mbedtls

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	0d9a3618bd	Rm unneeded dep on PK_PARSE_C in psa crypto tests Most of them were removed in 7162, not sure how these ones slipped in. There's no reason deterministic ECDSA verification would need PK parse more than the other tests. The following finds no match: grep -i pk_parse library/ecdsa.c library/psa_crypto_ecp.c Even if PK parse was actually needed for this, the right way would be to auto-enable it based on PSA_WANT symbols, and then only depend on PSA_WANT symbols here. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-11-08 12:30:51 +01:00
Yanray Wang	65f7653bdd	tls1.3: early data: rephrase ChangeLog Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-08 18:48:33 +08:00
Ronald Cron	f95b678729	Remove unused *.cocci files Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-11-08 10:08:09 +01:00
Ronald Cron	c27a4ce3dd	Merge pull request #8429 from gilles-peskine-arm/fix-test_suite_constant_time_hmac-not-executed Fix test suite never executed due to an undefined symbol	2023-11-08 09:05:12 +00:00
Pengyu Lv	2bd56de3f4	ssl: replace MBEDTLS_SSL_HAVE_*_CBC with two seperate macros MBEDTLS_SSL_HAVE_<block_cipher>_CBC equals MBEDTLS_SSL_HAVE_<block_cipher> and MBEDTLS_SSL_HAVE_CBC. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-08 14:21:19 +08:00
Pengyu Lv	ba6825e37b	ssl: use MBEDTLS_SSL_HAVE_* in tests Done by commands: ``` sed -i "s/MBEDTLS_$AES\\|CAMELLIA\\|ARIA\\|CHACHAPOLY$_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/*/ssl* sed -i "s/MBEDTLS_$GCM\\|CCM$_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/*/ssl* sed -i "s/MBEDTLS_CIPHER_MODE_$CBC$/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/*/ssl* ``` Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-08 14:09:16 +08:00
Yanray Wang	eb61868878	tls1.3: early data: add ChangeLog entry Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-08 13:46:28 +08:00
Pengyu Lv	65458fa969	ssl: MBEDTLS_SSL_HAVE_* in ssl_misc.h Done by commands: ``` sed -i "300,$ s/MBEDTLS_$AES\\|CAMELLIA\\|ARIA\\|CHACHAPOLY$_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h sed -i "300,$ s/MBEDTLS_$GCM\\|CCM$_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h sed -i "300,$ s/MBEDTLS_CIPHER_MODE_$CBC$/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h ``` Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-08 12:16:29 +08:00
Pengyu Lv	829dd2048a	ssl: use MBEDTLS_SSL_HAVE_* in ssl_ciphersuites.c Mainly done by the commands, with some manual adjust. ``` sed -i "s/MBEDTLS_$AES\\|CAMELLIA\\|ARIA\\|CHACHAPOLY$_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c sed -i "s/MBEDTLS_$GCM\\|CCM$_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c sed -i "s/MBEDTLS_CIPHER_MODE_$CBC$/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c ``` Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-08 12:01:26 +08:00
Pengyu Lv	f1b86b088f	ssl: add macro to indicate CBC mode is available Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-08 11:28:42 +08:00
Pengyu Lv	e870cc8c86	ssl: add macro for available key types Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-08 11:28:36 +08:00
Yanray Wang	7b320fa7c9	ssl-opt.sh: fix typo Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-08 10:33:32 +08:00
Pengyu Lv	fe03a4071b	ssl_helper: fix missin initialization of cli_log_obj Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-08 10:30:48 +08:00
Yanray Wang	8636d471b3	config-tfm.h: License Change Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-08 10:07:03 +08:00
Yanray Wang	30769696e7	Merge remote-tracking branch 'origin/development' into adjust_tfm_configs	2023-11-08 10:00:24 +08:00
Matthias Schulz	c55b500343	Changed notes in x509_csr.h to better describe the behavior of mbedtls_x509_csr_parse_der and mbedtls_x509_csr_parse_der_with_ext_cb. Signed-off-by: Matthias Schulz <mschulz@hilscher.com>	2023-11-07 16:47:37 +01:00
Matthias Schulz	e92f6dcf5c	New test cases requested in https://github.com/Mbed-TLS/mbedtls/pull/8378#discussion_r1383779861 Signed-off-by: Matthias Schulz <mschulz@hilscher.com>	2023-11-07 15:16:35 +01:00
Tom Cosgrove	53199b1c0a	Merge pull request #6720 from yuhaoth/pr/tls13-early-data-receive-0_rtt-and-eoed TLS 1.3: EarlyData SRV: Write early data extension in EncryptedExtension	2023-11-07 13:59:13 +00:00
Dave Rodgman	7604915cce	Update Changelog with bugfix entry Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-07 12:33:17 +00:00
Tom Cosgrove	4122c16abd	Merge pull request #6945 from lpy4105/issue/6935/ticket_flags-kex-mode-determination TLS 1.3: SRV: Check ticket_flags on kex mode determination when resumption	2023-11-07 09:26:21 +00:00
Jerry Yu	7ef9fd8989	fix various issues - Debug message - Improve comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-07 14:31:37 +08:00
