Andrzej Kurek
554b820747
Guard cache_timeout in ssl_server2 with MBEDTLS_HAVE_TIME
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 05:07:45 -05:00
Andrzej Kurek
469fa95cbc
Add the timing test dependency on MBEDTLS_HAVE_TIME
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 05:07:45 -05:00
Andrzej Kurek
6056e7af4f
Fix benchmark and udp_proxy dependency on MBEDTLS_HAVE_TIME
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 05:07:45 -05:00
Andrzej Kurek
09e803ce0d
Provide a dummy implementation of timing.c
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 05:07:45 -05:00
Andrzej Kurek
06a00afeec
Fix requirement mismatch in fuzz/common.c
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 05:07:45 -05:00
Andrzej Kurek
108bf520e0
Add a missing guard for time.h in net_sockets.c
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 05:07:45 -05:00
Andrzej Kurek
3475b26375
Add a changelog entry
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 05:07:45 -05:00
David Horstmann
61faf665e6
Use $PWD instead of $(pwd) for consistency
...
Change the new baremetal all.sh tests to use $PWD rather than
calling pwd again directly.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-03-04 05:07:45 -05:00
David Horstmann
ca53459bed
programs/fuzz: Remove superfluous MBEDTLS_HAVE_TIME
...
MBEDTLS_HAVE_TIME_ALT implies MBEDTLS_HAVE_TIME, so an extra
check for MBEDTLS_HAVE_TIME is not needed.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-03-04 05:07:45 -05:00
David Horstmann
4e0cc40d0f
programs/fuzz: Use build_info.h in common.h
...
Remove direct inclusion of mbedtls_config.h and replace with
build_info.h, as is the convention in Mbed TLS 3.0.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-03-04 05:07:45 -05:00
David Horstmann
5b9cb9e8ca
programs/test: fix build without MBEDTLS_HAVE_TIME
...
Allow programs/test/udp_proxy.c to build when MBEDTLS_HAVE_TIME is
not defined. In this case, do not attempt to seed the pseudo-random
number generator used to sometimes produce corrupt packets and other
erroneous data.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-03-04 05:07:45 -05:00
Daniel Axtens
814c8133c8
tests: add baremetal full config build
...
To be able to test utility programs for an absence of time.h, we need a
baremetal config that is not crypto only. Add one.
Signed-off-by: Daniel Axtens <dja@axtens.net>
2022-03-04 05:07:45 -05:00
Raoul Strackx
9ed9bc9377
programs/ssl: Fix compile errors when MBEDTLS_HAVE_TIME is not defined
...
Signed-off-by: Raoul Strackx <raoul.strackx@fortanix.com>
[dja: add some more fixes, tweak title]
Signed-off-by: Daniel Axtens <dja@axtens.net>
2022-03-04 05:07:45 -05:00
Daniel Axtens
446af202f6
tests: prevent inclusion of time.h in baremetal compiles
...
baremetal compiles should not include time.h, as MBEDTLS_HAVE_TIME is
undefined. To test this, provide an overriding include directory that
has a time.h which throws a meaningful error if included.
Signed-off-by: Daniel Axtens <dja@axtens.net>
2022-03-04 05:07:45 -05:00
Daniel Axtens
f071024bf8
Do not include time.h without MBEDTLS_HAVE_TIME
...
MBEDTLS_HAVE_TIME is documented as: "System has time.h and time()."
If that is not defined, do not attempt to include time.h.
A particular problem is platform-time.h, which should only be included if
MBEDTLS_HAVE_TIME is defined, which makes everything messier. Maybe it
should be refactored to have the check inside the header.
Signed-off-by: Daniel Axtens <dja@axtens.net>
2022-03-04 05:07:45 -05:00
Daniel Axtens
09e34b78ee
Add header guard around malloc(0) returning NULL implementation
...
Make it safe to import the config multiple times without having
multiple definition errors.
(This prevents errors in the fuzzers in a later patch.)
Signed-off-by: Daniel Axtens <dja@axtens.net>
2022-03-04 05:07:45 -05:00
Gilles Peskine
052deb941f
Merge pull request #5554 from tom-daubney-arm/fix_uninitialised_buffers_in_tests
...
Fix uninitialised buffers in tests - Coverity issue
2022-03-03 13:30:58 +01:00
Gilles Peskine
1f13e984ad
Merge pull request #5529 from superna9999/5514-translate-psa-errs-to-mbedtls
...
Rename, move and refine PSA to mbedtls PK errors mappings
2022-03-03 13:30:29 +01:00
Gilles Peskine
d929dbbb25
Merge pull request #5368 from mfil/feature/additional_md_getters
...
Add function to get message digest info from context
2022-03-02 16:44:26 +01:00
Gilles Peskine
5459a15863
Merge pull request #5365 from Tachi107/msvc-utf-8
...
build(msvc): always assume source files are in UTF-8
2022-03-02 16:42:33 +01:00
Gilles Peskine
e8c8300190
Merge pull request #5581 from superna9999/pk-move-rename-rsa-ec-key-sizes
...
