mbedtls

Author	SHA1	Message	Date
Tom Cosgrove	3a6059beca	Merge pull request #7455 from KloolK/record-size-limit/comply-with-limit Comply with the received Record Size Limit extension	2024-01-09 15:22:17 +00:00
Paul Elliott	053db696b3	Allow programs/fuzz to be linked against pthread Use the same mechanisms used to link other programs against pthread with make, i.e. include common.make, and remove common code from programs/ fuzz/Makefile Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-01-05 21:05:23 +00:00
Paul Elliott	4068c7e47c	Link programs with pthread via cmake All programs are now linked directly with all test code, thus adding a pthread abstraction into the test code means having to link the programs with pthread (if the library is found under cmake). Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-01-05 21:04:52 +00:00
Paul Elliott	17c119a5e3	Migrate to threading_helpers.h Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-01-05 21:04:52 +00:00
Paul Elliott	4580d4d829	Add accessor helpers for mbedtls_test_info Step one of being able to control access to mbedtls_test_info with a mutex. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-01-05 19:13:43 +00:00
Paul Elliott	3ca93e5d25	Merge pull request #8667 from gilles-peskine-arm/pthread-link-auto-make-followup Minor cleanups to common.make	2024-01-03 18:51:48 +00:00
Dave Rodgman	62a2e3c8db	Merge pull request #8512 from mschulz-at-hilscher/feature/timing-alt-compatible-benchmark Alternative Timing compatible benchmark.c	2024-01-03 11:46:58 +00:00
Gilles Peskine	0ae58dd985	Unify MBEDTLS_TEST_OBJS `$(MBEDTLS_TEST_OBJS)` included TLS-specific test support modules in `tests/Makefile` but not in `programs/Makefile`. This difference is not actually necessary. What is necessary is that all programs that use functions from TLS-specific test support modules are linked with those modules in addition to `-lmbedtls`, and programs that are not linked with `-lmbedtls` are not linked with TLS-specific test support modules. Since we always pass `-lmbedtls` when linking programs in `programs/Makefile`, we can link with the TLS-specific test support modules as well. This keeps things simpler. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-02 23:11:24 +01:00
Gilles Peskine	8939148339	Minor readability improvement Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-02 18:14:00 +01:00
Gilles Peskine	570e54822c	Finish unifying LOCAL_CFLAGS fixup "Create common.make with LOCAL_CFLAGS and friends" The code wasn't what I had intended, although it was functionally equivalent. Make it more readable and more robust. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-02 18:11:10 +01:00
Dave Rodgman	593e9cb600	Merge pull request #8511 from mschulz-at-hilscher/feature/rsa3072-benchmark Add benchmark for RSA 3072	2024-01-02 16:35:14 +00:00
Benson Liou	6d0a093582	use mbedtls_ssl_session_init() to init session variable Use mbedtls_ssl_session_init() to init variable just like session-family APIs described Signed-off-by: Benson Liou <benson.liou@sony.com>	2023-12-27 22:03:24 +08:00
Gilles Peskine	9552a52f5f	Declare dependency on bignum in sample programs Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-24 19:51:57 +01:00
Gilles Peskine	52cc2a6368	Use new mbedtls_ecp_keypair functions in sample programs This eliminates the use of MBEDTLS_PRIVATE in sample programs to access fields of an mbedtls_ecp_keypair structure. When displaying elliptic curve points, the program now display the coordinates in the standard form instead of the internal representation. The auxiliary function show_ecp_key is present in three programs. It's more complex than the previous code which was also triplicated. There's no good place for such auxiliary functions that don't belong in the library and are used in multiple sample programs. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-24 19:49:43 +01:00
Gilles Peskine	4392fc101f	Unify some common rules of programs/Makefile and tests/Makefile Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-22 11:49:35 +01:00
Gilles Peskine	076fd25480	Unify common variables of programs/Makefile and tests/Makefile Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-22 11:48:56 +01:00
Gilles Peskine	f3d1ae1f05	Create common.make with LOCAL_CFLAGS and friends Create a common.make for definitions that are shared between tests/Makefile and programs/Makefile, to facilitate maintenance. Start populating it with CFLAGS/LDFLAGS variables. More to follow in subsequent commits. Keep library/Makefile independent, at least for the time being. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-22 11:48:56 +01:00
Gilles Peskine	f5c5ce7789	Partly unify LOCAL_CFLAGS Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-22 11:48:56 +01:00
