755
Merge pull request #6971 from gabor-mezei-arm/6026_Secp192r1_fast_reduction 
Extract Secp192r1 fast reduction from the prototype
 2023-02-15 16:22:36 +01:00
Manuel Pégourié-Gonnard
6778ddf657
Merge pull request #6549 from gilles-peskine-arm/psa-migration-md-cipher-strategy 
Dual-API hash dispatch strategy
 2023-02-15 12:50:13 +01:00
Gilles Peskine
edc6ae9578
Merge pull request #7090 from paul-elliott-arm/fix_iar_warnings_dev 
Fix IAR Warnings
 2023-02-14 20:01:00 +01:00
Gilles Peskine
c5e2a4fe67
Merge pull request #6937 from valeriosetti/issue6886 
Add test for PK parsing of keys using compressed points
 2023-02-14 19:54:29 +01:00
Gabor Mezei
0b4b8e3c5e
Update documentation 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-14 16:36:38 +01:00
Andrzej Kurek
570a0f808b Move to DER certificates for new x509 tests 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-14 05:52:49 -05:00
Dave Rodgman
319a5675db
Merge pull request #7084 from daverodgman/sizemax-uintmax 
Assume SIZE_MAX >= INT_MAX, UINT_MAX
 2023-02-14 10:06:22 +00:00
Manuel Pégourié-Gonnard
6b9503a32d
Merge pull request #7064 from valeriosetti/issue6860 
driver-only ECDSA: get testing parity in SSL
 2023-02-14 09:31:07 +01:00
Ronald Cron
70341c17b7
Merge pull request #6773 from yanrayw/6675-change-early_secrets-to-local 
TLS 1.3: Key Generation: Change tls13_early_secrets to local variable
 2023-02-14 09:03:32 +01:00
Paul Elliott
1748de160a Fix IAR Warnings 
IAR was warning that conditional execution could bypass initialisation of
variables, although those same variables were not used uninitialised.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-13 15:35:35 +00:00
Gabor Mezei
a264831cff
Update documentation and add comments 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-13 16:29:05 +01:00
Andrzej Kurek
3e8f65a7e2 Add a changelog entry for URI SAN parsing 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-13 10:21:20 -05:00
Andrzej Kurek
50836c4dfb Fix a comment in x509_crt.h 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-13 10:21:14 -05:00
Andrzej Kurek
4077372b98 Fix SHA requirement for SAN URI tests 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-13 10:18:17 -05:00
Andrzej Kurek
7a05fab716 Added the uniformResourceIdentifier subtype for the subjectAltName. 
Co-authored-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-13 10:03:07 -05:00
Valerio Setti
1b08d421a7 test: fix: replace CAN_ECDSA_SOME with CAN_ECDSA_SIGN+CAN_ECDSA_VERIFY when both are needed 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-13 15:35:37 +01:00
Valerio Setti
16f02e0196 test: adjust include after PK_CAN_ECDSA_SOME was moved 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-13 15:35:37 +01:00
Valerio Setti
d928aeb9ac test_suite_ssl: use new macros for ECDSA capabilities 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-13 15:35:37 +01:00
Valerio Setti
ed02bb1f95 test_suite_debug: replace ECDSA_C with new ECDSA macros 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-13 15:35:37 +01:00
Valerio Setti
5dc6867f7e test: don't skip debug and ssl suites in test parity for driver only ECDSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-13 15:35:37 +01:00
Manuel Pégourié-Gonnard
d3d8c852a0
Merge pull request #6997 from valeriosetti/issue6858 
driver-only ECDSA: get testing parity in X.509
 2023-02-13 15:30:06 +01:00
Gabor Mezei
5c9f401e47
Add more test cases 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-13 14:15:08 +01:00
Gabor Mezei
23d4b8baee
Add check for test 
Check the bit length of the output of p192_raw.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-13 14:13:33 +01:00
Gabor Mezei
a9d82dd0a2
Keep the description in one place, just refer it 
Delete the duplicated file description and refer to the original one
in generate_bignum_tests.py.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-13 14:10:23 +01:00
Valerio Setti
178b5bdddf pk: move MBEDTLS_PK_CAN_ECDSA_SOME macro to pk.h and fix tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-13 11:15:06 +01:00
Valerio Setti
a119cb64ef test: remove redundant ECDSA_C dependencies from test_suite_x509parse.data 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-13 09:54:49 +01:00
Manuel Pégourié-Gonnard
daa65956c3
Merge pull request #7046 from mpg/cleanup-md-tests 
Clean up MD tests
 2023-02-13 09:51:28 +01:00
Janos Follath
1e4abae73e
Merge pull request #7048 from KloolK/record-size-limit/extend-test-framework 
Extend test framework for Record Size Limit Extension
 2023-02-13 08:17:12 +00:00
Gilles Peskine
a9d39c42e9
Merge pull request #7085 from sergio-nsk/patch-1 
Fix unreachable code compiler warning in psa_crypto_driver_wrappers.c
 2023-02-12 23:56:32 +01:00
Dave Rodgman
641288bc1e Restore test guards 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-11 22:02:04 +00:00
Dave Rodgman
91e832168f Restore more test guards 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-11 20:07:43 +00:00
Dave Rodgman
a476363042 Restore more test guards 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-11 18:36:23 +00:00
Dave Rodgman
d26d7445b8 Restore guards on a couple of tests 
These tests check for failures, but can only fail where SIZE_MAX
exceeds some limit (UINT_MAX or UINT32_MAX) and do not fail
in this way otherwise - so guards are needed.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-11 17:22:03 +00:00
Sergey
c36c14c7af
Update psa_crypto_driver_wrappers.c.jinja 
Signed-off-by: Sergey <sergio_nsk@yahoo.de>
 2023-02-10 14:14:00 -07:00