yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
22325 commits 89 branches 205 tags 114 MiB
Commit graph

7705 commits

Author SHA1 Message Date
Dave Rodgman bf9b23abf8
Merge pull request #6648 from gilles-peskine-arm/psa-ecb-null-0 
Fix NULL+0 undefined behavior in PSA crypto ECB
 2022-11-25 17:07:46 +00:00
Bence Szépkúti 6e85673e8d
Merge pull request #3431 from naynajain/development-pkcs7 
PKCS7 Parser - RFC 2315
 2022-11-25 15:55:46 +01:00
Janos Follath 505a228b7b
Merge pull request #6606 from gabor-mezei-arm/6222_bignum_low_level_subtraction 
Bignum: Add low level subtraction
 2022-11-25 13:27:23 +00:00
Dave Rodgman f1419dbbe8
Merge pull request #6381 from tom-cosgrove-arm/pr2164 
mbedtls: fix possible false success in mbedtls_cipher_check_tag()
 2022-11-25 10:55:10 +00:00
Bence Szépkúti ae79fb2c2e Merge branch 'development' into pr3431 2022-11-25 03:12:43 +01:00
Gilles Peskine 4bdb9fbfa2 Enable all ciphers in OpenSSL >=1.1.0 
OpenSSL may be configured to support features such as cipher suites or
protocol versions that are disabled by default. Enable them all: we're
testing, we don't care about enabling insecure stuff. This is not needed
with the builds of OpenSSL that we're currently using on the Jenkins CI, but
it's needed with more recent versions such as typically found on developer
machines, and with future CI additions.

The syntax to do that was only introduced in OpenSSL 1.1.0; fortunately we
don't need to do anything special with earlier versions.

With OpenSSL 1.1.1f on Ubuntu 20.04, this allows SHA-1 in certificates,
which is still needed for a few test cases in ssl-opt.sh. Curiously, this is
also needed for the cipher suite TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 (and
no other, including other DHE-PSK or ARIA cipher suites).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-24 22:41:55 +01:00
Gabor Mezei cbcbf4e434
Remove hand-written tests got raw_mod_sub 
The generated tests cover all off the hand-written tests.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-11-24 11:48:59 +01:00
Gabor Mezei b3b3466657
Test subtraction if the parameters are aliased to each other 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-11-23 14:44:14 +01:00
Gabor Mezei 4d3f3c5430
Fix the checking of the used limbs 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-11-23 14:44:14 +01:00
Gabor Mezei 68a45e0aaf
Fix potential not initialized warning 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-11-23 14:44:14 +01:00
Gabor Mezei c426d9b6cc
Add generated test for low level subtraction with modulus 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-11-23 14:44:13 +01:00
Gabor Mezei cefe03a10c
Add tests for low level subtraction with modulus 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-11-23 14:44:13 +01:00
Janos Follath 531a871b88
Merge pull request #6235 from tom-cosgrove-arm/issue-6231-core-sub-int 
Bignum: extract core_sub_int from the prototype
 2022-11-23 13:32:02 +00:00
Gilles Peskine 42649d9270 Fix NULL+0 undefined behavior in ECB encryption and decryption 
psa_cipher_encrypt() and psa_cipher_decrypt() sometimes add a zero offset to
a null pointer when the cipher does not use an IV. This is undefined
behavior, although it works as naively expected on most platforms. This
can cause a crash with modern Clang+ASan (depending on compiler optimizations).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-23 14:16:52 +01:00
Manuel Pégourié-Gonnard ef25a99f20
Merge pull request #6533 from valeriosetti/issue5847 
Use PSA EC-JPAKE in TLS (1.2) - Part 2
 2022-11-23 13:27:30 +01:00
Ronald Cron 1d1d53622f
Merge pull request #6490 from xkqian/tls13_parse_early_data_indication_ee 
The internal CI merge job ran successfully.
 2022-11-23 12:31:25 +01:00
Ronald Cron cb0e680779
Merge pull request #6476 from yuhaoth/pr/fix-tls13-mbedtls_ssl_is_handshake_over 
TLS 1.3: Fix tls13 mbedtls ssl is handshake over
 2022-11-23 12:12:02 +01:00
Ronald Cron d8603a7b44
Merge pull request #6638 from ronald-cron-arm/tls13-misc 
TLS 1.3: Adjustments for the coming release
 2022-11-23 09:07:36 +01:00
Tom Cosgrove d66d5b2fef Add unit tests for mbedtls_mpi_core_sub_int(), MPI A - scalar b 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-11-22 15:07:31 +00:00
Bence Szépkúti a17d038ee1 Merge branch 'development' into pr3431 2022-11-22 15:54:52 +01:00
Janos Follath 0fc88779ec
Merge pull request #6632 from yanesca/refactor_bignum_test_framework 
Refactor bignum test framework
 2022-11-22 14:53:58 +00:00
Gilles Peskine a08103aa94
Merge pull request #6611 from gilles-peskine-arm/run-test-suites-out-of-tree 
Fix run-test-suites.pl in out-of-tree builds
 2022-11-22 15:01:13 +01:00
Gilles Peskine 4f19d86e3f
Merge pull request #6608 from mprse/ecjpake_password_fix 
Make a copy of the password key in operation object while setting j-pake password
 2022-11-22 14:52:12 +01:00
Xiaokang Qian 8bee89994d Add parse function for early data in encrypted extentions 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-22 09:40:07 +00:00
Ronald Cron c2e110f445 tls13: Disable MBEDTLS_SSL_EARLY_DATA by default 
Eventually we want it to be enabled by default
when TLS 1.3 is enabled but currently the
feature is on development thus it should not be
enabled by default.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-11-22 09:01:46 +01:00
Gilles Peskine 339406daf9
Merge pull request #6609 from gilles-peskine-arm/mpi_sint-min-ub 
Fix undefined behavior in bignum: NULL+0 and -most-negative-sint
 2022-11-21 19:51:58 +01:00
Gilles Peskine 8b85b4835e
Merge pull request #6617 from tom-cosgrove-arm/call-mbedtls_mpi_mod_modulus_init-first-final-2 
Must call mbedtls_mpi_mod_modulus_init() before anything else in tests
 2022-11-21 19:50:20 +01:00
Przemek Stekiel f82effa982 Optimize pake test code 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-21 15:10:32 +01:00
Przemek Stekiel cd356c3cdb Add ec-jpake test to verify if key can be destroyed after set_password_key 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-21 12:25:21 +01:00
Dave Rodgman 9e1836cc16
Merge pull request #6593 from Mbed-TLS/fix_tls12_sent_sigalgs 
Fix TLS1.2 signature algorithms list entry getting overwritten by length.
 2022-11-21 10:09:57 +00:00
Janos Follath f45797652f Bignum tests: set unique combinations off by default 
Normally we need all the combinations, unique combinations make sense
only if the operation is commutative.

