yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
27928 commits 1 branch 0 tags 94 MiB
Commit graph

209 commits

Author SHA1 Message Date
Minos Galanakis
1a3ad265cc Merge branch 'development-restricted' into mbedtls-3.5.0rc0-pr 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-03 21:57:51 +01:00
Valerio Setti
db6b4db7a0 Renaming all MBEDTLS_HAVE for curves to MBEDTLS_ECP_HAVE 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-09-25 17:39:41 +02:00
Valerio Setti
6d809cc969 lib/test: use new internal helpers in library's code and tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-09-25 17:39:41 +02:00
Gilles Peskine
ca1e605b9c Merge remote-tracking branch 'upstream-public/development' into development-restricted-merge-20230925 
Conflicts:
* `include/mbedtls/build_info.h`: a new fragment to auto-enable
  `MBEDTLS_CIPHER_PADDING_PKCS7` was added in
  c9f4040f7f in `development-restricted`.
  In `development`, this section of the file has moved to
  `include/mbedtls/config_adjust_legacy_crypto.h`.
* `library/bignum.c`: function name change in `development-restricted` vs
  comment change in development. The comment change in `development` is not
  really relevant, so just take the line from `development-restricted`.
 2023-09-25 16:16:26 +02:00
Gilles Peskine
a3237efefb Move testing of mbedtls_ssl_decrypt_buf to a new test suite 
test_suite_ssl is huge and needs splitting.

Create a new test suite focused on mbedtls_ssl_decrypt_buf(), which is a
complicated function that needs more thorough testing with malformed inputs.
At this point, we are only doing negative testing with CBC-non-ETM test
suites. This needs to grow.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-18 14:23:13 +02:00
Gilles Peskine
9d5952dba8 Fix some dependencies on symmetric crypto in some TLS 1.3 tests 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-07-21 17:50:49 +02:00
Valerio Setti
6f0441d11e tls: replace occurencies of ECP_LIGHT with PK_HAVE_ECC_KEYS 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 09:13:57 +02:00
Yanray Wang
a9808ce4b4 Add AES 128-bit key dependency in test_suite_ssl.data 
Since handshake_fragmentation uses cipher
"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" by default.
The corresponding test should be skipped when
MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is enabled.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-05 11:21:31 +08:00
Yanray Wang
ecb6a02fa9 Add AES 128-bit key dependency for tests data 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-05 11:21:30 +08:00
Valerio Setti
9cea093700 test: resolve remaining disparities in test_suite_ssl 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-04-11 16:19:11 +02:00
Ronald Cron
097ba146e7 tls: srv: Set hybrid TLS 1.2/1.3 as default configuration 
Set hybrid TLS 1.2/1.3 as default server
configuration if both TLS 1.2 and TLS 1.3
are enabled at build time.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-04-06 10:26:18 +02:00
Ronald Cron
43263c045a tests: ssl: Extend move to handshake state tests 
Extend move to handshake state tests to reach
most of TLS 1.2 and 1.3 handshake states.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-04-06 10:26:18 +02:00
Ronald Cron
3b35455a69 tls: srv: Allow server hybrid TLS 1.2 and 1.3 configuration 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-04-06 10:26:18 +02:00
Ronald Cron
ea8a1ea17a tests: ssl: Add some missing dependencies 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-04-06 10:26:17 +02:00
Valerio Setti
13ce40323f test_suite_ssl: remove redundant dependencies when the key exchange is specified 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-22 10:40:05 +01:00
Valerio Setti
7a2f39692a ecdhe: solve disparities in accelerated ECDHE vs reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-22 10:37:45 +01:00
Manuel Pégourié-Gonnard
bef824d394 SSL: use MD_CAN macros 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:29:31 +01:00
Valerio Setti
fdea36d137 test_suite_ssl: remove redundant ECDH dependencies when the key exchange is specified 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-20 14:02:07 +01:00
Valerio Setti
866aa187e8 ecdh: solve disparities in accelerated ECDH vs reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-20 14:02:07 +01:00
Valerio Setti
2f081473b6 test: fix disparities in test_suite_ssl 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-08 16:47:28 +01:00
Valerio Setti
1b08d421a7 test: fix: replace CAN_ECDSA_SOME with CAN_ECDSA_SIGN+CAN_ECDSA_VERIFY when both are needed 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-13 15:35:37 +01:00
Valerio Setti
d928aeb9ac test_suite_ssl: use new macros for ECDSA capabilities 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-13 15:35:37 +01:00
Andrzej Kurek
723b8779f9 Add missing key exchange requirements to test_suite_ssl 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-01-19 18:31:00 -05:00
Andrzej Kurek
714ae6551e Add missing key exchange requirements to test_suite_ssl 
Some of the tests use mbedtls_test_cli_key_rsa_der and
mbedtls_test_cli_crt_rsa_der, and these can be used with
specific ciphersuites.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-01-17 10:38:11 -05:00
Valerio Setti
2c12185b88 test: fix dependencies on function and data files 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-09 18:00:39 +01:00
Valerio Setti
73260b6e65 test: extend test_suite_ssl for testing new functions 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-03 16:05:02 +01:00
Manuel Pégourié-Gonnard
c98624af3c
Merge pull request #6680 from valeriosetti/issue6599 
Allow isolation of EC J-PAKE password when used in TLS
 2022-12-14 11:04:33 +01:00
Dave Rodgman
1fe45295d7
Merge pull request #6685 from gilles-peskine-arm/valgrind-cf-skip-tests 
Rationalize Valgrind tests
 2022-12-06 18:39:32 +00:00
Valerio Setti
e7518ba28e test: pake: reshaping the ssl_ecjpake_set_password() 
Removed the "error injection" strategy. Now the functions checks
for all the errors in a row.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-02 12:09:43 +01:00
Valerio Setti
4452e98ec1 test: pake: add tests for set password functions 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-01 15:08:35 +01:00
Gilles Peskine
3ffd6bce81 Create a separate test suite for constant-time functions 
This is the first step in arranging that functions from constant_time.c are
tested in test_suite_constant_time.function.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-29 15:44:21 +01:00
Gilles Peskine
77e68c3176 Move constant-time HMAC testing to its own suite 
These are very CPU-intensive, so make it easy to skip them. And conversely,
make it easy to run them without the growing body of SSL tests.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-29 15:42:36 +01:00
Aditya Deshpande
d1b72a7b83 Merge branch 'development' into driver-wrapper-key-agreement 2022-11-07 17:36:23 +00:00
Aditya Deshpande
ec6bb5879a Disabled tests in test_suite_ssl that won't work without builtin ECDH 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2022-11-07 17:11:48 +00:00
Ronald Cron
928cbd34e7 tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 
Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
instead of MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED to guard
code specific to the TLS 1.3 ephemeral key exchange mode.

