mbedtls

Author	SHA1	Message	Date
Andrzej Kurek	65ded569e0	Update raw key agreement test dependencies Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-04-06 11:26:39 -04:00
Andrzej Kurek	b3427823bd	Test failing raw_key_agreement in ssl mock tests Force a bitflip in server key to make the raw key agreement fail, and then verify that no key slots are left open at the end. Use a Weierstrass curve to have a high chance of failure upon encountering such bitflip. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-04-06 11:24:17 -04:00
Andrzej Kurek	74394a5c39	Add a group_list argument to mocked ssl tests This will be used to force a group list in certain tests Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-04-06 11:23:34 -04:00
Gilles Peskine	1c7c5969ea	Merge pull request #5683 from paul-elliott-arm/fix_pk_test Prevent free of uninitialised MPI variables	2022-04-04 17:51:49 +02:00
Gilles Peskine	c82f62e3a5	Merge pull request #4907 from gilles-peskine-arm/config-baremetal-size-3.0 Disable debugging features in the primary code size measurement job	2022-04-04 16:12:58 +02:00
Manuel Pégourié-Gonnard	de68e39ddf	Merge pull request #5568 from superna9999/5159-pk-rsa-verification PK: RSA verification	2022-04-04 11:23:33 +02:00
Ronald Cron	0e980e8e84	Merge pull request #5640 from ronald-cron-arm/version-negotiation-2 TLS 1.2/1.3 version negotiation - 2	2022-04-01 12:29:06 +02:00
Manuel Pégourié-Gonnard	33a9d61885	Merge pull request #5638 from paul-elliott-arm/ssl_cid_accessors Accessors to own CID within mbedtls_ssl_context	2022-04-01 11:36:00 +02:00
Manuel Pégourié-Gonnard	6a25159c69	Merge pull request #5648 from gabor-mezei-arm/5403_hkdf_use_internal_psa_implementations HKDF 2: use internal implementations in TLS 1.3	2022-04-01 11:15:29 +02:00
Paul Elliott	02758a51df	Add tls CID tests Add tests to test tls coneection id functionality, including the new 'own cid' accessor. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-03-31 19:21:41 +01:00
Ronald Cron	cbd7bfd30e	ssl-opt.sh: Force TLS 1.2 on server for TLS 1.2 specific tests Force TLS 1.2 on OpenSSL/GnuTLS server for TLS 1.2 specific tests. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 18:25:27 +02:00
Ronald Cron	634d865d80	ssl-opt.sh: Fix "no TLS 1.3 server support" test check Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 18:25:27 +02:00
Paul Elliott	ff59a34606	Prevent free of uninitialised variables In an error case it was possible for mbedtls_mpi variables to be free'd uninitialised. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-03-31 17:14:13 +01:00
Dave Rodgman	017a19997a	Update references to old Github organisation Replace references to ARMmbed organisation with the new org, Mbed-TLS, following project migration. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-03-31 14:43:16 +01:00
Ronald Cron	a980adf4ce	Merge pull request #5637 from ronald-cron-arm/version-negotiation-1 TLS 1.2/1.3 version negotiation - 1	2022-03-31 11:47:16 +02:00
Ronald Cron	37bdaab64f	tls: Simplify the logic of the config version check and test it Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 09:26:58 +02:00
Neil Armstrong	56d51274d8	Initialize PSA crypto in test_suite_pk for RSA verify tests Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-30 16:39:07 +02:00
Manuel Pégourié-Gonnard	3304f253d7	Merge pull request #5653 from paul-elliott-arm/handshake_over Add mbedtls_ssl_is_handshake_over()	2022-03-30 12:16:40 +02:00
Ronald Cron	3cec8e8864	tests: Init PSA crypto if TLS 1.3 is enabled Initialize PSA crypto in tests if TLS 1.3 is enabled as done when MBEDTLS_USE_PSA_CRYPTO is enabled. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-29 18:58:31 +02:00
Ronald Cron	a1b8f6e914	ssl-opt.sh: Do not force TLS 1.3 on client For TLS 1.3 tests, do not force TLS 1.3 version on client to play the negotiation game whenever possible. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-29 18:58:31 +02:00
Ronald Cron	f3b425bbde	ssl-opt.sh: Force TLS 1.2 on server To maximize the number of tests where MbedTLS client proposes both TLS 1.2 and TLS 1.3 to the server, force the TLS 1.2 version on the server side rather than on the client side in TLS 1.2 specific tests. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-29 18:58:31 +02:00
Ronald Cron	f660655b84	TLS: Allow hybrid TLS 1.2/1.3 in default configurations This implies that when both TLS 1.2 and TLS 1.3 are included in the build all the TLS 1.2 tests using the default configuration now go through a version negotiation on the client side. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-29 18:58:31 +02:00
Ronald Cron	e1d3f06399	Allow hybrid TLS 1.3 + TLS 1.2 configuration Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-29 18:58:31 +02:00
Ronald Cron	7320e6436b	ssl_tls12_client.c: Switch to generic Client Hello state handler Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-29 18:58:31 +02:00
Ronald Cron	27c85e743f	ssl_tls.c: Unify TLS 1.2 and TLS 1.3 SSL state logs Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-29 18:58:31 +02:00
