cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-01 01:16:36 -04:00
Code Issues Packages Projects Releases Wiki Activity
29,693 Commits 7 Branches 115 Tags
Commit Graph

29693 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
35cb319832 depends.py: set unique configuration names in outcome file 
Set unique configuration names in the outcome file. This was lost in the
rewrite from depends-*.pl to depends.py.

Fix #7290

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 17:32:44 +01:00
Gilles Peskine
157679c0d5 mbedtls_pk_import_into_psa: positive tests with pkparse output 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 17:32:44 +01:00
Gilles Peskine
10e9c412c0 mbedtls_pk_import_into_psa: negative tests for different ECC curve 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 17:32:44 +01:00
Gilles Peskine
fc3d866ad2 mbedtls_pk_import_into_psa: implement and test 
Implement mbedtls_pk_import_into_psa for all PK types except RSA_ALT.
This covers importing a key pair, importing a public key and importing
the public part of a key pair.

Test mbedtls_pk_import_into_psa() with the output of
mbedtls_pk_get_psa_attributes(). Also unit-test mbedtls_pk_import_into_psa()
on its own to get extra coverage, mostly for negative cases.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 17:32:44 +01:00
Gilles Peskine
fdb809ef86 exercise_key: fix asymmetric encrypt/decrypt with >2028-bit RSA 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 17:31:03 +01:00
Gilles Peskine
4781bd9773 exercise_key: allow SIGN_MESSAGE/VERIFY_MESSAGE with PSA_ALG_ANY_HASH 
There was already code to instantiate the wildcard for sign/verify-hash.
Make that work with sign/verify-message as well.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 17:30:27 +01:00
Gilles Peskine
069cec1737 Also check the RSA length for public keys 
Do for public keys what
"Fix mbedtls_pk_get_bitlen() for RSA with non-byte-aligned sizes"
did for key pairs.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 16:59:17 +01:00
Gilles Peskine
59d09486dc Cosmetic fix 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 16:58:39 +01:00
Ryan Everett
91ce792253 Fix return code error when locking mutex 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-12 12:17:28 +00:00
Gilles Peskine
34a074af37 Add missing dependency on PEM 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 11:24:10 +01:00
Gilles Peskine
92fb604139 Fix mbedtls_pk_get_bitlen() for RSA with non-byte-aligned sizes 
Add non-regression tests. Update some test functions to not assume that
byte_length == bit_length / 8.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 11:24:08 +01:00
Gilles Peskine
19f1adfc69 New function mbedtls_rsa_get_bitlen() 
Document, implement and test mbedtls_rsa_get_bitlen().

