Gilles Peskine
7a715c4537
Fix the build with gcc-12 -Wuse-after-free
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-21 13:42:40 +01:00
Jerry Yu
713ce1f889
various improvement
...
- improve change log entry
- improve comments
- remove unnecessary statement
- change type of client_age
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:25 +08:00
Jerry Yu
cf9135100e
fix various issues
...
- fix CI failure due to wrong usage of ticket_lifetime
- Improve document and comments
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:19 +08:00
Jerry Yu
25ba4d40ef
rename ticket_creation
to ticket_creation_time
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:19 +08:00
Jerry Yu
3ff0b1fda3
Cleanup ticket negative tests.
...
- improve comments
- case 3/4 is for server age check.
- case 5/6 is for client age check
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Jerry Yu
ec6d07870d
Replace start
with ticket_creation
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Jerry Yu
f16efbc78d
fix various issues
...
- Add comments for ticket test hooks
- improve code style.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Jerry Yu
cebffc3446
change time unit of ticket to milliseconds
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Gilles Peskine
6267dd59c8
Merge pull request #8463 from gilles-peskine-arm/metatest-create
...
Create a metatest program
2023-11-20 14:07:08 +00:00
Thomas Daubney
dd2a09a22b
Introduce demo script for PSA hash program
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-16 18:45:55 +00:00
Matthias Schulz
70595f7983
Explicitly indicating when private fields are accessed in benchmark.c.
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-16 17:43:58 +01:00
Matthias Schulz
3b9240bbd0
Alternative Timing compatible benchmark.c
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-16 17:39:43 +01:00
Matthias Schulz
aa7dffa24a
Add benchmark for RSA 3072.
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-16 15:31:32 +01:00
Gilles Peskine
2f40cc05f0
Improve explanations of what bad thing a metatest does
...
Especially clarify the situation with respect to mutex usage.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-16 15:13:38 +01:00
Gilles Peskine
ad2a17eb60
Uniformly use MBEDTLS_THREADING_C guards
...
Since the code compiles with MBEDTLS_THREADING_C, not just with
MBEDTLS_THREADING_PTHREAD, use MBEDTLS_THREADING_C as the guard. The runtime
behavior is only as desired under certain conditions that imply
MBEDTLS_THREADING_PTHREAD, but that's fine: no metatest is expected to pass
in all scenarios, only under specific build- and run-time conditions.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-16 15:09:48 +01:00
Manuel Pégourié-Gonnard
752dd39a69
Merge pull request #8508 from valeriosetti/issue6323
...
[G3] Driver-only cipher+aead: TLS: ssl-opt.sh
2023-11-14 11:39:06 +00:00
Gilles Peskine
cce0012463
Add documentation
...
Explain the goals of metatests, how to write them, and how to read their
output.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-10 15:36:15 +01:00
Gilles Peskine
ccb121500d
Uninitialized read: make the pointer non-volatile rather than the buffer
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-10 11:35:36 +01:00
Gilles Peskine
da6e7a2ac2
More consistent usage of volatile
...
Fix MSVC warning C4090.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-10 10:09:27 +01:00
Valerio Setti
38e75fb1a7
ssl_server2: remove usage of mbedtls_cipher_info_from_string()
...
This removes the dependency from cipher module and legacy key/modes
symbols which are used in cipher_wrap.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:27:39 +01:00
Gilles Peskine
d2fa698155
Strengthen against possible compiler optimizations
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-09 21:46:24 +01:00
Yanray Wang
0751761b49
max_early_data_size: rename configuration function
...
Rename mbedtls_ssl_tls13_conf_max_early_data_size as
mbedtls_ssl_conf_max_early_data_size since in the future
this may not be specific to TLS 1.3.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-07 11:49:34 +08:00
Yanray Wang
d5ed36ff24
early data: rename configuration function
...
