cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-07 22:27:01 -04:00
Code Issues Packages Projects Releases Wiki Activity
17,902 Commits 7 Branches 115 Tags
Commit Graph

17902 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Waleed Elmelegy
7aeb6e7610 Add changelog entry for new mbedtls_pkcs5_pbe2_ext function 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-04 17:52:15 +01:00
Waleed Elmelegy
7d8f95b4e2 Improve mbedtls_pkcs5_pbes2_ext function signature comments 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-04 17:50:53 +01:00
Waleed Elmelegy
d4e57c3623 Fix unused parameters warnings when MBEDTLS_CIPHER_PADDING_PKCS7 is disabled 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-04 17:50:18 +01:00
Waleed Elmelegy
23ae41626c Fix heap overflow issue in pkcs5_pbes2 testing functions 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-04 17:47:09 +01:00
Waleed Elmelegy
b66cb65410 Add new mbedtls_pkcs5_pbe2_ext function 
Add new mbedtls_pkcs5_pbe2_ext function to replace old
function with possible security issues.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-04 17:46:26 +01:00
Janos Follath
226f9eab48
Merge pull request #1048 from waleed-elmelegy-arm/improve-and-test-legacy-pkcs5-pbe2 
Backport 2.28: Improve & test legacy mbedtls_pkcs5_pbe2
 2023-08-09 09:43:05 +01:00
Waleed Elmelegy
a55ffe5f37 Remove test helper functions not backported 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-08 17:07:04 +01:00
Waleed Elmelegy
3229cf9507 Replace MBEDTLS_MD_CAN_SHA1 config with old MBEDTLS_SHA1_C config 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-08 16:58:16 +01:00
Waleed Elmelegy
01b6df76db Improve mbedtls_pkcs5_pbes2 function signature comments 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-08 15:37:28 +01:00
Waleed Elmelegy
a230735d2f Fix CI errors related pkcs5_pbe changes 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-08 15:36:49 +01:00
Waleed Elmelegy
412629c815 Improve & test legacy mbedtls_pkcs5_pbe2 
* Prevent pkcs5_pbe2 encryption when PKCS7 padding has been
  disabled since this not part of the specs.
* Allow decryption when PKCS7 padding is disabled for legacy
  reasons, However, invalid padding is not checked.
* Add tests to check these scenarios. Test data has been
  reused but with changing padding data in last block to
  check for valid/invalid padding.
* Document new behaviour, known limitations and possible
  security concerns.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-08 15:36:05 +01:00
Gilles Peskine
27d8c21a87
Merge pull request #1039 from Mbed-TLS/mbedtls-2.28 
Merge mbedtls-2.28 into mbedtls-2.28-restricted
 2023-07-21 15:39:20 +02:00
Dave Rodgman
45b93ec621
Merge pull request #1037 from daverodgman/cmac-blocksize-2.28 2023-07-13 19:32:58 +01:00
Dave Rodgman
a3e4e229ef Change value of MBEDTLS_CIPHER_BLKSIZE_MAX if ARIA or Camellia present 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-13 15:41:04 +01:00
Gilles Peskine
4e73afe6ed
Merge pull request #7907 from gowthamsk-arm/fix_ecp_group_compare 
tests/test_suite_ecp: Fix ECP group compare test
 2023-07-13 12:43:10 +02:00
Gowtham Suresh Kumar
21f2b7a64b tests/test_suite_ecp: Fix ECP group compare test 
ECP group compare function should not check the value of T. We only need
to assert the value of T after the ECP group copy function is called.

Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
 2023-07-12 13:59:18 +01:00
Gilles Peskine
76a54ff1a8
Merge pull request #7901 from tgonzalezorlandoarm/tg/7879-backport 
Backport 2.28: tests/test_suite_pem: Augment DES test cases with AES: PEM
 2023-07-10 18:27:55 +02:00
Dave Rodgman
814a14a994
Merge pull request #7897 from tgonzalezorlandoarm/7136-backport 
Backport 2.28: Record the outcome of each test case in compat.sh
 2023-07-10 12:08:41 +01:00
Tomás González
991c49f812 tests/test_suite_pem: Augment DES test cases with AES: PEM 
A few negative test cases in test_suite_pem.data rely on DES
(“invalid iv”, “malformed”). DES is deprecated.
Construct similar test cases using AES.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
 2023-07-10 11:38:30 +01:00
Yanray Wang
5659981cf8 ssl-opt.sh: support to parse --outcome-file 
Adjust where to set absolute path for MBEDTLS_TEST_OUTCOME_FILE
as it's supposed to set its absolute path after all possible
value assignment.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-07-10 09:38:24 +01:00
Dave Rodgman
b18d45f042
Merge pull request #7483 from gilles-peskine-arm/mbedtls_x509_crt_parse_path-qemu-bug-2.28 
Backport 2.28: More mbedtls_x509_crt_parse_path() tests, and note qemu-user bug when 32-bit code run on 64-bit host
 2023-07-07 19:15:46 +01:00
Paul Elliott
dc1244d135
Merge pull request #6974 from davidhorstmann-arm/2.28-cmake-pass-through-config-defines 
[Backport 2.28] Pass `MBEDTLS_CONFIG_FILE` defines through cmake
 2023-07-07 17:01:24 +01:00
Tom Cosgrove
f788a45d47
Merge pull request #7213 from sergio-nsk/patch-5 
mbedtls-2.28: Fix error: comparison of integers of different signs: 'SOCKET' and 'int'
 2023-07-07 16:46:03 +01:00
Dave Rodgman
f8f4c6053a
Merge branch 'mbedtls-2.28' into mbedtls_x509_crt_parse_path-qemu-bug-2.28 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-07 15:15:47 +01:00
Yanray Wang
31d5046f32 test-framework.md: document compat.sh 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-07-07 12:25:19 +01:00
Yanray Wang
44ba969acb compat.sh: add support to record outcome of test cases 
If the environment variable MBEDTLS_TEST_OUTCOME_FILE is set,
the test outcome file records each test case in a single line
with the format of

