Commit graph

18711 commits

Author SHA1 Message Date
Jerry Yu
d62f87e151 move derive_keys
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:01 +08:00
Jerry Yu
2a7b5ac791 move compute_master
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:01 +08:00
Jerry Yu
d6ab235972 move use_opaque_psk
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:01 +08:00
Jerry Yu
f009d86186 move set_handshake_prfs
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:01 +08:00
Jerry Yu
dc7bd17d11 move tls_prf_sha256/384
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:01 +08:00
Jerry Yu
ed14c93008 add static prototypes
prepare for moving functions

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:01 +08:00
Jerry Yu
baa4934e7b Add check tests
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
53d23e2c95 Guards tls_prf functions with TLS1_2
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
c73c618094 Wrap function not used by test_tls13_only
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

# Conflicts:
#	library/ssl_tls13_generic.c
2022-02-21 09:06:00 +08:00
Jerry Yu
bd19287a8e fix docs issue
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
bef175db96 Wrap derive_keys with TLS1_2 option
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
cc43c6bee5 fix coding style issue
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
6331909d12 remove ifndef guard
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
e754193e87 Remove guard inside ssl_srv.c
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
fb4b6478ee tls13_only: improve guards of files.
To improve readability of the preprocess guards.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
db8c48aaff tls13_only:Remove unnecessary functions
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
7d2396332d fix wrong setting of max_minor version
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
81d5e1feca fix various issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
adb1869f8d fix document about tls13
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
72a0565e13 docs: Add version support description
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
da5af22015 tls13_only: add tls13_only test component
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
c5aef88be6 tls13_only: guard ssl_{cli,srv}.c with TLS1_2
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
ab08290c09 tls13_only: skip tls12 tests.
TLS1.2 test depends on MBEDTLS_SSL_PROTO_TLS1_2. Skip
them if it is not set

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
8a497205cc tls13_only: tls 1.3 suite pass
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
c10f6b4735 tls13_only: simple test pass
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
c3091b1c8c tls13_only: compile pass
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
e0a6412d8d tls13_only: check_config pass
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Paul Elliott
9c6a69274a
Merge pull request #5551 from gilles-peskine-arm/jinja-markupsafe-2.1-dependency
Require an older version of markupsafe for the sake of older Jinja2
2022-02-20 16:00:41 +00:00
Gilles Peskine
7b2804bb3b Require an older version of markupsafe for the sake of older Jinja2
Jinja2 <3.0 require markupsafe <2.1.0, but does not declare this
requirement. (Jinja2 2.x has not been updated since markupsafe 2.1.0 came
out). So declare this requirement ourselves.

This is not ideal, since we would want to use the latest markupsafe with the
latest Jinja2. But at least it gives us a consistent set of versions to run
the CI with.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-19 20:38:29 +01:00
Manuel Pégourié-Gonnard
4fa604cc3b
Merge pull request #5511 from SiliconLabs/feature/PSEC-3195-PSA-test-suites-NOT-using-UID-0
feat: Update test_suite_psa_its to NOT use UID=0
2022-02-17 11:49:33 +01:00
Gilles Peskine
57b1ff39c2
Merge pull request #5377 from hanno-arm/ecp_add_mixed_fewer_mpis
Minor improvements to ECC arithmetic subroutines
2022-02-17 10:27:18 +01:00
Manuel Pégourié-Gonnard
3d1f8b9c00
Merge pull request #5532 from ronald-cron-arm/tls13_and_use_psa_crypto
Make TLS 1.3 compatible with MBEDTLS_USE_PSA_CRYPTO
2022-02-16 17:33:47 +01:00
Manuel Pégourié-Gonnard
6d2479516c
Merge pull request #5533 from paul-elliott-arm/fix_fuzz_privkey_null_ctx
Fix null context when using dummy_rand with mbedtls_pk_parse_key()
2022-02-16 09:55:01 +01:00
Paul Elliott
5d7e61fb61 Fix uninitialised return value.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-02-15 16:05:17 +00:00
Ronald Cron
a7a1deabf8
Merge pull request #5393 from gilles-peskine-arm/opt-testcases-outcomes-fix
Fix test suite name reporting of opt-testcases/tls13-compat.sh
2022-02-15 13:53:10 +01:00
Manuel Pégourié-Gonnard
a1b506996d
Merge pull request #5526 from paul-elliott-arm/fix_fuzzer_null_ref
Ensure ctr_drbg is initialised every time in fuzz_server
2022-02-15 10:31:03 +01:00
Ronald Cron
b788c044b7 Use PSA status to Mbed TLS error code conversion function
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-02-15 09:14:15 +01:00
Manuel Pégourié-Gonnard
e14b644f4d
Merge pull request #5456 from mpg/cleanup-ecdh-psa
Cleanup PSA-based ECDHE in TLS 1.2
2022-02-15 09:09:07 +01:00
Paul Elliott
a1dc3e5a60 Add safety to dummy_random in case of NULL context
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-02-14 18:26:21 +00:00
Paul Elliott
bb0168144e Ensure valid context is used in fuzz_dtlsserver
A valid ctr_drbg context is now a prerequisite for using dummy_random()

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-02-14 15:57:11 +00:00
Ronald Cron
87829e5429 Fix documentation
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-02-14 16:31:33 +01:00
PeterSpace
c2774a3ad4 Update library/psa_its_file.c
Signed-off-by: pespacek <peter.spacek@silabs.com>
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
2022-02-14 12:24:56 +01:00
Paul Elliott
51a7679a8e Ensure context is passed in to dummy_rand
In fuzz_privkey, we switched over to using dummy_rand(), which uses
ctr_drbg internally, and thus requires an initialised ctr_drbg_context
to be passed in via p_rng when calling mbedtls_pk_parse_key().

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-02-11 19:10:14 +00:00
Ronald Cron
fb84e98fb4 Add change log
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-02-11 16:10:44 +01:00
Ronald Cron
135427cb35 Run TLS 1.3 tests when MBEDTLS_USE_PSA_CRYPTO is enabled
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-02-11 16:10:44 +01:00
Ronald Cron
f6893e11c7 Finalize PSA hash operations in TLS 1.3
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-02-11 16:10:34 +01:00
Ronald Cron
4279bac965 Document TLS 1.3 MVP limitation regarding MBEDTLS_USE_PSA_CRYPTO
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-02-11 15:10:22 +01:00
Gilles Peskine
bebeae9428
Merge pull request #5504 from gstrauss/mbedtls_pem_get_der
Add accessor to get der from mbedtls_pem_context
2022-02-10 23:56:57 +01:00
Paul Elliott
00738bf65e Ensure ctr_drbg is initialised every time
ctr_drbg is a local variable and thus needs initialisation every time
LLVMFuzzerTestOneInput() is called, the rest of the variables inside the
if(initialised) block are all static.

Add extra validation to attempt to catch this issue in future.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-02-10 18:38:53 +00:00
Manuel Pégourié-Gonnard
574e538c75
Merge pull request #5522 from mpg/fixup-psa-migration
Fixup psa migration documentation
2022-02-10 13:41:56 +01:00