mbedtls

Author	SHA1	Message	Date
Ronald Cron	90d07118ad	Merge pull request #6721 from yuhaoth/pr/tls13-early-data-extension-of-nst TLS 1.3: EarlyData SRV: Write `early_data` extension of NewSessionTicket	2023-12-07 09:25:35 +00:00
Dave Rodgman	779819a4dd	Merge pull request #8613 from bensze01/valgrind-only-in-nightlies Do not run Valgrind tests in PR jobs	2023-12-06 19:18:24 +00:00
Gilles Peskine	57e401b39f	Merge pull request #8521 from valeriosetti/issue8441 [G4] Make CTR-DRBG fall back on PSA when AES not built in	2023-12-06 18:25:44 +00:00
Bence Szépkúti	0354d04d3c	Do not run Valgrind tests in PR jobs Co-authored-by: Dave Rodgman <dave.rodgman@arm.com> Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2023-12-06 16:14:37 +01:00
Jerry Yu	750e06743f	remove misbehavior tests and code Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:22:15 +08:00
Jerry Yu	ea96ac3da9	fix various issues - get ticket_flags with function. - improve output message and check it. - improve `ssl_server2` help message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:37 +08:00
Jerry Yu	391c943340	Add tests for ticket early data permission bit Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:16:48 +08:00
Ronald Cron	40f3f1c36f	Merge pull request #7058 from yuhaoth/pr/tls13-early-data-parsing-0-rtt-data TLS 1.3 EarlyData SRV: Parsing 0-RTT data	2023-12-06 06:47:32 +00:00
Valerio Setti	302a487499	test_driver_key_management: rename counter for export_public_key() hits Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:42 +01:00
Valerio Setti	829ce0facf	test_driver_cipher: add forced return status for encrypt and set_iv Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:42 +01:00
Valerio Setti	7ef35a9b3c	test_suite_psa_crypto_driver_wrappers: add counter for failing psa_cipher_update() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:42 +01:00
Valerio Setti	83e0de8481	crypto_extra: revert changes to mbedtls_psa_random_free() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:42 +01:00
Valerio Setti	0ca1868fcd	test_suite_psa_crypto_driver_wrappers: fix missing hit counter reset before test Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:42 +01:00
Valerio Setti	7448367f68	test_suite_psa_crypto_slot_management: modify check on open key slots This commit - Reverts changes previously done to psa_crypto_helpers.[c,h] - Implements a new check for open key slots in mbedtls_test_helper_is_psa_leaking(): - when CTR_DRBG does not use AES_C or PSA does not have an external RNG, then we allow 1 key slot (it's the one holding the AES key) - when the above conditions are not met, then we fallback to the usual check for "no open key slots remaining" Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:42 +01:00
Valerio Setti	45337a8895	test_suite_psa_crypto_driver_wrappers: add counter for cipher_update() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:42 +01:00
Valerio Setti	6ef82ae39d	test_suite_psa_crypto_driver_wrappers: improving driver access counters When AES_C is not defined CTR_DRBG relies on PSA to get AES-ECB. This means that, when AES-ECB is accelerated, each random operation goes through driver access as well. This might result in unexpectedly increased counters for driver's access. We add extra counters in test_driver_[cipher/key_management].c to be more specific on which driver functions are accessed and ignore extra accesses due to CTR_DRBG. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:42 +01:00
Valerio Setti	0a903db804	test_suite_psa_crypto_slot_management: some fix for available key slots When AES_C is not defined, CTR_DRBG relies on PSA to get AES-ECB. This means that PSA holds an open AES key since psa_crypto_init() is called, which - reduces the maximum number of available key slots - shifts the 1st available index Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:41 +01:00
Valerio Setti	dc32ac20fd	test_suite_[ctr_drbg/random]: initialize/close PSA in tests This commit also adds AES_PSA_[INIT/DONE] in "psa_crypto_helpers.h". Its scope is to call PSA_[INIT/DONE] only when AES_C is not defined (which is when PSA is effectively required for CTR_DRBG). Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:41 +01:00
Valerio Setti	402cfba4dc	psa: free RNG implementation before checking for remaining open key slots Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:41 +01:00
Valerio Setti	40a93dff32	all.sh: keep CTR_DRBG enabled in test_psa_crypto_config_accel_cipher_aead() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:41 +01:00
Ronald Cron	857d29f29a	Merge pull request #8528 from yanrayw/issue/6933/parse-max_early_data_size TLS1.3 EarlyData: client: parse max_early_data_size	2023-12-01 08:27:26 +00:00
Dave Rodgman	f5e46fd45c	Merge pull request #8535 from daverodgman/update-tfm Adjust to match current TF-M config	2023-11-29 16:14:06 +00:00
Gilles Peskine	18eab984c7	Merge pull request #8560 from lpy4105/issue/8423/optimize-analyze_outcomes_py Optimize analyze_outcomes.py	2023-11-29 14:51:41 +00:00
