yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
23875 commits 1 branch 0 tags 94 MiB
Commit graph

8346 commits

Author SHA1 Message Date
Przemek Stekiel
0c946e9aa9 Addapt jpake tests and add cases for set_user, set_peer 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-10 09:18:03 +01:00
Gilles Peskine
4da92832b0
Merge pull request #7117 from valeriosetti/issue6862 
driver-only ECDSA: enable ECDSA-based TLS 1.2 key exchanges
 2023-03-09 20:49:44 +01:00
Gilles Peskine
a25203c5f9
Merge pull request #7208 from paul-elliott-arm/interruptible_sign_hash_new_verify_tests 
Interruptible_{sign|verify}_hash: Add public key verification tests
 2023-03-09 20:48:13 +01:00
Dave Rodgman
bf4016e5d5
Merge pull request #6567 from mprse/ecjpake-driver-dispatch 2023-03-09 19:23:05 +00:00
Przemek Stekiel
b8eaf635ba Remove MBEDTLS_SHA256_C from PSA_WANT_ALG_JPAKE config and adapt test dependencies 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-09 12:14:26 +01:00
Manuel Pégourié-Gonnard
913d9bb921
Merge pull request #7162 from valeriosetti/issue7055 
Legacy MBEDTLS_PK_PARSE_C and MBEDTLS_PK_WRITE_C dependencies in test_suite_psa_crypto
 2023-03-08 17:07:19 +01:00
Valerio Setti
1470ce3eba fix typos 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-08 16:50:12 +01:00
Valerio Setti
2f081473b6 test: fix disparities in test_suite_ssl 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-08 16:47:28 +01:00
Valerio Setti
f84b7d5c21 test: enable ECDSA based key exchanges in driver coverage tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-08 16:47:28 +01:00
Manuel Pégourié-Gonnard
289e5baa83
Merge pull request #7082 from valeriosetti/issue6861 
driver-only ECDSA: add ssl-opt.sh testing with testing parity
 2023-03-08 16:45:38 +01:00
Valerio Setti
c0e7da55c5 test: removing remaning dependencies of PK_WRITE/PK_PARSE from test_suite_psa_crypto suites 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-08 11:03:09 +01:00
Valerio Setti
f9bc5b75f1 test: remove dependencies on PK_WRITE and PK_PARSE from test_suite_psa_crypto suites 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-08 11:03:09 +01:00
Valerio Setti
ccfad9ae0e ssl-opt: remove remaining redundant dependencies 
There were some dependencies that are now automatically satisfied by the
detect_required_features() function.

