yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
23531 commits 1 branch 0 tags 94 MiB
Commit graph

23531 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dave Rodgman
ab1f3c153a
Merge pull request #7081 from tom-cosgrove-arm/dont-use-lstrlenW 2023-02-10 20:50:07 +00:00
Dave Rodgman
54647737f6 Add checks to selftest 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-10 16:16:17 +00:00
Dave Rodgman
4a5c9ee7f2 Remove redundant SIZE_MAX guards 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-10 16:03:44 +00:00
Dave Rodgman
37296a413a Document SIZE_MAX requirement in README.md 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-10 15:39:22 +00:00
Valerio Setti
78f79d323d ecp: add documentation for compressed points limitations 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-10 16:32:58 +01:00
Valerio Setti
25fd51f4af test: add missing include in test_suite_x509parse 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-10 15:21:40 +01:00
Gilles Peskine
928593f732
Merge pull request #7041 from gilles-peskine-arm/pk_ext-pss_options-public 
Make the fields of mbedtls_pk_rsassa_pss_options public
 2023-02-10 15:08:06 +01:00
Gilles Peskine
3196ceb2fb
Merge pull request #7052 from yanrayw/7008-compatsh-disable-VERIFY-for-PSK 
compat.sh: remove VERIFY and duplicate test cases for PSK
 2023-02-10 15:07:27 +01:00
Gilles Peskine
b009559c8f
Merge pull request #7049 from KloolK/typos 
Fix typos
 2023-02-10 15:07:07 +01:00
Gilles Peskine
b8531c4b0b
Merge pull request #6882 from AndrzejKurek/x509_san_parsing_testing-dev 
X.509: Fix bug in SAN parsing and enhance negative testing
 2023-02-10 15:05:32 +01:00
Gilles Peskine
91af0f9c0e Minor clarifications 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-02-10 14:31:36 +01:00
Gilles Peskine
ff674d4c6f Typos 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-02-10 14:31:17 +01:00
Dave Rodgman
f691268ee9 Add missing initialisers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-10 12:56:10 +00:00
Demi Marie Obenour
35598adb78 pkcs7: Check that hash algs are in digestAlgorithms 
Since only a single hash algorithm is currenlty supported, this avoids
having to perform hashing more than once.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
 2023-02-10 12:56:10 +00:00
Demi Marie Obenour
6cfc469296 pkcs7: reject signatures with internal data 
A CMS signature can have internal data, but mbedTLS does not support
verifying such signatures.  Reject them during parsing.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-10 12:56:10 +00:00
Demi Marie Obenour
e373a254c4 pkcs7: do not store content type OIDs 
They will always be constant.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
 2023-02-10 12:56:10 +00:00
Demi Marie Obenour
55d9df25ef Simple cleanup 
No change in behavior.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
 2023-02-10 12:56:10 +00:00
Demi Marie Obenour
4ec8355795 Check for junk after SignedData 
There must not be any.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
 2023-02-10 12:56:10 +00:00
Demi Marie Obenour
aaf3c0028d pkcs7: do not store content type OID 
Since only one content type (signed data) is supported, storing the
content type just wastes memory.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
 2023-02-10 12:56:10 +00:00
Demi Marie Obenour
512818b1d2 pkcs7: check that content lengths fill whole buffer 
Otherwise invalid data could be accepted.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-10 12:56:10 +00:00
Dave Rodgman
a22749e749
Merge pull request #6816 from nick-child-ibm/pkcs7_coverage 
Pkcs7 coverage
 2023-02-10 12:55:29 +00:00
Tom Cosgrove
b96c309395 Don't use lstrlenW() on Windows 
The lstrlenW() function isn't available to UWP apps, and isn't necessary, since
when given -1, WideCharToMultiByte() will process the terminating null character
itself (and the length returned by the function includes this character).