Rename mbedtls_ssl_tls13_conf_early_data as
mbedtls_ssl_conf_early_data since in the future this may not be
specific to TLS 1.3.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-07 11:49:24 +08:00
Gilles Peskine
a1023e2bd6
programs/test/metatest indirectly includes library/common.h
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:19 +01:00
Gilles Peskine
4bc873f0a1
Add missing program to .gitignore
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:19 +01:00
Gilles Peskine
102aea2ba8
Add metatests for mutex usage
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:19 +01:00
Gilles Peskine
f0d5cf9a0c
Don't use %llx in printf
...
We still do MinGW builds on our CI whose printf doesn't support it!
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:19 +01:00
Gilles Peskine
a1dfa14c06
Fix cast from pointer to integer of different size
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:19 +01:00
Gilles Peskine
ee8109541a
Don't cast a function pointer to a data pointer
...
That's nonstandard. Instead, convert to an integer.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:19 +01:00
Gilles Peskine
6aa9f32124
Use casts when doing nonstandard pointer conversions
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:19 +01:00
Gilles Peskine
69e8db0366
Strengthen against Clang optimizations
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:19 +01:00
Gilles Peskine
b0f0a64de0
Metatests for basic Asan and Msan features
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:19 +01:00
Gilles Peskine
80ba832be6
Metatests for null pointer dereference
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:09 +01:00
Gilles Peskine
f309fbf0d5
Validate that test_fail causes a test failure
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:09 +01:00
Gilles Peskine
33406b645d
Add a metatest program
...
This program can be used to validate that things that should be detected as
test failures are indeed caught, either by setting the test result to
MBEDTLS_TEST_RESULT_FAILED or by aborting the program.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:09 +01:00
Yanray Wang
f24bbd987a
dh_client.c: modify prompt message
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-06 10:02:10 +08:00
Gilles Peskine
8b6b41f6cd
Merge pull request #8434 from valeriosetti/issue8407
...
[G2] Make TLS work without Cipher
2023-11-04 15:05:00 +00:00
Dave Rodgman
f8be5f6ade
Fix overlooked files
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 20:43:00 +00:00
Dave Rodgman
16799db69a
update headers
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
Valerio Setti
74d48c89fa
ssl_server2: small improvement of code readability
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-02 16:43:55 +01:00
Yanray Wang
b67b47425e
Rename MBEDTLS_CIPHER_ENCRYPT_ONLY as MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-10-31 17:22:06 +08:00
Paul Elliott
afc6a992c5
Merge pull request #8381 from gilles-peskine-arm/20231017-misc-cleanup
...
Cleanups in test code
2023-10-30 18:08:01 +00:00
Valerio Setti
dc55470341
ssl_context_info: add guards for CIPHER_C
...
mbedtls_cipher_info_from_type() is only available when CIPHER_C is
defined. So when it is not we just print the cipher type decimal
value on the output instead of the cipher's name.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:36:32 +01:00
Valerio Setti
bdf04e840a
ssl_server2: support ticket_aead only when CIPHER_C is defined
...
Cipher parsing requires mbedtls_cipher_info_from_string() which
depends on CIPHER_C.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:36:32 +01:00
Gilles Peskine
5d055f8206
Merge pull request #7844 from mpg/ssl-progs-usage
...
Fix usage & error reporting in SSL programs
2023-10-26 08:19:25 +00:00
Gilles Peskine
0ea1b8fe8c
Merge pull request #7982 from gilles-peskine-arm/sample_program_demo_scripts-3.4
...
Run sample program demo scripts in all.sh
2023-10-18 10:03:52 +00:00
Gilles Peskine
62418dd20b
Merge pull request #8350 from waleed-elmelegy-arm/fix-null-dereference-in-x509-cert-write
...
Fix possible NULL dereference issue in X509 cert_write program
2023-10-18 10:03:36 +00:00
Paul Elliott
d44ee9e6d1
Merge pull request #8351 from waleed-elmelegy-arm/fix-null-dereference-in-x509-cert-req
...
Fix possible NULL dereference issue in X509 cert_req program
2023-10-18 09:01:31 +00:00
Gilles Peskine
a0e810de4b
Convey that it's ok for mbedtls_ssl_session_save to fail
...
mbedtls_ssl_session_save() always outputs the output length, even on error.