Gilles Peskine	4ad5733836	Unify treatment of MBEDTLS_TEST_OBJS Unify the treatment of MBEDTLS_TEST_OBJS between programs/Makefile and tests/Makefile: include it via LOCAL_LD_FLAGS in both cases. Document why the definition of MBEDTLS_TEST_OBJS is different. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-22 11:48:56 +01:00
Gilles Peskine	afccc1a6d5	Indent nested conditionals Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-22 11:48:52 +01:00
Paul Elliott	e4b3f75298	Remove unnecessary check Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-12-18 14:49:34 +00:00
Paul Elliott	79dc6dad81	Improve make pthread linking mechanism Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-12-18 14:49:34 +00:00
Paul Elliott	80fa88e2fa	Remove warning with GCC 12 and TSan Compiler is unhappy that the return from mbedtls_cipher_get_name() could be NULL as this is used in a printf statement. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-12-18 14:49:34 +00:00
Bence Szépkúti	a085fa8ccf	Merge pull request #8627 from tom-cosgrove-arm/ip_len Avoid use of `ip_len` as it clashes with a macro in AIX system headers	2023-12-18 02:03:17 +00:00
Gilles Peskine	a211bb7f01	Merge pull request #8596 from xkqian/tls13_early_data_input_file Change early data flag to input file	2023-12-11 21:14:57 +00:00
Xiaokang Qian	a9581d2d5f	Fix CI failure of uninitialized fp Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-11 01:50:34 +00:00
Tom Cosgrove	656d4b3c74	Avoid use of `ip_len` as it clashes with a macro in AIX system headers Fixes #8624 Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-12-08 21:51:15 +00:00
Xiaokang Qian	aedfc0932b	Revert to `ae952174a7` and addressing some comments Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-08 10:43:24 +00:00
David Horstmann	64cd2f21ed	Fix potential double-free in calloc selftest Where calloc returns two references to the same buffer, avoid calling free() on both references by setting one to NULL. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-12-07 14:26:44 +00:00
Ronald Cron	90d07118ad	Merge pull request #6721 from yuhaoth/pr/tls13-early-data-extension-of-nst TLS 1.3: EarlyData SRV: Write `early_data` extension of NewSessionTicket	2023-12-07 09:25:35 +00:00
Xiaokang Qian	963468035d	Add the test framework of early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-07 09:19:43 +00:00
Xiaokang Qian	daddfb520d	Open the file once read in the file path Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-07 08:14:30 +00:00
Xiaokang Qian	35c026c09e	Read early data file Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-07 06:10:34 +00:00
Xiaokang Qian	2a8035b495	Add read early data code Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-07 03:54:40 +00:00
Xiaokang Qian	57db590586	Rework to revert the early_data enabled flag We have two options for early data. early_data to indicate early data enable or not. early_data_file to provide path file to read early data from Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-07 03:29:22 +00:00
Jan Bruckner	f482dcc6c7	Comply with the received Record Size Limit extension Fixes #7010 Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-12-06 15:18:08 +00:00
Manuel Pégourié-Gonnard	d9c69d12ac	Merge pull request #8513 from mschulz-at-hilscher/feature/explicitly-accessing-private-fields-in-benchmark Explicitly accessing private fields in benchmark	2023-12-06 11:06:32 +00:00
Xiaokang Qian	ae952174a7	Enable early data depend on whether the early data file exist Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-06 10:27:27 +00:00
Jerry Yu	750e06743f	remove misbehavior tests and code Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:22:15 +08:00
Jerry Yu	ea96ac3da9	fix various issues - get ticket_flags with function. - improve output message and check it. - improve `ssl_server2` help message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:37 +08:00
Jerry Yu	3c2b21ed0e	Enable multi max_early_data_size value for connections For test purpose, we set different value for each session Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:14:56 +08:00
Xiaokang Qian	611c717c02	Sync the early_data option with internal parameters in ssl_client2 Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-06 09:24:58 +00:00
Xiaokang Qian	f8fe11d14d	Remove the generic file read functions and simply the early data read Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-06 07:40:50 +00:00
Xiaokang Qian	eaebedb30b	Refine the detect code to enable early data or not Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-06 02:55:16 +00:00
Xiaokang Qian	b1db72923e	Rename the generic read functions to ssl_read_file_text Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-06 02:33:38 +00:00