 PLATFORM;CONFIGURATION;compat;TEST CASE DESCRIPTION;RESULT;[CAUSE]

- CONFIGURATION comes from MBEDTLS_TEST_CONFIGURATION to record
  configuration of each test case
- PLATFORM is either set by users or calculated from test
  platform
- RESULT is one of PASS, FAIL or SKIP. If test case fails,
  srv_out/cli_out follows as FAILURE CAUSE.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-07-07 12:23:08 +01:00
Dave Rodgman
e992af6fba
Merge pull request #7585 from gilles-peskine-arm/fuzz-file-open-fail-2.28 
Backport 2.28: Fuzz programs: print an error if loading the reproducer fails
 2023-07-07 11:51:50 +01:00
Yanray Wang
0f386b7372 compat.sh: call record_fail if test case fails 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-07-07 11:34:54 +01:00
David Horstmann
63b06a8889 Add ChangeLog entry for CMake config defines 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-07-07 11:29:23 +01:00
Dave Rodgman
b8e6b66644
Merge pull request #7868 from gilles-peskine-arm/readme-python3.6 
Backport 2.28: officially require Python 3.6
 2023-07-07 09:58:22 +01:00
David Horstmann
58dda6713c Use emptiness-checks rather than DEFINED checks 
For the MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE variables,
check that they are non-empty and defined. This means they can be
unconditionally created in the cache, simplifying the CMakeLists.txt

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-07-05 18:12:09 +01:00
David Horstmann
6762231e4b Use CONFIG_H variable rather than config file name 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-07-05 14:35:25 +01:00
David Horstmann
175afbdfe8 all.sh component to test cmake custom config file 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-07-05 14:35:25 +01:00
David Horstmann
1a30cf70cc Pass config file options to mbedtls_test(_helpers) 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-07-05 14:35:08 +01:00
David Horstmann
e31e287109 Pass MBEDTLS_CONFIG_FILE defines through cmake 
When -DMBEDTLS_CONFIG_FILE or -DMBEDTLS_USER_CONFIG_FILE are passed to
cmake, pass them through as compile definitions. This allows different
mbedtls configs to be passed at configure time without modifying any
cmake files.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-07-05 14:33:11 +01:00
Dave Rodgman
09f198da19
Merge pull request #7876 from gilles-peskine-arm/code-style-since-2.28 
Backport 2.28: code_style.py --since
 2023-07-05 10:55:53 +01:00
Gilles Peskine
7b780491f0 Handle deleted files correctly 
Don't attempt to run on a file that isn't present now.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-07-04 15:47:02 +02:00
Gilles Peskine
8ceeba4f22 Add --since option to check files modified since a given commit 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-07-04 15:47:01 +02:00
Gilles Peskine
0f1053c13b Clean up subprocess invocation in get_src_files 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-07-04 15:46:59 +02:00
Gilles Peskine
1e1600f6e5 Specify the minimum minor version of Python 
Mbed TLS 2.28.0 was released on 2021-12-15. At the time, the oldest
officially supported Python version was 3.6 (which reached its end of life
on 2021-12-23). So promise backward compatibility with 3.6, but no earlier.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-07-03 18:07:57 +02:00
Dave Rodgman
08efc3d768
Merge pull request #7854 from daverodgman/fix-unused-aes-2.28 
Fix AES dependencies - build TF-M config cleanly - backport 2.28
 2023-07-03 16:48:39 +01:00
Dave Rodgman
a3fc295559
Merge pull request #7823 from SlugFiller/mbedtls-2.28 
Support compilation using CLang on Windows
 2023-07-03 09:52:03 +01:00
Tom Cosgrove
fbcb5d469b
Merge pull request #7850 from davidhorstmann-arm/2.28-fix-string-to-names-retcode 
[Backport 2.28] Fix false success return code in `mbedtls_x509_string_to_names()`
 2023-06-30 14:28:38 +01:00
Dave Rodgman
3fb807c064
Merge pull request #7761 from waleed-elmelegy-arm/crypt_and_hash-decrypt-fix_backport 
Backport 2.28: Fix crypt_and_hash decrypt issue when used with stream cipher
 2023-06-30 11:42:19 +01:00
Dave Rodgman
f72b8375d0 Fix order of endif comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 16:33:03 +01:00
Dave Rodgman
bf99828d7b Nicer formatting 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 12:14:41 +01:00
Dave Rodgman
173227d41e Test combinations of macros for aes.o 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 12:14:34 +01:00
Dave Rodgman
1d0033e1ac Improve #endif comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 12:13:26 +01:00
Dave Rodgman
1ce92e4887 Correct #endif comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 12:13:15 +01:00
Dave Rodgman
a4a337360d Correct comments on #endif's 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 12:13:08 +01:00