yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
23615 commits 89 branches 205 tags 114 MiB
Commit graph

8231 commits

Author SHA1 Message Date
Gilles Peskine b52b788e55
Merge pull request #6895 from yuhaoth/pr/add-aes-with-armv8-crypto-extension 
Add AES with armv8 crypto extension
 2023-02-28 18:16:37 +01:00
Gilles Peskine e4616830b3
Merge pull request #7137 from lpy4105/issue/1785/ssl-test-script-fail 
compat.sh: Skip static ECDH cases if unsupported in openssl
 2023-02-28 18:11:39 +01:00
Dave Rodgman 17152df58d
Merge pull request #7175 from paul-elliott-arm/interruptible_sign_hash_test_comments 
Interruptible sign hash test comments
 2023-02-28 17:09:43 +00:00
Gilles Peskine ebb63420cc
Merge pull request #7124 from oberon-microsystems/fix-test-output-length-on-success-only 
Fix test to check output length on PSA_SUCCESS only
 2023-02-28 18:09:33 +01:00
Dave Rodgman ffb4dc38c8
Merge pull request #7183 from paul-elliott-arm/interruptible_sign_hash_test_max_ops_0 
Interruptible {sign|verify} hash : Change max_ops=min tests to use a value of zero.
 2023-02-28 15:56:01 +00:00
Paul Elliott ac2251dad1
Merge pull request #7076 from mprse/parse_RFC822_name 
Add parsing of x509 RFC822 name + test
 2023-02-27 14:16:13 +00:00
Paul Elliott cd7e8bce03 Change max_ops=min tests to use zero 
Zero is the minimum value defined by the spec, just because the internal
implementation treats zero and one as the same thing does not mean that other
implementations will also do so.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-27 12:21:36 +00:00
Stephan Koch 5819d2c141 Feedback from Arm: guarantee that output_length <= output_size even on error, to reduce the risk that a missing error check 
escalates into a buffer overflow in the application code

Signed-off-by: Stephan Koch <koch@oberon.ch>
 2023-02-27 11:49:13 +01:00
oberon-sk 10c0f770ce asymmetric_encrypt: check output length only if return code is PSA_SUCCESS. 
Signed-off-by: Stephan Koch <koch@oberon.ch>
 2023-02-27 11:48:51 +01:00
Paul Elliott c2033502f5 Give edge case tests a better name 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-26 18:47:58 +00:00
Paul Elliott c7f6882995 Add comments to each test case to show intent 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-26 18:47:58 +00:00
Pengyu Lv 9e7bb2a92c Update some comments 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-02-23 16:03:56 +08:00
Janos Follath 406b9172ad
Merge pull request #7044 from minosgalanakis/bignum/6342_add_named_moduli_setup 
Bignum: Add named moduli setup
 2023-02-22 12:14:33 +00:00
Pengyu Lv 07d5085fcf Skip ECDH ciphersuites for O->m pair 
The mechanism of detecting unsupported ciphersuites
for OpenSSL client doesn't work on a modern OpenSSL.
At least, it fails on Travis CI which is installed
with OpenSSL 1.1.1f. So we need to skip ECDH cipher-
suites for O->m.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-02-22 12:18:48 +08:00
Pengyu Lv a64c277588 compat.sh: Skip all *ECDH_* ciphersuites 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-02-22 10:19:40 +08:00
Gilles Peskine ffb92b0789
Merge pull request #7105 from davidhorstmann-arm/fix-oid-printing-bug 
Fix bugs in OID to string conversion
 2023-02-21 23:16:44 +01:00
Paul Elliott 48c591cb56 Fix warning with GCC 12 
Fix warning about variable being used uninitialised.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-21 16:31:56 +00:00
Gilles Peskine 250a5ac4cb
Merge pull request #7095 from paul-elliott-arm/interruptible_sign_hash_codestyle 
Implement PSA interruptible sign/verify hash
 2023-02-21 15:13:34 +01:00
Przemek Stekiel a006f8c17b Adapt dependencies for parsing rfc822Name test 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-02-21 13:36:56 +01:00
Dave Rodgman e42cedf256
Merge pull request #7077 from daverodgman/pkcs7-fixes-dm-rebased 
Pkcs7 fixes
 2023-02-21 11:53:30 +00:00
Pengyu Lv 5e780df3e3 Only use standard cipher name 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-02-21 14:19:27 +08:00
David Horstmann a4fad2ba67 Correct error code in test_suite_x509parse.data 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-02-20 14:57:47 +00:00
Dave Rodgman 716163e824 Improve allocation bounds in testing 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-20 14:46:51 +00:00
David Horstmann 5b5a0b618c Change error codes to more appropriate codes 
The more precise error codes are borrowed from the ASN1 module.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-02-20 14:24:12 +00:00
Przemek Stekiel 5b9e4168cf Add rfc822Name support in mbedtls_x509_info_subject_alt_name + adapt test 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-02-20 15:09:50 +01:00
Przemek Stekiel 608e3efc47 Add test for parsing SAN: rfc822Name 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-02-20 15:09:50 +01:00
Minos Galanakis a30afe2216 ecp_curves: Minor refactoring. 
This patch introduces the following changes:
* Documentation for `mbedtls_ecp_modulus_setup()`
  moved to `ecp_invasive.h`.
* Added invalid modulus selector `MBEDTLS_ECP_MOD_NONE`.
* Adjusted negative tests to use invalid selectors.
* Reworded documentation.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-02-20 13:53:06 +00:00
Minos Galanakis 36f7c0e69b test_suite_ecp: Added .data for ecp_setup_test() 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-02-20 13:51:49 +00:00
Minos Galanakis 9a1d02d738 test_suite_ecp: Added test for mbedtls_ecp_modulus_setup() 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-02-20 13:51:48 +00:00
Janos Follath ec718afb41
Merge pull request #7051 from gabor-mezei-arm/6376_Secp521r1_fast_reduction 
Add a raw entry point to Secp521r1 fast reduction
 2023-02-20 13:03:12 +00:00
Manuel Pégourié-Gonnard 718eb4f190
Merge pull request #7025 from AndrzejKurek/uri_san 
Add the uniformResourceIdentifier subtype for the subjectAltName
 2023-02-20 11:29:59 +01:00
Pengyu Lv 1c0e4c013a compat.sh: skip static ECDH cases if unsupported in openssl 
This commit add support to detect if openssl used for testing
supports static ECDH key exchange. Skip the ciphersutes if
openssl doesn't support them.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-02-20 18:05:21 +08:00
Paul Elliott f8e5b56ad8 Fix get_num_ops internal code. 
Previously calling get_num_ops more than once would have ended up with ops
getting double counted, and not calling inbetween completes would have ended up
with ops getting missed. Fix this by moving this to where the work is actually
done, and add tests for double calls to get_num_ops().