Janos Follath	c6f1637f8c	Merge pull request #8534 from paul-elliott-arm/fix_mutex_abstraction Make mutex abstraction and tests thread safe	2023-11-29 13:26:23 +00:00
Gilles Peskine	172c0b930f	Merge pull request #8561 from ronald-cron-arm/fix-ciphersuites-list-in-ssl-opt ssl-opt.sh: Fix getting the list of supported ciphersuites.	2023-11-29 11:31:33 +00:00
Pengyu Lv	5dcfd0c613	Some improvements Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-29 18:03:28 +08:00
Dave Rodgman	51e72456f9	Automatically set MBEDTLS_NO_PLATFORM_ENTROPY in TF-M config Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-29 09:44:44 +00:00
Manuel Pégourié-Gonnard	6b5cedf51f	Merge pull request #8547 from valeriosetti/issue8483 [G2] Make PSA-AEAD work with cipher-light	2023-11-29 08:53:42 +00:00
Pengyu Lv	550cd6f9b2	Use boolean `hit` instead of int `hits` Also fix a typo in the comments. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-29 09:17:59 +08:00
Ronald Cron	60f76663c0	Align forced ciphersuite with test description Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-11-28 17:52:42 +01:00
Dave Rodgman	c3cd410acf	Merge pull request #8286 from gilles-peskine-arm/check_mbedtls_calloc_overallocation-disable_with_asan Fix test_suite_platform failure with Asan on modern Clang	2023-11-28 16:48:31 +00:00
Ronald Cron	29ad2d7609	ssl-opt.sh: Remove unnecessary symmetric crypto dependencies Same test cases as in the previous commit. Remove the redundant symmetric crypto dependency. The dependency is ensured by the fact that: 1) the test case forces a cipher suite 2) ssl-opt.sh enforces automatically that the forced ciphersuite is available. 3) The fact that the forced ciphersuite is available implies that the symmetric cipher algorithm it uses is available as well. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-11-28 17:44:39 +01:00
Dave Rodgman	82d7a875ff	Update tests to refer to our tf-m config wrapper Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-28 16:10:37 +00:00
Ronald Cron	41bc42ac1b	ssl-opt.sh: Fix some symmetric crypto dependencies Fix some dependencies on symmetric crypto that were not correct in case of driver but not builtin support. Revealed by "Analyze driver test_psa_crypto_config_accel_cipher_aead vs reference test_psa_crypto_config_reference_cipher_aead" in analyze_outcomes.py. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-11-28 15:59:40 +01:00
Ronald Cron	5b73de8ddb	ssl-opt.sh: Add a check of the list of supported ciphersuites Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-11-28 15:59:03 +01:00
Tom Cosgrove	9e1d2e5727	Merge pull request #8029 from gilles-peskine-arm/fix-MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA Update old dependency to MBEDTLS_MD_CAN	2023-11-28 13:12:10 +00:00
Valerio Setti	6632a12fa3	all.sh: re-enable CCM/GCM in test_full_no_cipher_with_crypto[_config]() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-11-28 11:45:38 +01:00
Dave Rodgman	be5489ae98	Simplify test for building P256-M Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-28 10:15:37 +00:00
Dave Rodgman	897bb77c0c	Update tf-m tests in all.sh for P256-M Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-28 10:15:11 +00:00
Pengyu Lv	451ec8a4bc	Add comment to read_outcome_file in analyze_outcomes.py Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-28 17:59:05 +08:00
Pengyu Lv	c2e8f3a080	Add type annotations to analyze_outcomes.py Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-28 17:22:04 +08:00
Manuel Pégourié-Gonnard	294f5d7ea9	Merge pull request #8540 from valeriosetti/issue8060 [G2] Make CCM and GCM work with the new block_cipher module	2023-11-28 08:18:45 +00:00
Pengyu Lv	20e3ca391e	Run tests for ref_vs_driver outside task function Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-28 15:30:03 +08:00
Pengyu Lv	18908ec276	Define named tuple for component outcomes Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-28 13:04:11 +08:00
Pengyu Lv	28ae4648a6	Use mutable set all the time Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-28 11:35:19 +08:00
Pengyu Lv	59b9efc6dd	Check if driver_component is missing Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-28 11:15:00 +08:00
Pengyu Lv	f28cf594b1	Break the loop when case hits We don't care about the number of hits of the test cases, so break the iteration when the case hits. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-28 10:56:29 +08:00
Pengyu Lv	dd1d6a7cca	Improve readability of the script Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-28 10:52:25 +08:00
Pengyu Lv	a1ddcfaef8	Extend the pattern of pkparse test on encrypted keys These test cases are ignored when analyzing outcomes on analyze_driver_vs_reference_cipher_aead task. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-28 09:46:01 +08:00
Pengyu Lv	6c927c0795	Merge branch 'development' into review/gilles/update-old-dep-MD_CAN	2023-11-28 09:31:44 +08:00

1 2 3 4 5 ...

10239 commits