cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-02 18:14:07 -04:00
Code Issues Packages Projects Releases Wiki Activity
30,314 Commits 7 Branches 115 Tags
Commit Graph

30314 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Manuel Pégourié-Gonnard
49f64b4cac Fix dependency on low-level hash modules 
None of the TLS code is calling low-level hash functions directly. So
the correct dependencies here are MD_CAN.

(I checked and this was the only occurrence.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-02-08 12:44:21 +01:00
Manuel Pégourié-Gonnard
7eb3f9a523 Simplify and fix dependency of MD_C on a hash 
Simplify: let's take advantage of the MD_CAN macros instead of doing it
again ourselves.

Fix: SHA-3 was forgotten.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-02-08 12:44:21 +01:00
Manuel Pégourié-Gonnard
68608b2317 Remove redundant helper macros in check_config.h 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-02-08 12:44:19 +01:00
Ronald Cron
90abb224f7 ssl-opt.sh: Establish TLS 1.3 then TLS 1.2 session 
Add a test where first we establish a
TLS 1.3 session, then a TLS 1.2 one
with the same server.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-08 12:12:58 +01:00
Tom Cosgrove
1dbfc8ad3c
Merge pull request #8790 from paul-elliott-arm/fix_ctr_drbg_comment 
Fix confusing comment in ctr drbg thread test
 2024-02-08 11:11:50 +00:00
Ronald Cron
587cfe65ca ssl-opt.sh: Establish TLS 1.2 then TLS 1.3 connection 
Add a test where first we establish a
TLS 1.2 session, then a TLS 1.3 one
with the same server.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-08 12:09:42 +01:00
Ronald Cron
195c0bc24e tls: Reset TLS maximum negotiable version 
When reseting an SSL context with
mbedtls_ssl_session_reset() reset
the TLS maximum negotiable version
as configured.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-08 11:54:55 +01:00
Antonio de Angelis
058c9a34ec build_info should look for MBEDTLS_PSA_CRYPTO_CLIENT as well 
Similarly to check_config.h, also build_info.h should consider
MBEDTLS_PSA_CRYPTO_CLIENT as the define which signals that PSA
Crypto APIs feature are being required in the build (possibly
due to the client/service architecture). It is automatically
enabled if CRYPTO_C is enabled, but only at config_adjust_legacy_crypto.h
which happens after the inclusion of the config_psa.h is needed

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
 2024-02-08 10:40:32 +00:00
Gilles Peskine
a3172d1e96 Inline the SHA3 parameters table into a switch 
This saves a few bytes of code size.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-08 10:47:08 +01:00
Manuel Pégourié-Gonnard
b7307630bb
Merge pull request #8703 from valeriosetti/issue7765-guards-in-asn1 
Conversion function between raw and DER ECDSA signatures (guards in ASN1)
 2024-02-08 08:45:30 +00:00
Manuel Pégourié-Gonnard
7bf1e98f44
Merge pull request #8740 from valeriosetti/issue8647 
Move RSA basic key parsing/writing to rsa.c
 2024-02-08 08:35:42 +00:00
Tom Cosgrove
c8de362202
Merge pull request #8665 from ivq/reduce_static_mem 
Reduce many unnecessary static memory consumption
 2024-02-07 23:26:27 +00:00
Ryan Everett
eb8c665a53 Reformat wrapper generation code 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
5d2e82f0ce Guard memcpy so that it won't fail on null input pointer 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
b41c3c9582 Guard the exit to stop unused label warning 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
0f54727bf4 Restructure wrapper script 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
198a4d98d5 Generate test wrappers for key derivation 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
da9227de7c Fix psa_key_derivation_output_bytes 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
f943e22bb9 Protect key_derivation_output_bytes 
If the alloc fails I belive it is okay to preserve the algorithm.
The alloc cannot fail with BAD_STATE, and this setting is only used
to differentiate between a exhausted and blank.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
d1e398c374 Protect psa_key_derivation_input_bytes 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
David Horstmann
2f387e98a0
Merge pull request #1174 from davidhorstmann-arm/cipher-multipart-test-fix 
Fix a multipart test that overwrites the same buffer twice
 2024-02-07 17:18:48 +00:00
Antonio de Angelis
3c19b237d1 Fix trailing parenthesis 
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
 2024-02-07 17:10:14 +00:00
Valerio Setti
1910390b4a psa_util: improve leading zeros check in convert_der_to_raw_single_int() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-07 16:16:58 +01:00
Paul Elliott
bda577bb0b Fix confusing comment in ctr drbg thread test 
Make it clearer where the magic number chosen for entropy_len actually
comes from, and why we chose this value.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-02-07 15:13:46 +00:00
Dave Rodgman
9b272ac1c6
Merge pull request #8794 from daverodgman/pr-guidelines 
Remind contributors not to force-push
 2024-02-07 15:08:42 +00:00
Valerio Setti
ef07fa0fc3 test_suite_psa_crypto_util: add more test for raw->der 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-07 15:16:45 +01:00
Valerio Setti
affba30833 psa_util: update documentation for mbedtls_ecdsa_raw_to_der() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-07 15:03:33 +01:00
Manuel Pégourié-Gonnard
b02c0be06a
Merge pull request #8791 from gilles-peskine-arm/psa-legacy-bridges-ecdsa-bits-first 
Update ECDSA signature conversion specification
 2024-02-07 13:43:29 +00:00
Ryan Everett
a8082c43d5 Add MBEDTLS_CIPHER_C dependencies to new pkparse tests 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 13:31:19 +00:00
Antonio de Angelis
7889fe7917 Make check_config aware of MBEDTLS_PSA_CRYPTO_CLIENT 
When check_config needs to evaluate the availability of a feature
through a PSA API, it should look for MBEDTLS_PSA_CRYPTO_CLIENT
instead of MBEDTLS_PSA_CRYPTO_C, to be able to cover the case
where the API is provided through a client/service interface.

