yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
28995 commits 1 branch 0 tags 94 MiB
Commit graph

28995 commits

This branch
This branch
All branches
Author SHA1 Message Date
Yanray Wang
177e49ad7a tls13: srv: improve DEBUG_MSG in case of TLS 1.2 disabled 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-08 11:00:33 +08:00
Yanray Wang
408ba6f7b8 tls13: srv: replace with internal API to check is_tls12_enabled 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-08 11:00:30 +08:00
Pengyu Lv
abd844f379 Fix wrong format in the function doc 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
02e72f65da Reword return value description for mbedtls_ssl_tls13_is_kex_mode_supported 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
bc4aab7673 Add "_is_" to functions ssl_tls13_key_exchange_.*_available 
Done by command:

```
sed -i \
"s/ssl_tls13_key_exchange_\(.*\)_available/ssl_tls13_key_exchange_is_\1_available/g" \
library/*.[ch]
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
b2cfafbb9e Consistent renaming 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
2333b826f4 tls13: srv: rename mbedtls_ssl_tls13_check_kex_modes 
The function is renamed to
`mbedtls_ssl_tls13_is_kex_mode_supported` and
the behaviour is reversed.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
0a1ff2b969 Consistent renaming 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
4f537f73fa tls13: rename mbedtls_ssl_session_check_ticket_flags 
The function is renamed to mbedtls_ssl_session_ticket_has_flags.
Descriptions are added.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
d72e858fd1 tls13: srv: rename ssl_tls13_ticket_permission_check 
The function is renamed to
ssl_tls13_ticket_is_kex_mode_permitted

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:57 +08:00
Pengyu Lv
fc2cb9632b tls13: rename mbedtls_ssl_conf_tls13_check_kex_modes 
The function is renamed to
mbedtls_ssl_conf_tls13_is_kex_mode_enabled.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:57 +08:00
Pengyu Lv
60a22567e4 tls13: change return value of mbedtls_ssl_conf_tls13_check_kex_modes 
To keep the convention in TLS code, check functions should return 0
when check is successful.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:57 +08:00
Pengyu Lv
981ec14744 tls13: rename ssl_tls13_check_*_key_exchange functions 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:57 +08:00
Waleed Elmelegy
419f841511 Skip checking on maximum fragment length during handshake 
MbedTLS currently does not support maximum fragment length
during handshake so we skip it for now.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-12-07 18:33:42 +00:00
David Horstmann
64cd2f21ed Fix potential double-free in calloc selftest 
Where calloc returns two references to the same buffer, avoid calling
free() on both references by setting one to NULL.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-07 14:26:44 +00:00
Ryan Everett
177a45f556 Small clarifications in documentation 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:24:30 +00:00
Manuel Pégourié-Gonnard
b8c4254f44 Update cipher light -> block cipher definition 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-12-07 12:12:39 +01:00
Ryan Everett
204c852442 Move psa-thread-safety.md 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:05:37 +00:00
Ryan Everett
1e9733c6a8 Add graph 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:05:37 +00:00
Ryan Everett
9f06681cb4 Update psa-thread-safety.md 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:05:37 +00:00
Manuel Pégourié-Gonnard
303121eb16 Fix a typo 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-12-07 12:05:07 +01:00
Ronald Cron
90d07118ad
Merge pull request #6721 from yuhaoth/pr/tls13-early-data-extension-of-nst 
TLS 1.3: EarlyData SRV: Write `early_data` extension of NewSessionTicket
 2023-12-07 09:25:35 +00:00
Pengyu Lv
abeca020d8 Remove test_psa_crypto_config_accel_rsa_signature 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 17:25:15 +08:00
Pengyu Lv
98a90c6542 Fix various issue 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 17:23:25 +08:00
Xiaokang Qian
dce183f2e2 Remove the duplicate cases and add early_data_file option 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 09:22:38 +00:00
Xiaokang Qian
963468035d Add the test framework of early data 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 09:19:43 +00:00
Xiaokang Qian
daddfb520d Open the file once read in the file path 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 08:14:30 +00:00
Xiaokang Qian
864c62a906 Add one test case with early_data_file 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 06:11:38 +00:00
Xiaokang Qian
35c026c09e Read early data file 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 06:10:34 +00:00
Xiaokang Qian
dd8a7f8acf Revert the early data test case 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 03:58:05 +00:00
Xiaokang Qian
2a8035b495 Add read early data code 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 03:54:40 +00:00
Xiaokang Qian
57db590586 Rework to revert the early_data enabled flag 
We have two options for early data.