Paul Elliott	571f1187b6	Merge pull request #5642 from mprse/ecp_export Add ECP keypair export function	2022-03-29 17:19:04 +01:00
Dave Rodgman	1c41501949	Merge pull request #5632 from tom-cosgrove-arm/seclib-667-sha512-acceleration-mbedtls-internal SECLIB-667: Accelerate SHA-512 with A64 crypto extensions	2022-03-29 15:34:12 +01:00
Ronald Cron	086ee0be0e	ssl_tls.c: Reject TLS 1.3 version configuration for server Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-29 14:42:17 +02:00
Ronald Cron	de1adee51a	Rename ssl_cli/srv.c Rename ssl_cli.c and ssl_srv.c to reflect the fact that they are TLS 1.2 specific now. Align there new names with the TLS 1.3 ones. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-29 14:39:49 +02:00
Ronald Cron	63d97ad0bb	Merge pull request #5559 from yuhaoth/pr/add-rsae-sha384-sha512 Add rsae sha384 sha512	2022-03-29 14:01:51 +02:00
Manuel Pégourié-Gonnard	39f2f73e69	Merge pull request #5630 from ronald-cron-arm/restore-full-compat-testing Restore full TLS compatibility testing	2022-03-28 18:31:17 +02:00
Ronald Cron	e44d8e7eea	Merge pull request #5369 from xkqian/add_2nd_client_hello Add 2nd client hello	2022-03-28 12:18:41 +02:00
XiaokangQian	5c252620c5	Move MAC-ALL to self._ciphs in ssl-opt.sh Change-Id: I60d29560f8937a0001ab4a30086bac255fc4b1eb Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-03-28 08:53:45 +00:00
Przemek Stekiel	6a478ef054	mbedtls_ecp_group_cmp: change names of parameters to more suitable Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-28 07:25:12 +02:00
XiaokangQian	2e17fb8c93	Change code base on comments Add all of the group pairs for hrr cases Re-order some parameters Change-Id: Id7e131d1ed4279bbd586613800df7bd87dfa4c54 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-03-28 03:30:05 +00:00
Gabor Mezei	ed6d6589b3	Use hash algoritm for parameter instead of HMAC To be compatible with the other functions `mbedtls_psa_hkdf_extract` and `mbedtls_psa_hkdf_expand` use hash algorithm for parameter. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-26 17:28:06 +01:00
Gabor Mezei	07732f7015	Translate from mbedtls_md_type_t to psa_algorithm_t Do the translation as early as possible from mbedtls_md_type_t to psa_algorithm_t. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-26 17:04:19 +01:00
Gabor Mezei	5d9a1fe9e9	PSA code depends on MBEDTLS_SSL_PROTO_TLS1_3 With TLS 1.3 support MBEDTLS_PSA_CRYPTO_C is enabled so PSA support is always enabled. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-26 15:47:15 +01:00
Ronald Cron	618955d381	compat.sh: Fix check for OpenSSL support If OpenSSL does not support a mode (tls12 or dtls12 or tls13) just skip the tests involving OpenSSL. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-25 16:50:18 +01:00
Ronald Cron	2c74ff629d	compat.sh: Restore full TLS compatibility testing Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-25 16:50:18 +01:00
XiaokangQian	a1931448f0	Update hrr test cases generation code without change class Change-Id: I38f620213bf5349d33ecad080538294633f85566 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-03-25 11:58:22 +00:00
XiaokangQian	eff93f947d	Rebase code to latest and solve conflicts Change-Id: Id89af63e5d63347f6365c87b2aed419cc31fe0d4 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-03-25 10:47:55 +00:00
XiaokangQian	8031ba7fbf	Update code base on comments Change run title Remove dedicate ciphersuite and sig alg Update test cases Change-Id: Ic0e9adf56062e744f7bafbc6bb562baeaafd89f0 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-03-25 09:27:53 +00:00
Manuel Pégourié-Gonnard	cefa904759	Merge pull request #5622 from paul-elliott-arm/timing_delay_accessor Accessor for mbedtls_timing_delay_context final delay	2022-03-25 09:14:41 +01:00
XiaokangQian	83f818811e	Update test cases in tls13-compat.sh Change-Id: I5e080b3343492dd80ede1305f95d4b5b98cd44a3 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-03-25 08:12:35 +00:00
XiaokangQian	68a87e4606	Remove the option r in generate_tls13_compat_tests.py Integrate two options into one Use one dedicate cipher suite TLS_AES_256_GCM_SHA384 Use on dedicate signature algorithm ecdsa_secp384r1_sha384 Change-Id: Icbe39b985e1942edc4b1e37ce3352eed4f316ab7 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-03-25 08:09:29 +00:00
XiaokangQian	20438976f9	Change comments and styles base on review Change-Id: Idde76114aba0a47b61355677dd33ea9de7deee9d Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-03-25 08:09:29 +00:00
XiaokangQian	af56fd3b9d	Disable some reported warnings in pylint Change-Id: Ia01e4a425f8b8d83be53d02885cf8ae4cbb20c98 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-03-25 08:08:01 +00:00
XiaokangQian	b9cd73f640	Fix errors from pylint Change-Id: I6cbbf8a0b0acedf651fada6ab54fa03dc4ad9cf5 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-03-25 08:06:57 +00:00
XiaokangQian	7069cbc8d5	generate all tls13 hrr test cases for compatible mode Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-03-25 08:06:08 +00:00

1 2 3 4 5 ...

6413 commits