Xiaokang Qian	6c678d7543	Improve the comments of early data input Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-06 02:20:51 +00:00
Xiaokang Qian	70fbdcf904	Change early data flag to input file Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-12-05 05:50:08 +00:00
Janos Follath	c6f1637f8c	Merge pull request #8534 from paul-elliott-arm/fix_mutex_abstraction Make mutex abstraction and tests thread safe	2023-11-29 13:26:23 +00:00
Tom Cosgrove	12d8b8eaba	Merge pull request #8539 from tom-daubney-arm/add_test_script_psa_hash Add Demo Script for PSA Hash Program	2023-11-27 12:13:18 +00:00
Paul Elliott	f25d831123	Ensure mutex test mutex gets free'd Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-11-23 18:49:43 +00:00
Dave Rodgman	8cd4bc4ac2	Merge pull request #8124 from yanrayw/support_cipher_encrypt_only Support the negative option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT	2023-11-23 17:43:00 +00:00
Paul Elliott	2e3f6902ed	Merge pull request #8549 from gilles-peskine-arm/metatest-gcc-12 Fix metatest.c with gcc-12 -Wuse-after-free	2023-11-23 11:09:41 +00:00
Yanray Wang	690ee81533	Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only	2023-11-23 10:31:26 +08:00
Gilles Peskine	7a715c4537	Fix the build with gcc-12 -Wuse-after-free Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-21 13:42:40 +01:00
Jerry Yu	713ce1f889	various improvement - improve change log entry - improve comments - remove unnecessary statement - change type of client_age Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:59:25 +08:00
Jerry Yu	cf9135100e	fix various issues - fix CI failure due to wrong usage of ticket_lifetime - Improve document and comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:19 +08:00
Jerry Yu	25ba4d40ef	rename `ticket_creation` to `ticket_creation_time` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:19 +08:00
Jerry Yu	3ff0b1fda3	Cleanup ticket negative tests. - improve comments - case 3/4 is for server age check. - case 5/6 is for client age check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:18 +08:00
Jerry Yu	ec6d07870d	Replace `start` with `ticket_creation` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:18 +08:00
Jerry Yu	f16efbc78d	fix various issues - Add comments for ticket test hooks - improve code style. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:18 +08:00
Jerry Yu	cebffc3446	change time unit of ticket to milliseconds Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:18 +08:00
Gilles Peskine	6267dd59c8	Merge pull request #8463 from gilles-peskine-arm/metatest-create Create a metatest program	2023-11-20 14:07:08 +00:00
Thomas Daubney	dd2a09a22b	Introduce demo script for PSA hash program Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2023-11-16 18:45:55 +00:00
Matthias Schulz	70595f7983	Explicitly indicating when private fields are accessed in benchmark.c. Signed-off-by: Matthias Schulz <mschulz@hilscher.com>	2023-11-16 17:43:58 +01:00
Matthias Schulz	3b9240bbd0	Alternative Timing compatible benchmark.c Signed-off-by: Matthias Schulz <mschulz@hilscher.com>	2023-11-16 17:39:43 +01:00
Matthias Schulz	aa7dffa24a	Add benchmark for RSA 3072. Signed-off-by: Matthias Schulz <mschulz@hilscher.com>	2023-11-16 15:31:32 +01:00
Gilles Peskine	2f40cc05f0	Improve explanations of what bad thing a metatest does Especially clarify the situation with respect to mutex usage. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-16 15:13:38 +01:00
Gilles Peskine	ad2a17eb60	Uniformly use MBEDTLS_THREADING_C guards Since the code compiles with MBEDTLS_THREADING_C, not just with MBEDTLS_THREADING_PTHREAD, use MBEDTLS_THREADING_C as the guard. The runtime behavior is only as desired under certain conditions that imply MBEDTLS_THREADING_PTHREAD, but that's fine: no metatest is expected to pass in all scenarios, only under specific build- and run-time conditions. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-16 15:09:48 +01:00
Manuel Pégourié-Gonnard	752dd39a69	Merge pull request #8508 from valeriosetti/issue6323 [G3] Driver-only cipher+aead: TLS: ssl-opt.sh	2023-11-14 11:39:06 +00:00
Gilles Peskine	cce0012463	Add documentation Explain the goals of metatests, how to write them, and how to read their output. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-10 15:36:15 +01:00
Gilles Peskine	ccb121500d	Uninitialized read: make the pointer non-volatile rather than the buffer Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-10 11:35:36 +01:00
Gilles Peskine	da6e7a2ac2	More consistent usage of volatile Fix MSVC warning C4090. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-10 10:09:27 +01:00
