yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
22019 commits 1 branch 0 tags 94 MiB
Commit graph

22019 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dave Rodgman
7c195160df Update documentation links 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-10-12 16:27:14 +01:00
Xiaokang Qian
997669aeeb Fix heap use-after-free corruption issue 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 14:30:27 +00:00
Xiaokang Qian
307a7303fd Rebase and replace session_negotiate 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:14:32 +00:00
Xiaokang Qian
baa4764d77 Fix typo issues 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian
8730644da1 Move ticket and hostname set code just after shallow-copy 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian
ed3afcd6c3 Fix various typo and macro guards issues 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian
ed0620cb13 Refine code base on comments 
Move code to proper macro guards protection
Fix typo issues

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian
03409290d2 Add MBEDTLS_SSL_SESSION_TICKETS guard to server name check 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian
d7adc374d3 Refine the server name compare logic 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian
a3b451f950 Adress kinds of comments base on review 
Rename function name to mbedtls_ssl_session_set_hostname
Add two extra check cases for server name
Fix some coding styles

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian
2f9efd3038 Address comments base on review 
Change function name to ssl_session_set_hostname()
Remove hostname_len
Change hostname to c_string
Update test cases to multi session tickets

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:49 +00:00
Xiaokang Qian
bc663a0461 Refine code based on commnets 
Change code layout
Change hostname_len type to size_t
Fix various issues

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:01 +00:00
Xiaokang Qian
adf84a4a8c Remove public api mbedtls_ssl_reset_hostname() 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:05:11 +00:00
Xiaokang Qian
fb8ac46add Change the name of servername when re-connect 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:03:44 +00:00
Xiaokang Qian
be98f96de2 Remove useless hostname check in server side 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:03:44 +00:00
Xiaokang Qian
6af2a6da74 Fix session save-load overflow issue 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:03:44 +00:00
Xiaokang Qian
ecd7528c7f Address some comments 
Hostname_len has at least one byte
Change structure serialized_session_tls13
Fix various issues

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:03:44 +00:00
Xiaokang Qian
281fd1bdd8 Add server name check when proposeing pre-share key 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:03:41 +00:00
Gilles Peskine
8fd3254cfc
Merge pull request #6374 from mprse/enc_types 
Test TLS 1.2 builds with each encryption type
 2022-10-12 12:45:50 +02:00
Ronald Cron
78317c832b
Merge pull request #6327 from yuhaoth/pr/tls13-psk-after-session-tickets 
TLS 1.3: PSK and NewSessionTicket: Add support for sending PSK and Ticket together.
 2022-10-12 12:39:51 +02:00
Przemek Stekiel
ea37bb2403 Add changelog entry 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-12 11:17:41 +02:00
Przemek Stekiel
ee1bb4145f Make sure that disabled features are not included in image and fix test config 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-12 10:15:59 +02:00
Gilles Peskine
fcee740b83 Automatically enable PK_PARSE for RSA in PSA 
PSA crypto currently needs MBEDTLS_PK_PARSE_C to parse RSA keys to do almost
anything with them (import, get attributes, export public from private, any
cryptographic operations). Force it on, for symmetry with what we're doing
for MBEDTLS_PK_WRITE_C. Fixes #6409.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-11 21:15:24 +02:00
Gilles Peskine
aef1ba679d Add build with a typical configuration for a PSA crypto service 
Disable non-crypto features that can't be called through the PSA API, as
well as algorithms that have no PSA interface.