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
 2024-02-07 13:01:36 +00:00
Matthias Schulz
0767fdadbf Enhance GCM throughput using larger precalculated tables. Also refactored the code for shorter tables and moved the check for available accelerators to the context initialization code. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2024-02-07 13:17:50 +01:00
Paul Elliott
292b1dc1e1
Merge pull request #8789 from paul-elliott-arm/fix_tsan_gcc 
Stop platform test failures with GCC and TSAN
 2024-02-07 11:32:39 +00:00
Dave Rodgman
2a6593bbb6 Slightly soften force-push suggestion 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-07 11:05:47 +00:00
Dave Rodgman
c1a4d1f09a Remove comments about rebasing vs merging; link to longer RTD document 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-07 11:04:14 +00:00
Dave Rodgman
2840523ae4 Remind contributors not to force-push 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-07 10:42:41 +00:00
Gilles Peskine
3f557ad59c Wording improvement 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-07 11:22:16 +01:00
Manuel Pégourié-Gonnard
1d7bc1ecdf
Merge pull request #8717 from valeriosetti/issue8030 
PSA FFDH: feature macros for parameters
 2024-02-07 10:06:03 +00:00
Dave Rodgman
57a0957938
Merge pull request #8788 from daverodgman/old-gcc-alignment-bug 
Change unaligned access method for old gcc
 2024-02-07 09:31:45 +00:00
Ronald Cron
b3d42fddae tests: write early data: Add HRR scenario 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron
05600e26f4 tests: write early data: Add "server rejects" scenario 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron
8fe2b01b52 tests: write early data: Add "not sent" scenario 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron
2fbbba9c51 tests: ssl: Add write early data unit test 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Xiaokang Qian
30bb7ce9a2 Add test case for early data writing 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron
a5561893e7 ssl_client2: Add support for early data writing 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron
2fe0ec8c31 ssl_client2: Add buffer overflow check 
Add buffer overflow check to build_http_request().

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron
ccfaefa361 ssl_client2: Switch from int to size_t 
Switch from int to size_t for some
data lengths and counter local
variables.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron
4e1bd470fb ssl_client2: Move code to build http request 
Move code to build http request into a
dedicated function.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron
54a3829453 ssl_client2: Simplify early_data option 
No need to define specific early data,
the idea is rather to just send the
usual request data as early data
instead of standard application data.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Xiaokang Qian
b62732e1d6 tls13: cli: Add mbedtls_ssl_write_early_data() API 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Valerio Setti
447bbce8b4 rsa: remove unnecessary check in priv/pub key parsing 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-07 08:02:03 +01:00