Valerio Setti
c747306848
all.sh: remove redundant make in test_psa_crypto_config_accel_cipher_aead()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-13 10:51:52 +01:00
Valerio Setti
73d053123f
ssl-opt: set proper cipher dependencies in tests using ticket_aead parameters
...
Check either legacy or PSA symbols based on USE_PSA_CRYPTO
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:27:45 +01:00
Valerio Setti
38e75fb1a7
ssl_server2: remove usage of mbedtls_cipher_info_from_string()
...
This removes the dependency from cipher module and legacy key/modes
symbols which are used in cipher_wrap.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:27:39 +01:00
Valerio Setti
01c4fa3e88
ssl: move MBEDTLS_SSL_HAVE internal symbols to ssl.h
...
This is useful to properly define MBEDTLS_PSK_MAX_LEN when
it is not defined explicitly in mbedtls_config.h
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:12:07 +01:00
Valerio Setti
dd43d7b3a4
ssl-opt: set proper dependencies on tests with encrypted server5 key
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:12:07 +01:00
Valerio Setti
f941455e3b
all.sh: enable ssl-opt testing in psa_crypto_config_[accel/reference]_cipher_aead
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:12:07 +01:00
Manuel Pégourié-Gonnard
7d7ce0e66a
Merge pull request #8495 from lpy4105/issue/6322/driver-only-cipher_aead-tls
...
[G3] Driver-only cipher+aead: TLS: main test suite
2023-11-09 11:10:34 +00:00
Gilles Peskine
4dec9ebdc2
Merge pull request #8378 from mschulz-at-hilscher/fixes/issue-8377
...
Fixes "CSR parsing with critical fields fails"
2023-11-08 18:07:04 +00:00
Gilles Peskine
c75ee77dbb
Merge pull request #8439 from yuhaoth/pr/add-test-suite-parameter-to-ssl-opt
...
Add test-suite parameter to filter tests
2023-11-08 18:05:44 +00:00
Gilles Peskine
b97058e2d5
Merge pull request #8496 from ronald-cron-arm/remove-cocci-files
...
Remove unused *.cocci files
2023-11-08 18:05:13 +00:00
Dave Rodgman
0d22539de0
Merge pull request #8468 from daverodgman/mbedtls-3.5.1-pr
...
Mbed TLS 3.5.1
2023-11-08 18:01:32 +00:00
Dave Rodgman
9eb2abd1e0
Add docs re Everest license
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:17 +00:00
Dave Rodgman
9f747537cf
Update BRANCHES
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:11 +00:00
Dave Rodgman
28d40930ae
Restore bump version
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:08 +00:00
Dave Rodgman
39b2a38076
Restore 3.5.1 ChangeLog
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:04 +00:00
Dave Rodgman
a2d14ef764
Merge remote-tracking branch 'origin/development' into mbedtls-3.5.1-pr
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:39:53 +00:00
Dave Rodgman
47854e638b
Revert back to v3.5.0
...
git revert v3.5.0..v3.5.1
git rebase to combine the resulting revert commits
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:38:57 +00:00
Dave Rodgman
edb8fec988
Add docs re Everest license
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:36:00 +00:00
Ronald Cron
f95b678729
Remove unused *.cocci files
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-11-08 10:08:09 +01:00
Ronald Cron
c27a4ce3dd
Merge pull request #8429 from gilles-peskine-arm/fix-test_suite_constant_time_hmac-not-executed
...
Fix test suite never executed due to an undefined symbol
2023-11-08 09:05:12 +00:00
Pengyu Lv
2bd56de3f4
ssl: replace MBEDTLS_SSL_HAVE_*_CBC with two seperate macros
...
MBEDTLS_SSL_HAVE_<block_cipher>_CBC equals
MBEDTLS_SSL_HAVE_<block_cipher> and MBEDTLS_SSL_HAVE_CBC.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 14:21:19 +08:00
Pengyu Lv
ba6825e37b
ssl: use MBEDTLS_SSL_HAVE_* in tests
...
Done by commands:
```
sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
```
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 14:09:16 +08:00
Pengyu Lv
65458fa969
ssl: MBEDTLS_SSL_HAVE_* in ssl_misc.h
...
Done by commands:
```
sed -i "300,$ s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
sed -i "300,$ s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
sed -i "300,$ s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
```
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 12:16:29 +08:00
Pengyu Lv
829dd2048a
ssl: use MBEDTLS_SSL_HAVE_* in ssl_ciphersuites.c
...
Mainly done by the commands, with some manual adjust.