This serves as a non-regression test for #6408 and #6409.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-11 21:09:21 +02:00
Gilles Peskine
fd94304f9d PSA RSA needs pk_write 
The PSA crypto code needs mbedtls_pk_write_key_der() and
mbedtls_pk_write_pubkey() when using RSA without drivers. We were already
forcing MBEDTLS_PK_WRITE_C when MBEDTLS_USE_PSA_CRYPTO is enabled. Do so
also when MBEDTLS_PSA_CRYPTO_C is enabled as well as MBEDTLS_RSA_C, even
without MBEDTLS_USE_PSA_CRYPTO. Fixes #6408.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-11 21:09:12 +02:00
Gilles Peskine
58e5d804ee test_suite_pk: Add missing dependencies on MBEDTLS_PEM_PARSE_C 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-11 20:57:38 +02:00
Gilles Peskine
d23d8dee24 test_suite_dhm: Add missing dependencies on MBEDTLS_PEM_PARSE_C 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-11 20:57:21 +02:00
Gilles Peskine
9624a5932e Add mbedtls_dhm_parse_dhmfile test case with DER input 
dh.optlen.der is the result of converting dh.optlen.pem from PEM to DER.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-11 20:52:34 +02:00
Janos Follath
301e866f55
Merge pull request #6398 from gilles-peskine-arm/bignum-mbedtls_test_read_mpi_core-char 
mbedtls_test_read_mpi_core: support an odd number of hex digits
 2022-10-11 15:08:06 +01:00
Jerry Yu
c79742303d Remove unnecessary empty line and fix format issue 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-11 21:22:33 +08:00
Manuel Pégourié-Gonnard
74b748dafe
Merge pull request #6401 from gilles-peskine-arm/config.py-python-version-development 
Add a note that config.py must remain compatible with Python 3.4
 2022-10-11 12:57:19 +02:00
Jerry Yu
22c18c1432 Add NULL check in prepare hello 
`session_negotiate` is used directly in `ssl_prepare_client_hello`
without NULL check. Add the check in the beggining to avoid segment
fault.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-11 18:07:19 +08:00
Jerry Yu
c2bfaf00d9 fix wrong typo 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-11 18:07:19 +08:00
Manuel Pégourié-Gonnard
ac6c67053d Print the list of failed suites in verbose mode 
In verbose mode, the full output of each failing suite is printed out,
which for some suites runs in the 1000s of lines. If you didn't redirect
output to a file, this is a lot to scroll and can make it hard to
quickly identify which test suites failed.

So, let's print out that information at the end. This is useful
information for starting to figure out what went wrong.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-10-11 10:48:32 +02:00
Przemek Stekiel
d61a4d3d1a Fix missing guard and double-space 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-11 09:40:40 +02:00
Gilles Peskine
b50e433b66 Test mbedtls_mpi_core_bitlen 
Copy the test data for mbedtls_mpi_bitlen except for 0-length and negative cases.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-10 23:03:47 +02:00
Gilles Peskine
e943283f2f More mbedtls_mpi_bitlen test cases 
* with leading zero limb
* with trailing zero limb
* negative

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-10 23:03:47 +02:00
Gilles Peskine
24baa81043 Improve mbedtls_mpi_bitlen test descriptions 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-10 23:03:47 +02:00
Gilles Peskine
c5772a194e mbedtls_test_read_mpi_core: allow odd number of hex digits 
Test functions must now take a char* argument rather than data_t*. This does
not affect existing test data.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-10 23:03:47 +02:00
Gilles Peskine
cf42536d4e Add a note that config.py must remain compatible with Python 3.4 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-10 22:52:30 +02:00
Asfandyar Orakzai
6eaa75a79d fixed docstring sentence 
Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>
 2022-10-10 19:55:40 +02:00
Janos Follath
1b5c85c75b
Merge pull request #6386 from gilles-peskine-arm/bignum-mbedtls_test_read_mpi_core 
Introduce mbedtls_test_read_mpi_core
 2022-10-10 15:14:46 +01:00
Jerry Yu
4f77ecf409 disable session resumption when ticket expired 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-10 22:10:08 +08:00
Jerry Yu
03aa174d7c Improve test message and title 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-10 21:48:37 +08:00
Jerry Yu
6916e70521 fix various issues 
- adjust guards. Remove duplicate guards and adjust format.
- Return success at function end. Not `ret`
- change input len

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-10 21:33:51 +08:00
Gabor Mezei
44ba2f6db9
Add more test cases 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-10-10 15:32:12 +02:00
Gabor Mezei
a67a1a3ebc
Remove the 'is_fail' parameter from the test functions 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-10-10 15:25:59 +02:00
Jerry Yu
21092062f3 Restrict cipher suite validation to TLS1.3 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-10 21:21:31 +08:00
Gabor Mezei
d7edb1d225
Initialize variable 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-10-10 14:32:09 +02:00
Gabor Mezei
e9c013c222
Handle if parameters are alised 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-10-10 14:26:57 +02:00