yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
22339 commits 1 branch 0 tags 94 MiB
Commit graph

7711 commits

Author SHA1 Message Date
Janos Follath
590ae5363d
Merge pull request #6656 from tom-cosgrove-arm/bignum_pr_6225-updated 
Bignum: add mod_raw_add
 2022-11-25 17:53:31 +00:00
Dave Rodgman
bf9b23abf8
Merge pull request #6648 from gilles-peskine-arm/psa-ecb-null-0 
Fix NULL+0 undefined behavior in PSA crypto ECB
 2022-11-25 17:07:46 +00:00
Bence Szépkúti
6e85673e8d
Merge pull request #3431 from naynajain/development-pkcs7 
PKCS7 Parser - RFC 2315
 2022-11-25 15:55:46 +01:00
Tom Cosgrove
ddad40b1de Free the modulus before the data in it in mod_raw_add tests 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-11-25 14:18:52 +00:00
Janos Follath
505a228b7b
Merge pull request #6606 from gabor-mezei-arm/6222_bignum_low_level_subtraction 
Bignum: Add low level subtraction
 2022-11-25 13:27:23 +00:00
Dave Rodgman
f1419dbbe8
Merge pull request #6381 from tom-cosgrove-arm/pr2164 
mbedtls: fix possible false success in mbedtls_cipher_check_tag()
 2022-11-25 10:55:10 +00:00
Bence Szépkúti
ae79fb2c2e Merge branch 'development' into pr3431 2022-11-25 03:12:43 +01:00
Gilles Peskine
4bdb9fbfa2 Enable all ciphers in OpenSSL >=1.1.0 
OpenSSL may be configured to support features such as cipher suites or
protocol versions that are disabled by default. Enable them all: we're
testing, we don't care about enabling insecure stuff. This is not needed
with the builds of OpenSSL that we're currently using on the Jenkins CI, but
it's needed with more recent versions such as typically found on developer
machines, and with future CI additions.

The syntax to do that was only introduced in OpenSSL 1.1.0; fortunately we
don't need to do anything special with earlier versions.

With OpenSSL 1.1.1f on Ubuntu 20.04, this allows SHA-1 in certificates,
which is still needed for a few test cases in ssl-opt.sh. Curiously, this is
also needed for the cipher suite TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 (and
no other, including other DHE-PSK or ARIA cipher suites).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-24 22:41:55 +01:00
Tom Cosgrove
50fc127a4e Change order of test arguments for bignum_mod_raw to simplify Python script 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-11-24 21:29:23 +00:00
Tom Cosgrove
54d87bf5c2 Take limb count from the modulus in mod_raw_add tests 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-11-24 16:22:38 +00:00
Werner Lewis
f907576245 Pass correct arguments in test 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-11-24 16:18:06 +00:00
Werner Lewis
baa34b6248 Add test function for mpi_mod_raw_add 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-11-24 16:18:06 +00:00
Gabor Mezei
cbcbf4e434
Remove hand-written tests got raw_mod_sub 
The generated tests cover all off the hand-written tests.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-11-24 11:48:59 +01:00
Gabor Mezei
b3b3466657
Test subtraction if the parameters are aliased to each other 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-11-23 14:44:14 +01:00
Gabor Mezei
4d3f3c5430
Fix the checking of the used limbs 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-11-23 14:44:14 +01:00
Gabor Mezei
68a45e0aaf
Fix potential not initialized warning 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-11-23 14:44:14 +01:00
Gabor Mezei
c426d9b6cc
Add generated test for low level subtraction with modulus 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-11-23 14:44:13 +01:00
Gabor Mezei
cefe03a10c
Add tests for low level subtraction with modulus 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-11-23 14:44:13 +01:00
Janos Follath
531a871b88
Merge pull request #6235 from tom-cosgrove-arm/issue-6231-core-sub-int 
Bignum: extract core_sub_int from the prototype
 2022-11-23 13:32:02 +00:00
Gilles Peskine
42649d9270 Fix NULL+0 undefined behavior in ECB encryption and decryption 
psa_cipher_encrypt() and psa_cipher_decrypt() sometimes add a zero offset to
a null pointer when the cipher does not use an IV. This is undefined
behavior, although it works as naively expected on most platforms. This
can cause a crash with modern Clang+ASan (depending on compiler optimizations).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-23 14:16:52 +01:00
Manuel Pégourié-Gonnard
ef25a99f20
Merge pull request #6533 from valeriosetti/issue5847 
Use PSA EC-JPAKE in TLS (1.2) - Part 2
 2022-11-23 13:27:30 +01:00
Ronald Cron
1d1d53622f
Merge pull request #6490 from xkqian/tls13_parse_early_data_indication_ee 
The internal CI merge job ran successfully.
 2022-11-23 12:31:25 +01:00
Ronald Cron
cb0e680779
Merge pull request #6476 from yuhaoth/pr/fix-tls13-mbedtls_ssl_is_handshake_over 
TLS 1.3: Fix tls13 mbedtls ssl is handshake over
 2022-11-23 12:12:02 +01:00
Ronald Cron
d8603a7b44
Merge pull request #6638 from ronald-cron-arm/tls13-misc 
TLS 1.3: Adjustments for the coming release
 2022-11-23 09:07:36 +01:00
Tom Cosgrove
d66d5b2fef Add unit tests for mbedtls_mpi_core_sub_int(), MPI A - scalar b 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-11-22 15:07:31 +00:00
Bence Szépkúti
a17d038ee1 Merge branch 'development' into pr3431 2022-11-22 15:54:52 +01:00
Janos Follath
0fc88779ec
Merge pull request #6632 from yanesca/refactor_bignum_test_framework 
Refactor bignum test framework
 2022-11-22 14:53:58 +00:00
Gilles Peskine
a08103aa94
Merge pull request #6611 from gilles-peskine-arm/run-test-suites-out-of-tree 
Fix run-test-suites.pl in out-of-tree builds
 2022-11-22 15:01:13 +01:00
Gilles Peskine
4f19d86e3f
Merge pull request #6608 from mprse/ecjpake_password_fix 
Make a copy of the password key in operation object while setting j-pake password
 2022-11-22 14:52:12 +01:00
Xiaokang Qian
8bee89994d Add parse function for early data in encrypted extentions 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-22 09:40:07 +00:00
Ronald Cron
c2e110f445 tls13: Disable MBEDTLS_SSL_EARLY_DATA by default 
Eventually we want it to be enabled by default
when TLS 1.3 is enabled but currently the
feature is on development thus it should not be
enabled by default.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-11-22 09:01:46 +01:00
Gilles Peskine
339406daf9
Merge pull request #6609 from gilles-peskine-arm/mpi_sint-min-ub 
Fix undefined behavior in bignum: NULL+0 and -most-negative-sint
 2022-11-21 19:51:58 +01:00
Gilles Peskine
8b85b4835e
Merge pull request #6617 from tom-cosgrove-arm/call-mbedtls_mpi_mod_modulus_init-first-final-2 
Must call mbedtls_mpi_mod_modulus_init() before anything else in tests
 2022-11-21 19:50:20 +01:00
Przemek Stekiel
f82effa982 Optimize pake test code 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-21 15:10:32 +01:00
Przemek Stekiel
cd356c3cdb Add ec-jpake test to verify if key can be destroyed after set_password_key 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-21 12:25:21 +01:00
Dave Rodgman
9e1836cc16
Merge pull request #6593 from Mbed-TLS/fix_tls12_sent_sigalgs 
Fix TLS1.2 signature algorithms list entry getting overwritten by length.
 2022-11-21 10:09:57 +00:00
Janos Follath
f45797652f Bignum tests: set unique combinations off by default 
Normally we need all the combinations, unique combinations make sense
only if the operation is commutative.