Valerio Setti	38e75fb1a7	ssl_server2: remove usage of mbedtls_cipher_info_from_string() This removes the dependency from cipher module and legacy key/modes symbols which are used in cipher_wrap. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-11-10 08:27:39 +01:00
Gilles Peskine	d2fa698155	Strengthen against possible compiler optimizations Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-09 21:46:24 +01:00
Yanray Wang	0751761b49	max_early_data_size: rename configuration function Rename mbedtls_ssl_tls13_conf_max_early_data_size as mbedtls_ssl_conf_max_early_data_size since in the future this may not be specific to TLS 1.3. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-07 11:49:34 +08:00
Yanray Wang	d5ed36ff24	early data: rename configuration function Rename mbedtls_ssl_tls13_conf_early_data as mbedtls_ssl_conf_early_data since in the future this may not be specific to TLS 1.3. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-07 11:49:24 +08:00
Gilles Peskine	a1023e2bd6	programs/test/metatest indirectly includes library/common.h Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	4bc873f0a1	Add missing program to .gitignore Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	102aea2ba8	Add metatests for mutex usage Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	f0d5cf9a0c	Don't use %llx in printf We still do MinGW builds on our CI whose printf doesn't support it! Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	a1dfa14c06	Fix cast from pointer to integer of different size Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	ee8109541a	Don't cast a function pointer to a data pointer That's nonstandard. Instead, convert to an integer. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	6aa9f32124	Use casts when doing nonstandard pointer conversions Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	69e8db0366	Strengthen against Clang optimizations Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	b0f0a64de0	Metatests for basic Asan and Msan features Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:19 +01:00
Gilles Peskine	80ba832be6	Metatests for null pointer dereference Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:09 +01:00
Gilles Peskine	f309fbf0d5	Validate that test_fail causes a test failure Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:09 +01:00
Gilles Peskine	33406b645d	Add a metatest program This program can be used to validate that things that should be detected as test failures are indeed caught, either by setting the test result to MBEDTLS_TEST_RESULT_FAILED or by aborting the program. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-11-06 20:33:09 +01:00
Yanray Wang	f24bbd987a	dh_client.c: modify prompt message Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-06 10:02:10 +08:00
Gilles Peskine	8b6b41f6cd	Merge pull request #8434 from valeriosetti/issue8407 [G2] Make TLS work without Cipher	2023-11-04 15:05:00 +00:00
Dave Rodgman	f8be5f6ade	Fix overlooked files Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-02 20:43:00 +00:00
Dave Rodgman	16799db69a	update headers Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-02 19:47:20 +00:00
Valerio Setti	74d48c89fa	ssl_server2: small improvement of code readability Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-11-02 16:43:55 +01:00
Yanray Wang	b67b47425e	Rename MBEDTLS_CIPHER_ENCRYPT_ONLY as MBEDTLS_BLOCK_CIPHER_NO_DECRYPT Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-10-31 17:22:06 +08:00
Paul Elliott	afc6a992c5	Merge pull request #8381 from gilles-peskine-arm/20231017-misc-cleanup Cleanups in test code	2023-10-30 18:08:01 +00:00
Valerio Setti	dc55470341	ssl_context_info: add guards for CIPHER_C mbedtls_cipher_info_from_type() is only available when CIPHER_C is defined. So when it is not we just print the cipher type decimal value on the output instead of the cipher's name. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-10-30 11:36:32 +01:00
Valerio Setti	bdf04e840a	ssl_server2: support ticket_aead only when CIPHER_C is defined Cipher parsing requires mbedtls_cipher_info_from_string() which depends on CIPHER_C. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-10-30 11:36:32 +01:00
Gilles Peskine	5d055f8206	Merge pull request #7844 from mpg/ssl-progs-usage Fix usage & error reporting in SSL programs	2023-10-26 08:19:25 +00:00
Gilles Peskine	0ea1b8fe8c	Merge pull request #7982 from gilles-peskine-arm/sample_program_demo_scripts-3.4 Run sample program demo scripts in all.sh	2023-10-18 10:03:52 +00:00
Gilles Peskine	62418dd20b	Merge pull request #8350 from waleed-elmelegy-arm/fix-null-dereference-in-x509-cert-write Fix possible NULL dereference issue in X509 cert_write program	2023-10-18 10:03:36 +00:00

1 2 3 4 5 ...

2690 commits