Jerry Yu
c5aef88be6
tls13_only: guard ssl_{cli,srv}.c with TLS1_2
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
ab08290c09
tls13_only: skip tls12 tests.
...
TLS1.2 test depends on MBEDTLS_SSL_PROTO_TLS1_2. Skip
them if it is not set
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
8a497205cc
tls13_only: tls 1.3 suite pass
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
c10f6b4735
tls13_only: simple test pass
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
c3091b1c8c
tls13_only: compile pass
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
e0a6412d8d
tls13_only: check_config pass
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Paul Elliott
9c6a69274a
Merge pull request #5551 from gilles-peskine-arm/jinja-markupsafe-2.1-dependency
...
Require an older version of markupsafe for the sake of older Jinja2
2022-02-20 16:00:41 +00:00
Gilles Peskine
7b2804bb3b
Require an older version of markupsafe for the sake of older Jinja2
...
Jinja2 <3.0 require markupsafe <2.1.0, but does not declare this
requirement. (Jinja2 2.x has not been updated since markupsafe 2.1.0 came
out). So declare this requirement ourselves.
This is not ideal, since we would want to use the latest markupsafe with the
latest Jinja2. But at least it gives us a consistent set of versions to run
the CI with.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-19 20:38:29 +01:00
Thomas Daubney
5dcbc4d326
Changes name of iv_check to iv_len_validity
...
Commit changes name of check_iv to
iv_len_validity as this seems to better describe
its functionality.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-02-17 21:30:25 +00:00
Thomas Daubney
0bd08e7ac0
Initialise buffer before use
...
Commit initialises buf before it is used.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-02-17 21:30:25 +00:00
Gabor Mezei
cbe5ba500a
Add tests for mbedtls_psa_hkdf_expand
...
Add test cases which test psa_import_key and psa_mac_sign_setup
function call if they return error.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-17 17:01:49 +01:00
Andrzej Kurek
d70fa0e327
Restructure error handling in mbedtls_pk_verify_ext
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-17 10:51:15 -05:00
pespacek
3015148ae6
Improving readability
...
Signed-off-by: pespacek <peter.spacek@silabs.com>
2022-02-17 16:08:23 +01:00
Thomas Daubney
3a066ec999
Initialise iv buffer before use
...
Commit initialises the iv buffer before
it is passed to mbedtls_cipher_set_iv().
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-02-17 14:00:06 +00:00
Gabor Mezei
8e3602569b
Typo
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-17 11:50:02 +01:00
Manuel Pégourié-Gonnard
4fa604cc3b
Merge pull request #5511 from SiliconLabs/feature/PSEC-3195-PSA-test-suites-NOT-using-UID-0
...
feat: Update test_suite_psa_its to NOT use UID=0
2022-02-17 11:49:33 +01:00
Gilles Peskine
57b1ff39c2
Merge pull request #5377 from hanno-arm/ecp_add_mixed_fewer_mpis
...
Minor improvements to ECC arithmetic subroutines
2022-02-17 10:27:18 +01:00
Manuel Pégourié-Gonnard
3d1f8b9c00
Merge pull request #5532 from ronald-cron-arm/tls13_and_use_psa_crypto
...
Make TLS 1.3 compatible with MBEDTLS_USE_PSA_CRYPTO
2022-02-16 17:33:47 +01:00
Andrzej Kurek
59550537f0
Change signature_length type to size_t
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-16 07:46:42 -05:00
Andrzej Kurek
32048a6d92
pk_verify_ext: introduce more tests for signature length mismatches
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-16 06:17:00 -05:00
Andrzej Kurek
4a953cdd9f
pk: properly handle signatures in larger buffers when using PSA
...
As stated in function documentation.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-16 06:13:35 -05:00
Manuel Pégourié-Gonnard
6d2479516c
Merge pull request #5533 from paul-elliott-arm/fix_fuzz_privkey_null_ctx
...
Fix null context when using dummy_rand with mbedtls_pk_parse_key()
2022-02-16 09:55:01 +01:00
Paul Elliott
5d7e61fb61
Fix uninitialised return value.
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-02-15 16:05:17 +00:00
Gabor Mezei
d917081b8b
Typo
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-15 16:25:27 +01:00
Gabor Mezei
7381242748
Use PSA_INIT()
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-15 16:24:58 +01:00
Gabor Mezei
8d5a4cbfdb
Check return value of psa_destroy_key
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-15 16:23:17 +01:00
Gabor Mezei
833713c35c
Add better name for variable
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-15 16:16:08 +01:00
Andrzej Kurek
8666df6f18
Add signature length mismatch handling when using PSA in pk_verify_ext
...