Move max sizes of RSA & EC DER keys into public header
2022-03-02 16:41:53 +01:00
Gilles Peskine
a9b4c436ee
Merge pull request #5588 from gilles-peskine-arm/mypy-on-jenkins
...
Make mypy unconditional
2022-03-01 20:48:42 +01:00
Gilles Peskine
e356f075f5
Merge pull request #5512 from gilles-peskine-arm/psa-driver-interface-tweaks-202201
...
PSA driver description spec: minor tweaks to the JSON format
2022-03-01 20:46:14 +01:00
Gilles Peskine
92e08fba4c
Merge pull request #5475 from miudr/fix_issue_5140
...
Fix AEAD multipart incorrect offset in test_suite_psa_crypto.function
2022-03-01 20:45:54 +01:00
Dave Rodgman
2cf0d4f072
Merge pull request #5584 from gilles-peskine-arm/cmake-Wunused-function
...
Build tests with -Wunused-function with cmake
2022-03-01 19:17:16 +00:00
Paul Elliott
06898650f9
Merge pull request #5471 from yuhaoth/pr/add-tls13-client-certificate-verify
...
TLS1.3: Add write client Certificate and CertificateVerify
2022-03-01 18:42:00 +00:00
Neil Armstrong
19915c2c00
Rename error translation functions and move them to library/pk_wrap.*
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-01 15:21:02 +01:00
Neil Armstrong
0f49f83625
Use now shared ECP_PUB_DER_MAX_BYTES define in pk_wrap.c
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-01 10:05:33 +01:00
Neil Armstrong
e9ecd27890
Rename max sizes of RSA & EC DER keys defines
...
Rename to match the required pattern of defines:
'^(MBEDTLS|PSA)_[0-9A-Z_]*[0-9A-Z]$'
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-01 10:03:21 +01:00
Neil Armstrong
e0326a6acc
Move max sizes of RSA & EC DER keys into private pkwrite.h
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-01 09:58:58 +01:00
Gilles Peskine
5831b4fd77
Merge pull request #5372 from AndrzejKurek/doxygen-fixes-compact-doxyfile
...
Remove default values and comments from mbedtls.doxyfile
2022-02-28 23:49:15 +01:00
Gilles Peskine
f48bd4bccb
Merge pull request #5371 from AndrzejKurek/doxygen-duplicate-parameter-docs
...
doxygen: merge multiple descriptions of the same return codes
2022-02-28 17:09:45 +01:00
Gilles Peskine
0037fcd6c7
Merge pull request #4910 from gilles-peskine-arm/check_config-chachapoly-development
...
Add check_config checks for AEAD
2022-02-28 17:07:48 +01:00
Gilles Peskine
254efe5f0c
Make mypy unconditional
...
Running mypy was optional for a transition period when it wasn't installed
on the CI. Now that it is, make it mandatory, to avoid silently skipping an
expected check if mypy doesn't work for some reason.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-28 16:06:36 +01:00
Gilles Peskine
9c656ec718
Fix unused function warning
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-26 19:56:12 +01:00
Gilles Peskine
d5438a5678
Enable -Wunused-function in cmake builds for tests
...
This has been the case when building with make since
d3d8a64dfa
. Be consistent.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-26 19:54:41 +01:00
Gilles Peskine
9a34b60a99
Merge pull request #5576 from AndrzejKurek/raw-key-agreement-destroy-missing
...
Add missing key destruction calls in ssl_write_client_key_exchange
2022-02-25 13:34:08 +01:00
Andrzej Kurek
a0237f86d3
Add missing key destruction calls in ssl_write_client_key_exchange
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-25 04:36:40 -05:00
Andrea Pappacoda
9202909d07
build(msvc): always assume source files are in UTF-8
...
Fixes https://github.com/ARMmbed/mbedtls/issues/4205
Signed-off-by: Andrea Pappacoda <andrea@pappacoda.it>
2022-02-23 23:13:09 +01:00
Jerry Yu
71f36f1d2e
change alert message type
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-23 17:34:29 +08:00
Jerry Yu
0b7b101b3b
fix warnings
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-23 12:26:48 +08:00
Jerry Yu
2ff6ba1df0
Remove rsa_pss_rsae_sha256 support.
...
Sign rsa is not thread safe. Remove it from current code.
And a thread-safe version should be re-introduce in future.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-23 10:38:25 +08:00
Neil Armstrong
3f9cef4547
Remove actual and use new PSA to mbedtls PK errors mapping functions
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-22 15:44:39 +01:00
Neil Armstrong
ea761963c5
Add specialized PSA to mbedtls PK/RSA error mapping function
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-22 14:37:00 +01:00
Neil Armstrong
cd501f406e
Add specialized PSA to mbedtls PK/ECDSA error mapping function
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-22 14:37:00 +01:00
Neil Armstrong
a3fdfb4925
Introduce new PSA to mbedtls PK error mapping function
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-22 14:37:00 +01:00
Jerry Yu
ccb005e35f
fix missing feedback address
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 17:38:34 +08:00
Jerry Yu
782720787f
Refactor write_certificate_verify
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:28:13 +08:00
Jerry Yu
819f29730a
fix various issues in ssl-opt
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
2124d05e06
Add sha384 and sha512 case
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00