Use it also for the dependencies of TLS 1.3 only tests
relying on ephemeral key exchange mode, but for
tests in tls13-kex-modes.sh where the change is done
later using all
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_.*ENABLED macros.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-10-22 14:42:04 +02:00
Ronald Cron
f64cc03b09 tests: ssl: Add missing dependencies on certificate based handshake 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-10-21 14:47:00 +02:00
Ronald Cron
457fb7a523 tests: ssl: Fix ciphersuite identifier 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-10-21 14:44:45 +02:00
Andrzej Kurek
658442fe78 Remove unnecessary ECP_C dependencies 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-19 08:35:09 -04:00
Andrzej Kurek
e5a5cc1944 Remove the dependency of tls1_3 key evolution tests on curve25519 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-19 08:35:09 -04:00
Andrzej Kurek
daf43fbe21 Move the location of MBEDTLS_ECP_C dependencies 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-19 08:35:09 -04:00
Andrzej Kurek
e64bd43495 Add missing ECP and ECDH dependencies in ssl test suites 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-19 08:35:08 -04:00
Andrzej Kurek
8e44139ca0 Add missing CURVE25519 requirements to TLS 1.3 tests 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-19 08:35:08 -04:00
Andrzej Kurek
e38b788b79 Add missing key exchange dependencies 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-19 08:35:08 -04:00
Andrzej Kurek
90e8204476 Add missing SHA256 and ECDSA_C dependencies in test_suite_ssl 
Most of the tests (including those using endpoint_init functions) parse
certificates that require MBEDTLS_SHA256_C to be present.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-19 08:35:08 -04:00
Andrzej Kurek
f502bcb13e Fix missing AES dependencies 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-19 08:35:08 -04:00
Andrzej Kurek
7bb8bab457 Update SHA and MD5 dependencies in the SSL tests 
The same elements are now also used when MBEDTLS_USE_PSA_CRYPTO
is defined and respective SHA / MD5 defines are missing.
A new set of macros added in #6065 is used to reflect these dependencies.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-22 17:46:50 -04:00
Jerry Yu
bc7c1a4260 fix typo/format/name issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-22 23:09:40 +08:00
Jerry Yu
f092629997 Add save load test for tls13 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-22 23:08:43 +08:00
Jerry Yu
a180f99a55 Add load-save tests for tls13 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-22 23:08:43 +08:00
Jerry Yu
1ac476cc1e Add save buf size test for tls13 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-22 23:08:43 +08:00