Here, we're only calling it to get the needed output length, so it's ok to
ignore the return value. Convey this to linters.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-17 16:04:27 +02:00
David Horstmann
9534dfd15b
Reword error message on format of SAN arguments
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-10-17 14:59:31 +01:00
David Horstmann
4a493b267f
Reword error message on format of SAN arguments
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-10-17 14:57:23 +01:00
Yanray Wang
aa01ee303a
Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only
2023-10-16 17:38:32 +08:00
Gilles Peskine
28b56335bb
Merge pull request #7942 from tom-daubney-arm/psa_crypto_example_hash
...
Add example program for PSA hash
2023-10-13 15:22:58 +00:00
Waleed Elmelegy
5867465e90
Fix code style issue in cert_write program
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-10-13 10:03:12 +01:00
Waleed Elmelegy
eade3fedb2
Fix code style issue in cert_req program
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-10-13 09:59:19 +01:00
Waleed Elmelegy
ac97af223e
Fix possible NULL dereference issue in X509 cert_req program
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-10-12 15:46:06 +01:00
Waleed Elmelegy
1444c0eb20
Add changelog entry for x509 cert_write null dereference fix
...
Also fix a typo in cert_write.c
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-10-12 14:31:06 +01:00
Waleed Elmelegy
476c1198e8
Fix possible NULL dereference issue in X509 cert_write program
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-10-12 14:19:25 +01:00
Thomas Daubney
2e67781e93
Alter program layout for better clarity
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-10-12 10:46:43 +01:00
Thomas Daubney
a21c972941
Remove extra blank line
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-10-11 17:17:32 +01:00
Thomas Daubney
d8453bb184
Remove superfluous comment
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-10-11 15:29:02 +01:00
Thomas Daubney
cd79f77439
Add missing newline
...
Newline character was missing from end of print
statement.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-10-11 15:28:13 +01:00
Thomas Daubney
1c2378b8b1
Add variable for message length
...
Add variable to store message length to increase
clarity in what the program is doing.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-10-11 15:19:38 +01:00
Tom Cosgrove
3c1cdc9061
Merge pull request #8185 from yanrayw/aes_benchmark_cfb
...
Benchmark: add AES_CFB128 and AES_CFB8
2023-10-11 09:48:27 +00:00
Thomas Daubney
34500874ce
Remove trailing white space in documentation
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-10-11 10:04:54 +01:00
Thomas Daubney
760538885a
Inform user when unknown hash algorithm supplied
...
Excplictly inform the user that their hash algorithm
selection is invalid.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-10-10 17:38:53 +01:00
Thomas Daubney
86f9795b00
Update documentation
...
Add further information about PSA hashing to the
comment at the beginning of the code.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-10-10 16:50:49 +01:00
Yanray Wang
5cae6e8ddd
benchmark: improve code readability
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-10-09 18:40:19 +08:00
Thomas Daubney
540324cd21
Correct styling of Mbed TLS in documentation
...
Several bits of documentation were incorrectly styling Mbed TLS
as MbedTLS.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-10-06 17:07:24 +01:00
David Horstmann
6c979856c3
Remove generated files in all cmake_as_x tests
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-09-28 11:30:43 +01:00
Minos Galanakis
a8b02ef79b
pkey-random: Removed setting mbedtls_target in libs
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-09-25 14:12:22 +01:00
Minos Galanakis
7f8e8c5ae2
program-random: Updated Cmake libs variable
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-09-25 14:12:22 +01:00
Minos Galanakis
ce33e7b22d
pkey Cmakelists: Updated the set libs to be consistent with others.
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-09-25 14:12:22 +01:00
Minos Galanakis
e13775dedb
fuzzer Makefile: Added -lbcrypt linkage
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-09-25 14:12:21 +01:00
Minos Galanakis
b8d6b82df4
programs: Cleaned up bcrypt linking refererences.