No changes to generated tests.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-11-21 08:56:14 +00:00
Janos Follath
351e6885f5 Make pylint happy 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-11-21 08:56:14 +00:00
Janos Follath
87df373e0e Bignum test: Move identical function to superclass 
No intended change in generated test cases.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-11-21 08:56:13 +00:00
Janos Follath
0cd8967ba1 Split test generator base class 
The class BaseTarget served two purposes:
- track test cases and target files for generation
- provide an abstract base class for individual test groups

Splitting these allows decoupling these two and to have further common
superclasses across targets.

No intended change in generated test cases.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-11-21 08:56:13 +00:00
Jerry Yu
dddd35ccf3 remvoe unrelative change 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-20 12:31:45 +08:00
Jerry Yu
a8d3c5048f Rename new session ticket name for TLS 1.3 
NewSessionTicket is different with TLS 1.2.
It should not share same state.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:35 +08:00
Jerry Yu
c5826eaba2 Add debug message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:35 +08:00
Jerry Yu
6969eee5d2 Remove Terminated message on 22.04 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:34 +08:00
Xiaokang Qian
4e83173bb7 Skip early data basic check temp 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-18 10:57:46 +00:00
Manuel Pégourié-Gonnard
ba7c006222
Merge pull request #6466 from mprse/driver-only-hash-ci 
Driver-only hashes: test coverage in the CI
 2022-11-18 09:31:13 +01:00
Paul Elliott
f6e342cae2 Add test for single signature alg with openssl 
Test supplied by Gilles Peskine. Also rename previous test to fit to
naming pattern.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-11-17 14:58:14 +00:00
Paul Elliott
3b4cedaa71 Add SSL_SRV requirement to test 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-11-17 14:58:14 +00:00
Andrzej Kurek
ec71b0937f Introduce a test for single signature algorithm correctness 
The value of the first sent signature algorithm is overwritten.
This test forces only a single algorithm to be sent and then
validates that the client received such algorithm.
04 03 is the expected value for SECP256R1_SHA256.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-11-17 14:58:14 +00:00
Ronald Cron
d12922a69a
Merge pull request #6486 from xkqian/tls13_add_early_data_indication 
The merge job of the internal CI ran successfully. This is good to go.
 2022-11-17 12:48:50 +01:00