```
sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
```
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 12:01:26 +08:00
Pengyu Lv
f1b86b088f
ssl: add macro to indicate CBC mode is available
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 11:28:42 +08:00
Pengyu Lv
e870cc8c86
ssl: add macro for available key types
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 11:28:36 +08:00
Pengyu Lv
fe03a4071b
ssl_helper: fix missin initialization of cli_log_obj
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 10:30:48 +08:00
Matthias Schulz
c55b500343
Changed notes in x509_csr.h to better describe the behavior of mbedtls_x509_csr_parse_der and mbedtls_x509_csr_parse_der_with_ext_cb.
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-07 16:47:37 +01:00
Matthias Schulz
e92f6dcf5c
New test cases requested in https://github.com/Mbed-TLS/mbedtls/pull/8378#discussion_r1383779861
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-07 15:16:35 +01:00
Tom Cosgrove
53199b1c0a
Merge pull request #6720 from yuhaoth/pr/tls13-early-data-receive-0_rtt-and-eoed
...
TLS 1.3: EarlyData SRV: Write early data extension in EncryptedExtension
2023-11-07 13:59:13 +00:00
Dave Rodgman
7604915cce
Update Changelog with bugfix entry
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-07 12:33:17 +00:00
Tom Cosgrove
4122c16abd
Merge pull request #6945 from lpy4105/issue/6935/ticket_flags-kex-mode-determination
...
TLS 1.3: SRV: Check ticket_flags on kex mode determination when resumption
2023-11-07 09:26:21 +00:00
Jerry Yu
7ef9fd8989
fix various issues
...
- Debug message
- Improve comments
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-07 14:31:37 +08:00
Jerry Yu
2bea94ce2e
check the ticket version unconditional
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-07 14:18:17 +08:00
Pengyu Lv
4ebf86e780
tls13-misc: Do not check kex mode for some cases
...
Ephemeral is preferred over pure PSK, the change is
to make CI happy.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-07 10:14:32 +08:00
Pengyu Lv
44670c6eda
Revert "TLS 1.3: SRV: Don't select ephemeral mode on resumption"
...
This reverts commit dadeb20383
.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-07 09:58:53 +08:00
Pengyu Lv
1f00926142
Change base config to full
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-07 09:55:11 +08:00
Dave Rodgman
b578514b03
Merge pull request #8470 from gilles-peskine-arm/check-files-license
...
Check copyright statements and SPDX license statements
2023-11-06 17:07:54 +00:00
Dave Rodgman
4b67ac8adf
Merge pull request #8444 from Mbed-TLS/cvv-code-size
...
code size for mbedtls_cipher_validate_values
2023-11-06 12:50:37 +00:00
Dave Rodgman
2ef7c30775
Update BRANCHES
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-06 11:47:15 +00:00
Paul Elliott
e03270f2e0
Merge pull request #8391 from paul-elliott-arm/full_no_platform
...
Add full_no_platform config preset
2023-11-06 11:35:28 +00:00
Manuel Pégourié-Gonnard
964dee6b3f
Merge pull request #8442 from lpy4105/issue/8355/driver-only-cipher_aead-x509
...
X.509: Support driver-only cipher+aead
2023-11-06 09:10:57 +00:00
Jerry Yu
9e47b268c4
Revert "ssl-opt.sh: Make record_outcome record the ssl-opt.sh file only"
...
This reverts commit cfe68a0cb6
.
As commit 5eb2b02862
, this line is used to report test suite name.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-06 10:53:43 +08:00
Jerry Yu
50d07bdeec
Add test-suite parameter to filter tests
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-06 10:49:01 +08:00
Gilles Peskine
ce78200fb5
Pacify mypy
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-04 16:07:26 +01:00
Gilles Peskine
3b9facd8ac
Also complain if licenses are mentioned
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-04 16:07:26 +01:00
Gilles Peskine
f2fb9f667c
Check copyright statements and SPDX license identifier
...
Enforce a specific copyright statement and a specific SPDX license
identifier where they are present.
Binary files, third-party modules and a few other exceptions are not
checked.
There is currently no check that copyright statements and license
identifiers are present.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-04 16:07:26 +01:00
Gilles Peskine
990030bce0
Sort imports
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-04 16:07:26 +01:00
Gilles Peskine
8b6b41f6cd
Merge pull request #8434 from valeriosetti/issue8407
...
[G2] Make TLS work without Cipher
2023-11-04 15:05:00 +00:00
Gilles Peskine
c5ce9fcf03
Merge pull request #8435 from valeriosetti/issue8415
...
Remove cipher/aead legacy dependencies from PSA test suites
2023-11-04 15:04:51 +00:00