...
bcrypt is added to the cmake `libs` dependency at library\CMakeLists.txt
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-09-25 14:12:21 +01:00
Simon Butcher
1c0c5d2a62
Fix for building programs with mingw
...
mingw build files were missing the dependency on the bcrypt library
Signed-off-by: Simon Butcher <simon.butcher@arm.com>
2023-09-25 14:12:20 +01:00
Simon Butcher
33425de128
Correct check for WIN32 in cmake files for programs
...
Condition was checking for Visual Studio, not use of WIN32
Signed-off-by: Simon Butcher <simon.butcher@arm.com>
2023-09-25 14:12:20 +01:00
Kevin Kane
0ec1e68548
Replace Windows APIs that are banned in Windows Store apps
...
CryptGenRandom and lstrlenW are not permitted in Windows Store apps,
meaning apps that use mbedTLS can't ship in the Windows Store.
Instead, use BCryptGenRandom and wcslen, respectively, which are
permitted.
Also make sure conversions between size_t, ULONG, and int are
always done safely; on a 64-bit platform, these types are different
sizes.
Also suppress macro redefinition warning for intsafe.h:
Visual Studio 2010 and earlier generates C4005 when including both
<intsafe.h> and <stdint.h> because a number of <TYPE>_MAX constants
are redefined. This is fixed in later versions of Visual Studio.
The constants are guaranteed to be the same between both files,
however, so we can safely suppress the warning when including
intsafe.h.
Signed-off-by: Kevin Kane <kkane@microsoft.com>
2023-09-25 14:12:20 +01:00
Gilles Peskine
bd50d5baec
Merge pull request #8177 from gilles-peskine-arm/generated-files-off-in-release
...
Generated files off in release
2023-09-18 14:11:58 +00:00
Paul Elliott
fd3360ebf4
Remove unneeded setting of ret from ssl programs
...
Remove coverity warnings on unused values.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-09-15 17:41:25 +01:00
Dave Rodgman
da0bb9fae8
Merge pull request #8034 from gilles-peskine-arm/bump_version-doc_mainpage
...
Update capitalization of "Mbed" and fix bump_version.sh
2023-09-13 08:41:20 +00:00
Gilles Peskine
e820c0abc8
Update spelling "mbed TLS" to "Mbed TLS"
...
The official spelling of the trade mark changed from all-lowercase "mbed"
to normal proper noun capitalization "Mbed" a few years ago. We've been
using the new spelling in new text but still have the old spelling in a
lot of text. This commit updates most occurrences of "mbed TLS":
```
sed -i -e 's/mbed TLS/Mbed TLS/g' $(git ls-files ':!ChangeLog' ':!tests/data_files/**' ':!tests/suites/*.data' ':!programs/x509/*' ':!configs/tfm*')
```
Justification for the omissions:
* `ChangeLog`: historical text.
* `test/data_files/**`, `tests/suites/*.data`, `programs/x509/*`: many
occurrences are significant names in certificates and such. Changing
the spelling would invalidate many signatures and tests.
* `configs/tfm*`: this is an imported file. We'll follow the upstream
updates.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-12 19:18:17 +02:00
Paul Elliott
a722d0a415
Update CMake minimum version(s) to match main CMakeLists.txt
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-09-12 16:42:14 +01:00
Yanray Wang
022b9a1ca0
benchmark: add AES_CFB8
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-09-12 16:28:37 +08:00
Yanray Wang
55aba195de
benchmark: add AES_CFB128
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-09-12 16:24:27 +08:00
Gilles Peskine
1bfc09bca7
Move comment to its intended location
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-09 21:26:05 +02:00
Gilles Peskine
0b62b7a21f
Allow turning off re-generation of files with make
...
In make builds, when GEN_FILES is false (empty), don't try to re-generate
configuration-independent source files, regardless of whether they seem
out of date. This is useful, for example, if you have a source tree where
`make generated_files` has already run and file timestamps reflect the
time the files were copied or extracted, and you are now in an environment
that lacks some of the necessary tools to re-generate the files.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-08 16:19:13 +02:00
Ronald Cron
eab2055bde
Fix query_config.c generation with CMake build system
...