No changes to generated tests.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-11-21 08:56:14 +00:00
Janos Follath 351e6885f5 Make pylint happy 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-11-21 08:56:14 +00:00
Janos Follath 87df373e0e Bignum test: Move identical function to superclass 
No intended change in generated test cases.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-11-21 08:56:13 +00:00
Janos Follath 0cd8967ba1 Split test generator base class 
The class BaseTarget served two purposes:
- track test cases and target files for generation
- provide an abstract base class for individual test groups

Splitting these allows decoupling these two and to have further common
superclasses across targets.

No intended change in generated test cases.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-11-21 08:56:13 +00:00
Jerry Yu dddd35ccf3 remvoe unrelative change 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-20 12:31:45 +08:00
Jerry Yu a8d3c5048f Rename new session ticket name for TLS 1.3 
NewSessionTicket is different with TLS 1.2.
It should not share same state.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:35 +08:00
Jerry Yu c5826eaba2 Add debug message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:35 +08:00
Jerry Yu 6969eee5d2 Remove Terminated message on 22.04 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:34 +08:00
Xiaokang Qian 4e83173bb7 Skip early data basic check temp 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-18 10:57:46 +00:00
Manuel Pégourié-Gonnard ba7c006222
Merge pull request #6466 from mprse/driver-only-hash-ci 
Driver-only hashes: test coverage in the CI
 2022-11-18 09:31:13 +01:00
Paul Elliott f6e342cae2 Add test for single signature alg with openssl 
Test supplied by Gilles Peskine. Also rename previous test to fit to
naming pattern.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-11-17 14:58:14 +00:00
Paul Elliott 3b4cedaa71 Add SSL_SRV requirement to test 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-11-17 14:58:14 +00:00
Andrzej Kurek ec71b0937f Introduce a test for single signature algorithm correctness 
The value of the first sent signature algorithm is overwritten.
This test forces only a single algorithm to be sent and then
validates that the client received such algorithm.
04 03 is the expected value for SECP256R1_SHA256.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-11-17 14:58:14 +00:00
Ronald Cron d12922a69a
Merge pull request #6486 from xkqian/tls13_add_early_data_indication 
The merge job of the internal CI ran successfully. This is good to go.
 2022-11-17 12:48:50 +01:00
Przemek Stekiel 85c54ea361 Allow providing space sepatated tasks 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-17 11:50:23 +01:00
Xiaokang Qian e9622ac4ba Remove the fore_tls13 option case from client side 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-17 09:23:32 +00:00
Tom Cosgrove 8c0eb9744c Must call mbedtls_mpi_mod_modulus_init() before anything else in tests 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-11-17 08:48:12 +00:00
Przemek Stekiel 542d932352 Fix handling of default value for task argument 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-17 09:43:34 +01:00
Przemek Stekiel 7c7954842b Adapt ec-jpake_setup test 
Now when operation holds pointer to dynamically allocated buffer for password key we can't do copy of the operation object in test instead we need to re-initialize operation object after error.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-16 16:27:55 +01:00
Przemek Stekiel 6419ab5299 Reduce number of skipped suites (after making configs more similar) 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-16 14:56:49 +01:00