early_data to indicate early data enable or not.
early_data_file to provide path file to read early data from

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 03:29:22 +00:00
Pengyu Lv
3cd16c47bd Add analyze_driver_vs_reference_rsa for analyze_outcomes 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 10:24:29 +08:00
Pengyu Lv
9e976f3649 Conditionally check the attribute of generated RSA key 
`psa_get_key_attributes` depends on some built-in
implementation of RSA. Guard the check with coresponding
macros.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 10:22:35 +08:00
Pengyu Lv
f1cacad870 Correctly use asymmetric encrypt/decrypt driver 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 10:22:35 +08:00
Pengyu Lv
e705f572f9 Add components to test crypto_full w/wo accelerated RSA 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 10:22:03 +08:00
Gilles Peskine
f3ccfddb45
Merge pull request #8615 from davidhorstmann-arm/fix-cast-potential-overflow 
Fix possible integer overflows
 2023-12-07 00:42:10 +00:00
Dave Rodgman
779819a4dd
Merge pull request #8613 from bensze01/valgrind-only-in-nightlies 
Do not run Valgrind tests in PR jobs
 2023-12-06 19:18:24 +00:00
Gilles Peskine
42d78c73b7
Merge pull request #8550 from gabor-mezei-arm/tf_psa_crypto_change_log_support 
Modify changelog assembly to work with tf-psa-crypto
 2023-12-06 18:25:49 +00:00
Gilles Peskine
57e401b39f
Merge pull request #8521 from valeriosetti/issue8441 
[G4] Make CTR-DRBG fall back on PSA when AES not built in
 2023-12-06 18:25:44 +00:00
David Horstmann
4749007f64 Fix possible integer overflows before widening 
When calculating a result to go into an mbedtls_ms_time_t, make sure
that arithmetic is performed at the final size to prevent overflow.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-06 17:22:53 +00:00
Valerio Setti
202bb71dcd ssl_tls12_server: do not export/import opaque keys 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-06 17:05:24 +01:00
Waleed Elmelegy
9aec1c71f2 Add record size checking during handshake 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-12-06 15:18:15 +00:00
Jan Bruckner
f482dcc6c7 Comply with the received Record Size Limit extension 
Fixes #7010

Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2023-12-06 15:18:08 +00:00
Bence Szépkúti
0354d04d3c Do not run Valgrind tests in PR jobs 
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-12-06 16:14:37 +01:00
Valerio Setti
acd7bafcbb driver-only-build: update AEADs section 
Note: this section shouldn't actually be updated in #8357, but
rather in #8358 which is the wrapup related to cipher and AEADs
accelaration. As a consequence we start the AEAD section with
a disclaimer explaining that the information written there will
be updated soon by a follow up PR.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-06 15:17:12 +01:00
Manuel Pégourié-Gonnard
d9c69d12ac
Merge pull request #8513 from mschulz-at-hilscher/feature/explicitly-accessing-private-fields-in-benchmark 
Explicitly accessing private fields in benchmark
 2023-12-06 11:06:32 +00:00
Manuel Pégourié-Gonnard
ad4f0ada37
Merge pull request #8514 from mschulz-at-hilscher/fixes/uninitialized-variable-in-ssl_msg 
Fix uninitialized variable warnings in ssl_msg.c
 2023-12-06 11:06:03 +00:00
Valerio Setti
1e3fcc5692 config-tfm: fix typo in comment 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-06 11:56:08 +01:00
Valerio Setti
69402fd6a2 changelog: fix typos and working 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-06 11:32:10 +01:00