yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
24179 commits 89 branches 205 tags 114 MiB
Commit graph

24179 commits

This branch
This branch
All branches
Author SHA1 Message Date
Xiaokang Qian c96d2de569 Update corrupted char for pkcs7 corrupt signer info cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-03-07 10:35:47 +00:00
Przemek Stekiel 57580f2539 Use proper enum types for pake state/sequence/step 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-07 10:50:09 +01:00
Przemek Stekiel 4aa99403f4 Fix configuration for accelerated jpake 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-07 10:50:09 +01:00
Przemek Stekiel 4dc83d40af Add check for pake operation buffer overflow 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-07 10:50:00 +01:00
Xiaokang Qian d2988adb31 Add rsa dependencies for pkcs7 corrupt signer info cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-03-07 08:38:58 +00:00
Xiaokang Qian 9c703d80ca Add fuzz bad cases for signer info 1 and 2 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-03-07 08:38:58 +00:00
Xiaokang Qian 8993a14567 Add unexpected tag cases for signer info 1 and 2 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-03-07 08:38:58 +00:00
Xiaokang Qian e8c696ffd1 Add invalid size test case for signer info[2](The third one) 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-03-07 08:38:58 +00:00
Xiaokang Qian 72b4bcac03 Add invalid size test case for signer info 1(the second one) 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-03-07 08:38:55 +00:00
Manuel Pégourié-Gonnard a5ffa93e43
Merge pull request #7142 from mpg/driver-only-ecdh-starter 
Driver-only ECDH starter
 2023-03-07 09:14:38 +01:00
Pengyu Lv 7b6299b49b ssl_cache: Add an interface to remove cache entry by session id 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-03-07 15:00:22 +08:00
Paul Elliott 8c092052bd Add public key verification tests 
Add public key verification tests, and alter test intent comments to make it
obvious that verify_hash_interruptible can do public keys as well as private
and keypairs.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-03-06 17:49:14 +00:00
Przemek Stekiel e3ef3a15cd Further pake code optimizations 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-06 17:24:32 +01:00
Gabor Mezei a2ef6a8e38
The is_valid() function is needed to not filter out test cases 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-03-06 16:57:25 +01:00
Gabor Mezei 61ef3603eb
Correct the maximum canonical value in tests 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-03-06 16:32:16 +01:00
Gabor Mezei 97803abd2a
Update comment 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-03-06 16:32:16 +01:00
Gabor Mezei d034b3d0d2
Code style: have two empty lines before and after class definitions 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-03-06 16:32:15 +01:00
Gabor Mezei 5e33e6f5d4
Remove unnecessary function override 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-03-06 16:32:12 +01:00
Manuel Pégourié-Gonnard 86393db84d Revert local experiment. 
This was never meant to be committed here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-06 16:19:05 +01:00
Janos Follath 9ec195c984 Threat Model: reorganise threat definitions 
Simplify organisation by placing threat definitions in their respective
sections.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-03-06 14:54:59 +00:00
Valerio Setti 23e50b9042 ssl-opt: remove redundant ECDSA dependencies in TLS1.3 tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-06 14:48:39 +01:00
Manuel Pégourié-Gonnard 07d92620d4 Fix some message strings and comments in all.sh 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-06 13:38:55 +01:00
Manuel Pégourié-Gonnard 0d1f5be688 Add comment about shared config function 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-06 13:35:21 +01:00
Manuel Pégourié-Gonnard 947cee18a1 Fix memory leak. 
The function reset_checksum() can be called more than once with the same
handshake context (this happens with DTLS clients, and perhaps in other
cases as well). When that happens, we need to free the old MD contexts
before setting them up again.

Note: the PSA path was already doing the right thing by calling abort,
we just needed to do the same on the MD path.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-06 11:59:59 +01:00
Valerio Setti 5d8d1a7f60 analyze_outcomes: print all output on stderr 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-06 11:08:17 +01:00
Manuel Pégourié-Gonnard 228a30d16c
Merge pull request #7120 from mpg/md-light 
Define "MD light" subset of MD
 2023-03-06 11:02:19 +01:00
Dave Rodgman 4693fd9e9e
Merge pull request #7173 from daverodgman/zeroize-platform 
Use platform-provided secure zeroization
 2023-03-06 09:16:12 +00:00
Przemek Stekiel 6cb59c55c3 ip_string_to_bytes: remove status, add info about supported ip version 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-06 10:13:20 +01:00
Dave Rodgman b0d96a23a9 Remove not-needed EABI exclusion 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-03 17:06:09 +00:00
Stephan Koch 6eb73113b1 Fix codestyle with uncrustify. 
Signed-off-by: Stephan Koch <koch@oberon.ch>
 2023-03-03 17:48:40 +01:00
Janos Follath 144dd7d2fa Threat Model: Miscellaneous clarifications 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-03-03 14:56:38 +00:00
Dave Rodgman 45cef61fa4
Merge branch 'development' into md-light 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-03 14:28:13 +00:00
Janos Follath 24792d0a33
Threat Model: Improve wording 
Signed-off-by: Janos Follath <janos.follath@arm.com>

Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-03 14:16:12 +00:00
Dave Rodgman 1f39a62ce6
Merge pull request #7151 from gilles-peskine-arm/psa-headers-alt 
Allow alternative names for overridable PSA headers
 2023-03-03 12:37:51 +00:00
Przemek Stekiel 57207711d8 Add MBEDTLS_ASN1_CHK_CLEANUP_ADD macro to be able to release memory on failure 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-03 12:58:29 +01:00
Przemek Stekiel 5a49d3cce3 Replace mbedtls_x509_san_node with mbedtls_x509_subject_alternative_name 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-03 12:58:11 +01:00
Przemek Stekiel 3a92593d1e Adapt cert_req app to support SAN IP 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-03 12:58:11 +01:00
Przemek Stekiel f40de93b1a Remove redundant variable 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-03 12:58:10 +01:00
Przemek Stekiel 8e83d3aaa9 Add tests for writting SAN to CSR 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-03 12:58:05 +01:00
Dave Rodgman e11c1ceac9
Merge pull request #7200 from paul-elliott-arm/interruptible_sign_hash_fail_tests 
Enable all keys for interruptible op fail tests
 2023-03-03 11:51:57 +00:00
Andrzej Kurek 270b3f9790 Rename error_pair_t to mbedtls_error_pair_t 
Required by our coding standards.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-03 05:54:13 -05:00
Andrzej Kurek daf5b56b02 Translate to MD errors in ssl-tls.c 
With the introduction of #7047, ssl_tls.c uses 
mbedtls_md_error_from_psa. This complicates
the dependencies for compiling in psa_to_md_errors,
since now these should be ifdeffed also by
MBEDTLS_USE_PSA_CRYPTO followed by a series of or'ed
MBEDTLS_HAS_ALG_SHA_XXX_VIA_MD_OR_PSA_BASED_ON_USE_PSA.
Since this mechanism will be removed soon, we can simplify it to
just MBEDTLS_USE_PSA_CRYPTO.

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-03 05:52:28 -05:00
Andrzej Kurek 747ab4ea5e Introduce error_pair_t to psa utils 
This way error handling can be written in a cleaner way.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-03 05:23:45 -05:00
Andrzej Kurek 138b30ac62 Add missing const qualifiers 
Also improve documentation
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-03 05:23:45 -05:00
Andrzej Kurek ba24138e0f Duplicate error logic in pk_wrap deprecated functions 
GCC 4.6+ complains if a deprecated function calls another.
Working around this universally would require a lot of
preprocessing, this seems to be an easier solution.
Copy mbedtls_pk_error_from_psa code without duplicates
instead of calling the function.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-03 05:23:45 -05:00
Andrzej Kurek 8a045ce5e6 Unify PSA to Mbed TLS error translation 
Move all error translation utilities to psa_util.c.
Introduce macros and functions to avoid having
a local copy of the error translating function in
each place.
Identify overlapping errors and introduce a
generic function.
Provide a single macro for all error translations
(unless one file needs a couple of different ones).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-03 05:23:44 -05:00
Dave Rodgman 05b80a4eee
Merge pull request #6201 from gilles-peskine-arm/tls13_only-renegotiation 
Disable MBEDTLS_SSL_RENEGOTIATION in TLS-1.3-only builds
 2023-03-03 09:56:51 +00:00
Dave Rodgman e965c3c4bd
Merge pull request #7197 from daverodgman/armclang-sha-warning 
Enable -Werror in all.sh for armclang
 2023-03-03 09:01:41 +00:00
Valerio Setti 194e2bdb6a fix typos 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-02 17:18:10 +01:00
Paul Elliott ddbc6ed6cd Enable all keys for interruptible op fail tests 
Due to a misunderstanding about the purpose of the test, I had limited this to
ECC keys only, however this defeats the purpose of the test, and left gaps in
test coverage.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-03-02 16:03:43 +00:00