Jerry Yu	2bea94ce2e	check the ticket version unconditional Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-07 14:18:17 +08:00
Yanray Wang	0751761b49	max_early_data_size: rename configuration function Rename mbedtls_ssl_tls13_conf_max_early_data_size as mbedtls_ssl_conf_max_early_data_size since in the future this may not be specific to TLS 1.3. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-07 11:49:34 +08:00
Yanray Wang	d5ed36ff24	early data: rename configuration function Rename mbedtls_ssl_tls13_conf_early_data as mbedtls_ssl_conf_early_data since in the future this may not be specific to TLS 1.3. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-07 11:49:24 +08:00
Pengyu Lv	4ebf86e780	tls13-misc: Do not check kex mode for some cases Ephemeral is preferred over pure PSK, the change is to make CI happy. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-07 10:14:32 +08:00
Pengyu Lv	44670c6eda	Revert "TLS 1.3: SRV: Don't select ephemeral mode on resumption" This reverts commit `dadeb20383`. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-07 09:58:53 +08:00
Pengyu Lv	1f00926142	Change base config to full Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-11-07 09:55:11 +08:00
Gilles Peskine	a1023e2bd6	programs/test/metatest indirectly includes library/common.h Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	4bc873f0a1	Add missing program to .gitignore Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	102aea2ba8	Add metatests for mutex usage Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	f0d5cf9a0c	Don't use %llx in printf We still do MinGW builds on our CI whose printf doesn't support it! Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	a1dfa14c06	Fix cast from pointer to integer of different size Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	ee8109541a	Don't cast a function pointer to a data pointer That's nonstandard. Instead, convert to an integer. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	6aa9f32124	Use casts when doing nonstandard pointer conversions Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	6848d1709b	Run metatests in selected components Run metatests in some components, covering both GCC and Clang, with ASan, MSan or neither. Note that this commit does not cover constant-flow testing builds or Valgrind. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	69e8db0366	Strengthen against Clang optimizations Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	b0f0a64de0	Metatests for basic Asan and Msan features Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	f109664448	Script to run all the metatests (with platform filtering) Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:18 +01:00
Gilles Peskine	80ba832be6	Metatests for null pointer dereference Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:09 +01:00
Gilles Peskine	f309fbf0d5	Validate that test_fail causes a test failure Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:09 +01:00
Gilles Peskine	33406b645d	Add a metatest program This program can be used to validate that things that should be detected as test failures are indeed caught, either by setting the test result to MBEDTLS_TEST_RESULT_FAILED or by aborting the program. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:09 +01:00
Dave Rodgman	b578514b03	Merge pull request #8470 from gilles-peskine-arm/check-files-license Check copyright statements and SPDX license statements	2023-11-06 17:07:54 +00:00
Dave Rodgman	4b67ac8adf	Merge pull request #8444 from Mbed-TLS/cvv-code-size code size for mbedtls_cipher_validate_values	2023-11-06 12:50:37 +00:00
Dave Rodgman	2ef7c30775	Update BRANCHES Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-06 11:47:15 +00:00
Paul Elliott	e03270f2e0	Merge pull request #8391 from paul-elliott-arm/full_no_platform Add full_no_platform config preset	2023-11-06 11:35:28 +00:00
Manuel Pégourié-Gonnard	964dee6b3f	Merge pull request #8442 from lpy4105/issue/8355/driver-only-cipher_aead-x509 X.509: Support driver-only cipher+aead	2023-11-06 09:10:57 +00:00
Jerry Yu	9e47b268c4	Revert "ssl-opt.sh: Make record_outcome record the ssl-opt.sh file only" This reverts commit `cfe68a0cb6`. As commit `5eb2b02862`, this line is used to report test suite name. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-06 10:53:43 +08:00
Jerry Yu	50d07bdeec	Add test-suite parameter to filter tests Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-06 10:49:01 +08:00
Gilles Peskine	ce78200fb5	Pacify mypy Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-04 16:07:26 +01:00
Gilles Peskine	3b9facd8ac	Also complain if licenses are mentioned Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-04 16:07:26 +01:00

1 2 3 4 5 ...

28210 commits