In case of an out-of-tree build with the CMake build
system the path to crypto_config.h has to be defined
as the path to mbedtls_config.h. Add this possibility
tp generate_query_config.pl.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-09-08 10:23:25 +02:00
Yanray Wang
9b811658a8
Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only
2023-09-07 16:18:00 +08:00
Gilles Peskine
b9664ee676
Don't include configuration adjustment headers
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-05 11:57:14 +02:00
Yanray Wang
d7058b0a35
dh_client: removed under CIPHER_ENCRYPT_ONLY
...
dh_client requests AES-ECB to do decryption. So it needs to be
removed under CIPHER_ENCRYPT_ONLY.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-09-01 17:35:58 +08:00
Gilles Peskine
f745e5b8de
Merge remote-tracking branch 'development' into HEAD
2023-08-23 20:35:32 +02:00
Tom Cosgrove
17d5081ffb
Merge pull request #8099 from gilles-peskine-arm/split-config_psa-prepare
...
Prepare to split config_psa.h
2023-08-22 07:30:46 +00:00
Gilles Peskine
796bc2b8f9
Merge pull request #7486 from AndrzejKurek/calloc-also-zeroizes
...
Document mbedtls_calloc zeroization
2023-08-21 15:47:21 +00:00
Gilles Peskine
9af413bcc5
Don't try to include mbedtls/config_*.h
...
They're included by build_info.h and must not be included directly.
Currently, this only concerns one file: config_psa.h. It's technically a bug
to include it, but a harmless one because that header has already been
included by build_info.h except in configurations where it
effectively had no effect (enabling PSA options with PSA turned off).
We plan to split config_psa.h into multiple headers that are less
independent, which could make the inclusion more problematic.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-21 16:12:36 +02:00
Gilles Peskine
dbd13c3689
Merge pull request #7662 from lpy4105/issue/renew_cert_2027-01-01
...
Updating crt/crl files due to expiry before 2027-01-01
2023-08-17 15:38:35 +00:00
Gilles Peskine
d370f93898
Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn
...
OPC UA - add support for RFC822 and DirectoryName SubjectAltNames when generating CSR's
2023-08-16 09:19:46 +00:00
Manuel Pégourié-Gonnard
660bbf2470
test: disable BIGNUM support on the test ecc_no_bignum component
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-10 06:43:23 +02:00
Paul Elliott
2f12a29cdd
Merge pull request #7896 from AgathiyanB/gitignore-generated-files-toggle
...
Add script to toggle ignoring generated files
2023-08-09 14:54:32 +00:00
Thomas Daubney
a68ef95394
Check length before calling memcmp
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-08-07 11:09:51 +01:00
Thomas Daubney
102033c38d
Add new line at end of file to satisfy code style
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-08-03 16:20:09 +01:00
Thomas Daubney
5c2dcbd250
Implement cleanup label
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-08-03 16:03:30 +01:00
Thomas Daubney
21fbe4c90e
Remove further superfluous call to psa_hash_abort
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-08-03 15:39:42 +01:00
Thomas Daubney
1ba9744afb
Correct code style
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-28 17:25:16 +01:00
Thomas Daubney
c918c32cc0
Stop hashing the null byte
...
Change the hash data to not include the null byte used to terminate
the string. Pass sizeof() - 1 to the hash operation API functions
so that the null byte can be ignored.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-28 17:15:03 +01:00
Thomas Daubney
fbe742b2d0
Add extra check to one-shot operation results
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-28 16:17:38 +01:00
Thomas Daubney
ce14124f7c
Check result of multipart operation
...
Check that the multi-part operation has produced
the correct result.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-28 16:14:20 +01:00
Thomas Daubney
606110fc19
Restructure start of program
...
Restructure the start of the program to make it
clear to a user exactly what this program is for.