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-19 18:55:10 +00:00
Dave Rodgman d652dce9ea Add failing test case (invalid signature) for zero-length data 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-16 16:39:34 +00:00
Dave Rodgman c5874db5b0 Add test-case for signature over zero-length data 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-16 16:14:46 +00:00
Paul Elliott 0af1b5367b Remove some abbrevations from test descriptions. 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-16 12:15:39 +00:00
Paul Elliott 96b89b208a Add comment to indicate non-PSA spec assertion. 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-16 12:15:39 +00:00
Paul Elliott f1743e2440 Add verify call to max ops tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-16 12:15:39 +00:00
Paul Elliott c86d45e8a1 Remove spurious incorrect comment 
Comment originated from original version of this code, and the newer comment
which was added when it was pulled into a seperate function covers all cases.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott efebad0d67 Run extra complete in failure tests regardless. 
We do not need to expect to fail, running another complete in either sign or
verify after successful completion should also return BAD_STATE.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott 01885fa5e5 Fix include guards on auxiliary test function. 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott a4cb909fcd Add max ops tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott 76d671ad73 Split state tests into two functions 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott b830b35fb1 Shorten test descriptions. 
Also mark some tests as being deterministic ECDSA where this was lacking.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott 1243f93cca Fix build fails with non ECDSA / restartable builds 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott 6f60037589 Move {min|max}_complete choice logic into function 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott c9774411d4 Ensure that operation is put into error state if error occurs 
If an error occurs, calling any function on the same operation should return
PSA_ERROR_BAD_STATE, and we were not honouring that for all errors. Add extra
failure tests to try and ratify this.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott f9c91a7fb5 Store the hash, rather than the pointer 
For sign and verify, the pointer passed in to the hash is not guaranteed to
remain valid inbetween calls, thus we need to store the hash in the
operation. Added a test to ensure this is the case.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott 0e9d6bd3f8 Replace MBEDTLS_ECP_DP_SECP384R1_ENABLED 
With more appropriate PSA_WANT_ECC_SECP_R1_384

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott 813f9cdcbb Non ECDSA algorithms should return not supported 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00