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 11:23:05 +01:00
Ryan Everett
e02b63ac89
Merge branch 'Mbed-TLS:development' into threadsafe-key-locking 2024-02-12 10:04:07 +00:00
Janos Follath
f741db3d6e
Merge pull request #8764 from Ryan-Everett-arm/threadsafe-key-wiping 
Make key destruction thread safe
 2024-02-12 09:37:59 +00:00
PiotrBzdrega
f6a9cfa5d2 adjust indentation 
Signed-off-by: PiotrBzdrega <piotrbzdrega@yandex.com>
 2024-02-11 09:41:56 +01:00
PiotrBzdrega
2b20ff62fc move entropy init prior arguments number recognition 
Signed-off-by: PiotrBzdrega <piotrbzdrega@yandex.com>
 2024-02-11 02:15:03 +01:00
Manuel Pégourié-Gonnard
c3d17cde46
Merge pull request #8702 from minosgalanakis/update/dhm_context_in_programs_5015 
[MBEDTLS_PRIVATE] Update dhm context in programs
 2024-02-10 08:47:51 +00:00
Manuel Pégourié-Gonnard
2e2af414d0
Merge pull request #7604 from zvolin/feature/pkcs5-aes 
Add AES encrypted keys support for PKCS5 PBES2
 2024-02-10 08:46:18 +00:00
Paul Elliott
53ddf420c8
Merge pull request #8689 from paul-elliott-arm/make_tests_thread_safe 
Make test data thread safe
 2024-02-09 19:43:09 +00:00
Gilles Peskine
05ee3fbdc0 mbedtls_pk_import_into_psa: documentation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-09 19:31:04 +01:00
Gilles Peskine
48b87ebde3 Choose a curve for tests at compile time 
This makes it possible to use the curve in test data.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-09 19:31:04 +01:00
Valerio Setti
4ade8ee5b9 test_suite_pem: more tests for ASN.1 parsing after decoding 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-09 17:44:07 +01:00
Matthias Schulz
a6ac0f1330 Replaced MBEDTLS_GCM_LARGETABLE by MBEDTLS_GCM_LARGE_TABLE. Removed empty comment line in doc block. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2024-02-09 17:11:54 +01:00
Paul Elliott
5d2bcc63cd Fix typo / improve documentation for test step fns 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-02-09 14:41:24 +00:00
Paul Elliott
54ad01efed Merge remote-tracking branch 'upstream/development' into make_tests_thread_safe 2024-02-09 14:33:58 +00:00
Ryan Everett
9dc076b4f4 Fix issue with lock failures returning CORRUPTION_DETECTED 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-09 14:20:09 +00:00
Ryan Everett
7fee4f7318 Fix mutex unlock error handling in psa_destroy_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-09 14:11:27 +00:00
Ryan Everett
67f3568895 Reduce analyze_block_cipher_dispatch exceptions 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-09 13:02:23 +00:00
Matthias Schulz
10902c5640
Use NULL for pointer initialization 
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Matthias Schulz <140500342+mschulz-at-hilscher@users.noreply.github.com>
 2024-02-09 11:14:50 +01:00
Matthias Schulz
cdf9894e60
Ajdusted change log. 
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Matthias Schulz <140500342+mschulz-at-hilscher@users.noreply.github.com>
 2024-02-09 11:11:38 +01:00
Ronald Cron
a93e25e749 tls12: Fix documentation of TLS 1.2 session serialized data 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-09 10:01:30 +01:00
Ronald Cron
7b0ac0b980 Add change log for mbedtls_ssl_session_get_ticket_creation_time() 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-09 09:50:18 +01:00
Ronald Cron
c7fa82ee33 tests: ssl: Improve test parameter sanity check 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-09 09:33:09 +01:00
Ronald Cron
7fdee8b710 ssl_session: Reorder some fields to reduce padding 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-09 09:26:12 +01:00
Valerio Setti
010d23f9af test_suite_[pkparse|x509parse]: fix return values of some PEM related error tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-09 06:42:18 +01:00
Valerio Setti
2653e92a57 pem: fix valid data length returned by mbedtls_pem_read_buffer() 
ctx->buflen now returns the amount of valid data in ctx->buf.
Unencrypted buffers were already ok, but encrypted ones were
used to return the length of the encrypted buffer, not the
unencrypted one.
This commit fix this behavior for encrypted buffers.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-09 06:42:18 +01:00
Valerio Setti
b1f6d2ad6f asn1: enable mbedtls_asn1_get_tag() when PEM_PARSE_C is defined 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-09 06:42:18 +01:00
Valerio Setti
9de84bd677 rsa: reject buffers with data outside main SEQUENCE when parsing keys 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-09 06:42:18 +01:00
Manuel Pégourié-Gonnard
ac60afc2d2 Remove useless overly strong dependency 
ECJPAKE_C only needs MD_LIGHT and it allready auto-enables it in
config_adjust_legacy_crypto.h, so nothing to check here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-02-08 23:46:55 +01:00
Matthias Schulz
4a9610bffe Remove comments referencing private defines. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2024-02-08 18:39:17 +01:00
Matthias Schulz
0e690d3c0b Add changelog. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2024-02-08 18:37:20 +01:00
Matthias Schulz
f3116341e2
spelling 
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Matthias Schulz <140500342+mschulz-at-hilscher@users.noreply.github.com>
 2024-02-08 18:35:36 +01:00
Ryan Everett
75e65fe24b Reformat AES encryption test data in pkcs5 tests 
The added comma is needed so that these tests match the regex exceptions
in analyze_outcomes.py.
Moved the Encryption tests so that they are separate to decryption.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-08 15:44:43 +00:00
Ryan Everett
afb2eee263 Add PKCS5/12 exceptions to analyze_block_cipher_dispatch 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-08 14:31:54 +00:00
Ryan Everett
791fc2e24c Merge remote-tracking branch 'upstream/development' into pkcs5_aes_new 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-08 14:26:29 +00:00
Matthias Schulz
782667883a Fix: 
- Remove unnecessary tests.
- Update description of MBEDTLS_GCM_LARGETABLE parameter.
- Move acceleration defines from gcm.h to gcm.c.
- Remove unnecessary zero setting after shift.
- Fix implementation for big-endian architectures.

Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2024-02-08 13:59:15 +01:00
Janos Follath
7a28738205
Merge pull request #8636 from paul-elliott-arm/new_test_thread_interface 
New test thread interface
 2024-02-08 12:35:40 +00:00
Manuel Pégourié-Gonnard
a6184b2cc8 Remove redundant check 
We're already making sure of that in
include/mbedtls/config_adjust_psa_superset_legacy.h - no need to
double-check here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-02-08 12:55:53 +01:00
Manuel Pégourié-Gonnard
1463e49a3c Move config adjustment to config_adjust 
After this change, check_config.h does not have any #defined except:
- the standard header double-inclusion guard
- short-lived helpers that are #undef-ed in the same paragraph

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-02-08 12:55:52 +01:00
Manuel Pégourié-Gonnard
e1f3faf5bf Remove temporary macros that are not needed 
Those were only used for KEY_EXCHANGE_ECJPAKE, but had a much larger
scope than needed. We actually don't need those macros if we distinguish
between cases when expressing dependencies for this key exchange.

The remaining helper macros are all short lived.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-02-08 12:55:51 +01:00