Add a comment for additional clarity.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-28 15:57:10 +01:00
Thomas Daubney
1f98736e71
Add clarifying comment to new program section
...
Mark the beginning of the section that prints
the result with a comment.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-28 15:23:06 +01:00
Thomas Daubney
a2b7519d63
Use memcmp instead of reinventing it
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-28 15:21:46 +01:00
Thomas Daubney
9730cb1274
Change hash output formatting
...
Change the formatting of the hash output
to remove line breaks and spaces.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-28 15:07:19 +01:00
Thomas Daubney
c07fa29b58
Change wording in error message
...
Change wording from "failed" since this implied the
function had returned an error status instead of
producing the wrong result.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-28 14:58:55 +01:00
Thomas Daubney
3071c85835
Clarify comments
...
Clarify comments when moving into one-shot part
of demo.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-28 14:47:47 +01:00
Thomas Daubney
c050037c08
Remove mbedtls_ and psa_ prefix from var names
...
Remove the mbedtls and psa prefixes from variable
names in order to make clearer what is part of
the API and what is just part of the demo program.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-28 14:44:25 +01:00
Thomas Daubney
a79f806225
Remove superfluous calls to psa_hash_abort
...
Calls were not required since psa_hash_setup was yet
to be called.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-28 14:33:20 +01:00
Thomas Daubney
6fc4ca2d85
Replace hash_size with hash_length
...
This is to make the variable naming covnention align
with the PSA API documentation.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-28 14:31:06 +01:00
Thomas Daubney
2c872340e8
Fix erroneous macro guards
...
Replace MBEDTLS_SHA256_C for PSA_WANT_ALG_SHA_256
everywhere, including comments and print statements.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-28 14:21:38 +01:00
Gowtham Suresh Kumar
186731b22a
Fix warnings from clang-16
...
Running clang-16 on mbedtls reports warnings of type "-Wstrict-prototypes".
This patch fixes these warnings by adding void to functions with no
arguments. The generate_test_code.py is modified to insert void into test
functions with no arguments in *.function files.
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
2023-07-26 17:11:51 +01:00
Gilles Peskine
f5d2d1c7cd
Skip dlopen demo in static builds
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-25 20:23:44 +02:00
Gilles Peskine
c25ae6f48c
Use demo_common.sh in dlopen test script
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-25 20:23:44 +02:00
Gilles Peskine
086f85f055
Fix some mistakes in descriptive messages
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-25 19:40:35 +02:00
Gilles Peskine
911081efd2
Explain why $root_dir needs a complicated calculation
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-25 19:40:14 +02:00
Gilles Peskine
fc09d27a92
Print only missing dependencies
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-25 19:40:14 +02:00
Gilles Peskine
c142620724
cleanup is part of the external interface
...
Since there's no EXIT trap in plain sh, the main script must call it
explicitly when it exits.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-25 19:40:14 +02:00
Gilles Peskine
03be234c7f
Declare the dependencies of key_ladder_demo.sh
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-25 19:36:39 +02:00
Gilles Peskine
b2bcdc1c17
Let demo scripts declare their dependencies
...
Demo scripts should declare their build-time dependencies, to make
them more user-friendly. If a dependency is not met, users should see
an explicit message rather than an incomprehensible error.
Don't rely on the dependencies of individual programs because some
demo scripts use multiple programs and because some scripts might have
additional requirements.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-25 19:36:39 +02:00
Gilles Peskine
958be36b19
Demo scripts: create a seedfile if the configuration requires it
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-25 19:36:39 +02:00
Gilles Peskine
d1b5f6f609
Move common code of demo scripts into a library
...
The new file programs/demo_common.sh contains initialization code,
utility functions and cleanup code meant to be used by all demo
scripts written in sh.
Initial features:
* msg: Display a message.
* run, run_bad: Run a command, visibly.
* $root_dir, $programs_dir: location of the mbedtls source tree.
* $files_to_clean: files that are cleaned up on exit.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-25 19:36:13 +02:00
Thomas Daubney
1fd916a1a3
Address review comments
...