After this check there should be no redundant requirement for:
- requires_pk_alg "ECDSA"
- requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT
- requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-08 10:25:05 +01:00
Valerio Setti
3b2c02821e ssl-opt: return to previous debug level in test 
This was a leftover from some debug activity that unfortunately ended up
in previous commits.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-08 10:22:29 +01:00
Gilles Peskine
a2fc399f57
Merge pull request #6829 from AndrzejKurek/unify-psa-errors 
Unify PSA to Mbed TLS error translation
 2023-03-07 19:55:44 +01:00
Gilles Peskine
30fc999f43
Merge pull request #7164 from oberon-microsystems/fix-test-exported-length-edwards 
Fix expected export length for Edwards curves in test suite.
 2023-03-07 19:53:48 +01:00
Valerio Setti
213c4eae3a ssl-opt: enhance comment for get_tls_version() function 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-07 19:29:57 +01:00
Janos Follath
fe780a3c4b
Merge pull request #7184 from gabor-mezei-arm/6349_Secp224r1_fast_reduction 
Extract Secp224r1 fast reduction from the prototype
 2023-03-07 10:57:58 +00:00
Przemek Stekiel
4aa99403f4 Fix configuration for accelerated jpake 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-07 10:50:09 +01:00
Manuel Pégourié-Gonnard
a5ffa93e43
Merge pull request #7142 from mpg/driver-only-ecdh-starter 
Driver-only ECDH starter
 2023-03-07 09:14:38 +01:00
Paul Elliott
8c092052bd Add public key verification tests 
Add public key verification tests, and alter test intent comments to make it
obvious that verify_hash_interruptible can do public keys as well as private
and keypairs.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-03-06 17:49:14 +00:00
Manuel Pégourié-Gonnard
86393db84d Revert local experiment. 
This was never meant to be committed here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-06 16:19:05 +01:00
Valerio Setti
23e50b9042 ssl-opt: remove redundant ECDSA dependencies in TLS1.3 tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-06 14:48:39 +01:00
Manuel Pégourié-Gonnard
07d92620d4 Fix some message strings and comments in all.sh 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-06 13:38:55 +01:00
Manuel Pégourié-Gonnard
0d1f5be688 Add comment about shared config function 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-06 13:35:21 +01:00
Manuel Pégourié-Gonnard
228a30d16c
Merge pull request #7120 from mpg/md-light 
Define "MD light" subset of MD
 2023-03-06 11:02:19 +01:00
Dave Rodgman
4693fd9e9e
Merge pull request #7173 from daverodgman/zeroize-platform 
Use platform-provided secure zeroization
 2023-03-06 09:16:12 +00:00
Stephan Koch
6eb73113b1 Fix codestyle with uncrustify. 
Signed-off-by: Stephan Koch <koch@oberon.ch>
 2023-03-03 17:48:40 +01:00
Dave Rodgman
45cef61fa4
Merge branch 'development' into md-light 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-03 14:28:13 +00:00
Dave Rodgman
1f39a62ce6
Merge pull request #7151 from gilles-peskine-arm/psa-headers-alt 
Allow alternative names for overridable PSA headers
 2023-03-03 12:37:51 +00:00
Dave Rodgman
e11c1ceac9
Merge pull request #7200 from paul-elliott-arm/interruptible_sign_hash_fail_tests 
Enable all keys for interruptible op fail tests
 2023-03-03 11:51:57 +00:00
Andrzej Kurek
8a045ce5e6 Unify PSA to Mbed TLS error translation 
Move all error translation utilities to psa_util.c.
Introduce macros and functions to avoid having
a local copy of the error translating function in
each place.
Identify overlapping errors and introduce a
generic function.
Provide a single macro for all error translations
(unless one file needs a couple of different ones).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-03 05:23:44 -05:00
Dave Rodgman
05b80a4eee
Merge pull request #6201 from gilles-peskine-arm/tls13_only-renegotiation 
Disable MBEDTLS_SSL_RENEGOTIATION in TLS-1.3-only builds
 2023-03-03 09:56:51 +00:00
Dave Rodgman
e965c3c4bd
Merge pull request #7197 from daverodgman/armclang-sha-warning 
Enable -Werror in all.sh for armclang
 2023-03-03 09:01:41 +00:00
Valerio Setti
194e2bdb6a fix typos 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-02 17:18:10 +01:00
Paul Elliott
ddbc6ed6cd Enable all keys for interruptible op fail tests 
Due to a misunderstanding about the purpose of the test, I had limited this to
ECC keys only, however this defeats the purpose of the test, and left gaps in
test coverage.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-03-02 16:03:43 +00:00
Dave Rodgman
0fddf829d5 Add more detailed comment 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-02 15:32:12 +00:00
Gilles Peskine
57897b8d6a
Merge pull request #6493 from AndrzejKurek/pymod 
Use `config.py` as a module in `depends.py`
 2023-03-02 15:38:47 +01:00
Dave Rodgman
1c232a8311 Enable -Werror for armclang 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-02 13:39:04 +00:00
Dave Rodgman
2f386c55ff Disable MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT for armclang 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-02 13:38:33 +00:00
Gilles Peskine
136d25c416 Explicitly disable all DTLS options in tls13-only.h 
This makes no difference when starting from the default configuration. It
allows tls13-only.h to be used with other base configurations such as `full`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-01 19:49:58 +01:00
Gilles Peskine
7d3186d18a Disable MBEDTLS_SSL_RENEGOTIATION in tls13-only configuration 
There's no renegotiation in TLS 1.3, so this option should have no effect.
Insist on having it disabled, to avoid the risk of accidentally having
different behavior in TLS 1.3 if the option is enabled (as happened in
https://github.com/Mbed-TLS/mbedtls/issues/6200).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-01 19:47:23 +01:00
Dave Rodgman
f4385faa6f
Merge pull request #7188 from paul-elliott-arm/interruptible_sign_hash_complete_after_start_fail 
Interruptible {sign|verify} hash - Call complete() after start() failure.
 2023-03-01 17:18:08 +00:00
Paul Elliott
42585f678b
Merge pull request #7176 from paul-elliott-arm/interruptible_sign_hash_verify_test_improvements 
Interruptible {sign|verify} hash verification test improvements
 2023-03-01 15:00:45 +00:00
Paul Elliott
ebf2e38662
Merge pull request #7177 from paul-elliott-arm/interruptible_sign_hash_improve_num_ops_testing 
Interruptible sign hash improve num ops testing
 2023-03-01 14:59:44 +00:00
Paul Elliott
de7c31e082 Improve comment wording 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-03-01 14:43:52 +00:00
Przemek Stekiel
f5dcb8886a Rework pake input getters tests 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-01 12:28:21 +01:00
Gilles Peskine
1eae11565d
Merge pull request #6949 from bensze01/replace_pkcs7_fuzzer_tests 
Replace fuzzer-generated PKCS #7 memory management tests
 2023-03-01 10:46:22 +01:00
Paul Elliott
7c17308253 Add num_ops tests to sign and verify interruptible hash 
This is the only test usable for non-deterministic ECDSA, thus needs this
code path testing as well.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-28 17:23:29 +00:00
Paul Elliott
8359c14c14 Add hash corruption test to interruptible verify test 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-28 17:23:29 +00:00