Introduce a regression test for that too.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-15 08:23:02 -05:00
Andrzej Kurek
90ba2cbd0a
Cosmetic changes to return placement and variable naming
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-15 08:18:44 -05:00
Ronald Cron
a7a1deabf8
Merge pull request #5393 from gilles-peskine-arm/opt-testcases-outcomes-fix
...
Fix test suite name reporting of opt-testcases/tls13-compat.sh
2022-02-15 13:53:10 +01:00
Andrzej Kurek
853ad7bfcf
Use macros in tests for PSA init/deinit routines
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-15 07:13:03 -05:00
Manuel Pégourié-Gonnard
a1b506996d
Merge pull request #5526 from paul-elliott-arm/fix_fuzzer_null_ref
...
Ensure ctr_drbg is initialised every time in fuzz_server
2022-02-15 10:31:03 +01:00
Ronald Cron
b788c044b7
Use PSA status to Mbed TLS error code conversion function
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-02-15 09:14:15 +01:00
Manuel Pégourié-Gonnard
e14b644f4d
Merge pull request #5456 from mpg/cleanup-ecdh-psa
...
Cleanup PSA-based ECDHE in TLS 1.2
2022-02-15 09:09:07 +01:00
Przemyslaw Stekiel
0f5ecefbe9
Clean up the code
...
- remove redundant local buffer
- fix code style
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-15 08:53:36 +01:00
Przemyslaw Stekiel
4b3fff43a8
Destroy ecdh_psa_privkey on HRR
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-15 08:53:26 +01:00
Paul Elliott
a1dc3e5a60
Add safety to dummy_random in case of NULL context
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-02-14 18:26:21 +00:00
Przemyslaw Stekiel
169f115bf0
ssl_client2: init psa crypto for TLS 1.3 build
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-14 17:15:04 +01:00
lhuang04
86cacac91a
Port ALPN support for tls13 client from tls13-prototype
...
Summary:
Port ALPN implementation of tls13 client from
[tls13-prototype](https://github.com/hannestschofenig/mbedtls/blob/tls13-prototype/library/ssl_tls13_client.c#L1124 ).
Test Plan:
Reviewers:
Subscribers:
Tasks:
Tags:
Signed-off-by: lhuang04 <lhuang04@fb.com>
2022-02-14 08:03:32 -08:00
Paul Elliott
bb0168144e
Ensure valid context is used in fuzz_dtlsserver
...
A valid ctr_drbg context is now a prerequisite for using dummy_random()
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-02-14 15:57:11 +00:00
Ronald Cron
87829e5429
Fix documentation
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-02-14 16:31:33 +01:00
pespacek
a6e955e729
X.509: x509write_crt_set_key_identifier created
...
Function mbedtls_x509write_crt_set_key_identifier
was implemented to provide functionality of both
mbedtls_x509write_crt_set_authority_key_identifier
and
mbedtls_x509write_crt_set_subject_key_identifier.
Signed-off-by: pespacek <peter.spacek@silabs.com>
2022-02-14 15:20:57 +01:00
pespacek
a7a646986f
Improving readability
...
Signed-off-by: pespacek <peter.spacek@silabs.com>
2022-02-14 15:18:43 +01:00
pespacek
b9f07a79a7
Changing buffer size checks.
...
Signed-off-by: pespacek <peter.spacek@silabs.com>
2022-02-14 15:13:26 +01:00
pespacek
3110c7b340
Changing error codes.
...
Change from MBEDTLS_ERR_ERROR_GENERIC_ERROR
to MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED
where PSA crypto is used.
Signed-off-by: pespacek <peter.spacek@silabs.com>
2022-02-14 15:07:41 +01:00
PeterSpace
c2774a3ad4
Update library/psa_its_file.c
...
Signed-off-by: pespacek <peter.spacek@silabs.com>
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
2022-02-14 12:24:56 +01:00
Przemyslaw Stekiel
4f419e55a1
ssl_tls13_write_key_share_ext: initialize key_exchange_len (compiler warning)
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-14 10:19:53 +01:00
Przemyslaw Stekiel
c0824bfb11
Change mbedtls_ssl_tls13_key_schedule_stage_handshake() to use psa_raw_key_agreement()
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-14 10:19:45 +01:00
Przemyslaw Stekiel
6d6aabdb0d
Remove unused function: ssl_tls13_check_ecdh_params()
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-14 10:13:10 +01:00
Przemyslaw Stekiel
9e23ddb09d
Change ssl_tls13_read_public_ecdhe_share() to use PSA-specific parsing code.
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-14 10:13:00 +01:00