- make operation name more generic
- make use of psa_hash_abort
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-25 16:10:48 +01:00
Thomas Daubney
9520df7580
Fix code style
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-25 10:56:54 +01:00
Thomas Daubney
1db78fa32a
Demonstrate algorithm agility
...
Define HALH_ALG to the desired PSA algorithm
to demostrate the ease of swapping algorithms
with the PSA API.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-24 16:49:14 +01:00
Thomas Daubney
f7348ae1fc
Improve program from first round review comments
...
Following an initial review:
- Swap printf for mbedtls_printf
- Remove MBEDTLS_xxx dependencies
- Demonstrate correct buffer sizing
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-24 12:18:40 +01:00
Thomas Daubney
209c9c9492
Bring code-style up-to-date
...
This PR was originally created before the code
style was changed. This commit updates the style.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-18 14:59:45 +01:00
Hannes Tschofenig
f8b9ebf297
Add example program for PSA hash
...
This commit adds the example program for PSA
hash as well as the relevant changes to
CMakeLists.txt and the Makefile.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-07-18 13:55:36 +01:00
Manuel Pégourié-Gonnard
828b3acd6b
Merge pull request #7848 from valeriosetti/issue7749
...
driver-only ECC: EPCf.TLS testing
2023-07-18 10:33:21 +02:00
Dave Rodgman
91d9daf2b3
Merge pull request #7925 from hasheddan/dtls-server-order
...
Fix order of steps in DTLS server example program
2023-07-17 09:41:43 +01:00
Daniel Mangum
af2f7a6fcb
Fix order of steps in DTLS server example program
...
Fixes the numbered order of steps in the DTLS server example program.
Signed-off-by: Daniel Mangum <georgedanielmangum@gmail.com>
2023-07-14 12:00:33 -04:00
Andrzej Kurek
312b6df38a
Add a missing guard in cert_req.c
...
IP parsing requires x509_CRT_PARSE_C
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-07-10 08:45:30 -04:00
Valerio Setti
dda0019e2e
ssl_test_lib: fix rebase error
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-10 10:22:51 +02:00
Valerio Setti
5bdebb2004
ssl_test_lib: fix variable naming for curve group
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-10 09:13:57 +02:00
Valerio Setti
fb6356f003
ssl_test_lib: simplify function which prints supported curves
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-10 09:13:57 +02:00
Valerio Setti
deb676442d
ssl_test_lib: manage FFDH keys the same way as ECC ones
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-10 09:13:57 +02:00
Valerio Setti
acd32c005f
programs: add helper functions for supported EC curves
...
- get full list, or
- get TLS ID from name
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-10 09:13:57 +02:00
Manuel Pégourié-Gonnard
461d59b2f8
Merge pull request #7858 from mprse/ffdh_tls13_v2_f
...
Make use of FFDH keys in TLS 1.3 - follow-up
2023-07-07 16:19:35 +02:00
Dave Rodgman
c4749b1c66
Merge pull request #7584 from gilles-peskine-arm/fuzz-file-open-fail
...
Fuzz programs: print an error if loading the reproducer fails
2023-07-07 11:51:59 +01:00
Andrzej Kurek
6bc7a38683
Support more SAN subtypes in cert_req.c
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-07-07 05:13:13 -04:00
Agathiyan Bragadeesh
77b0d645f5
Add gitignore anchors to denote generated files
...
These anchors encapsulate gitignore patterns which typically ignore
files generated, so that scripts can be used to comment and uncomment
these patterns for releases when we need the generated files in the
repository.
Signed-off-by: Agathiyan Bragadeesh <agabra02@e127300.arm.com>
2023-07-06 17:58:18 +01:00
Przemek Stekiel
68e7544de8
parse_groups: curve -> group adaptations
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-06 12:16:44 +02:00
Przemek Stekiel
45255e4c71
Adapt names (curves -> groups)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-05 09:26:26 +02:00
Pengyu Lv
b078607f04
cert_write: Support write any for extended key usage
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00