Resolves #2994

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-02-10 12:52:13 +00:00
Ronald Cron
834e65d47f
Merge pull request #6499 from xkqian/tls13_write_end_of_early_data 
Tls13 write end of early data
 2023-02-10 11:08:22 +01:00
Manuel Pégourié-Gonnard
cf1c16af6e
Merge pull request #6925 from gilles-peskine-arm/coding-style-doc 
Switch to the new coding style: documentation
 2023-02-10 10:05:27 +01:00
Pengyu Lv
b10cf0dd39 adjust help message 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-02-10 11:06:36 +08:00
Pengyu Lv
a4e1eece3d print skipped file names to stdout 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-02-10 10:55:29 +08:00
Dave Rodgman
78c6f40736
Fix code-style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-09 09:21:14 +00:00
Manuel Pégourié-Gonnard
2189fda914 Use TEST_EQUAL in one more place in test_suite_md 
The only remaining occurrences of TEST_ASSERT are now pointer comparison,
to NULL or to a reference md_info. That is, the output of the following
command is empty:

    grep TEST_ASSERT tests/suites/test_suite_md.function |
        egrep -v '= NULL|== md_info|md_info =='

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-02-09 09:18:22 +01:00
Manuel Pégourié-Gonnard
a9a1b21ca9 Use ASSERT_COMPARE in test_suite_md 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-02-09 09:15:50 +01:00
Dave Rodgman
4f70b3cdb4
Fix pylint warning 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-08 16:40:40 +00:00
Nick Child
14f255f332 pkcs7: Remove unnecessary dependencies 
stdio, stdlib and string header files are not
used. Remove them.

Signed-off-by: Nick Child <nick.child@ibm.com>
 2023-02-08 15:38:48 +00:00
Nick Child
c7c94df715 pkcs7/test: Format generate test script 
Adhere to syntax and format recommendations
from check-python-files.py

Signed-off-by: Nick Child <nick.child@ibm.com>
 2023-02-08 15:38:48 +00:00
Valerio Setti
00a6c6fcbe test: fix for using proper sign/verify macros 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-08 13:52:31 +01:00
Valerio Setti
40df83509b all.sh: fix comment for test_psa_crypto_config_accel_ecdsa_use_psa 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-08 13:52:31 +01:00
Valerio Setti
ce0caa3384 oid: fix comment in #endif 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-08 13:52:31 +01:00
Valerio Setti
fcc6933a53 test: fix disparities in x509parse and x509write suites 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-08 13:52:31 +01:00
Valerio Setti
b9dc2513c1 test: add SHA1 to the supported algs in accelerated ECDSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-08 13:52:31 +01:00
Valerio Setti
f972ce8d69 oid: replace ECDSA_C with new macros for ECDSA capabilities 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-08 13:52:31 +01:00
Valerio Setti
c8801b7ef1 test: x509: remove disparities in driver only testing for ECDSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-08 13:52:31 +01:00
Manuel Pégourié-Gonnard
9cb1aa21c4
Merge pull request #6970 from valeriosetti/issue6857 
driver-only ECDSA: get testing parity in PK
 2023-02-08 13:33:15 +01:00
Gilles Peskine
199ee456b1 Summarize how to improve MBEDTLS_PSA_CRYPTO_CLIENT 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-02-08 12:35:19 +01:00
Gilles Peskine
58e935fc6b add a missing 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-02-08 12:07:12 +01:00
Xiaokang Qian
0de0d863b6 Rebase code to restore reco-delay and fix some style issues 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-02-08 07:41:42 +00:00
Yanray Wang
303829709d compat.sh: simplify code of iterating on VERIFY for PSK tests 
Since PSK cipher suites do not allow client certificate verification,
PSK test cases should be executed under VERIFY=NO. SUB_VERIFIES is
used to constrain verification option for PSK tests.

With aforementioned change, the latter check of
$VERIFY=YES && $TYPE!=PSK is redundant so it's removed.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-02-08 14:58:35 +08:00
Xiaokang Qian
8dc4ce76c7 Fix various coding style and comment issues 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-02-08 05:47:48 +00:00
Xiaokang Qian
6b980011e5 Replace session_negotiate->ciphersuite with handshake->ciphersuite_info->id 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-02-08 05:47:48 +00:00
Xiaokang Qian
53c4c27d35 Update the comment of ciphersuite check for early data 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-02-08 05:47:48 +00:00
Xiaokang Qian
64bc9bc33d Add comments to describe the early data behavior-encrypt/rejected... 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-02-08 05:47:48 +00:00
Xiaokang Qian
e04afdc44f Refine the condition of whether re-generate early keys 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-02-08 05:47:48 +00:00
Xiaokang Qian
eb31cbc791 Share the hash check code between ticket and external psk 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-02-08 05:47:48 +00:00