eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
28026 commits 89 branches 205 tags 107 MiB
Commit graph

28026 commits

This branch
This branch
All branches
Author SHA1 Message Date
David Horstmann
d02b5f8f56 Separate directory discernment into 2 functions 
Have separate in_mbedtls_repo() and in_psa_crypto_repo() functions

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 09:55:56 +01:00
David Horstmann
2fde99962d Improve directory coverage in PSA repo detection 
Check for the 'drivers' and 'programs' directories additionally to the
ones that are already there.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 09:50:16 +01:00
Dave Rodgman
e97de40e7b Typo fix 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:47:35 +01:00
Dave Rodgman
6d5261e38f Fix typo in doxygen for mbedtls_ct_memcpy_offset 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman
b69239c604 Improve docs in mbedtls_mpi_lt_mpi_ct 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman
d44dd96132 Improve docs re duplicate declarations 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman
0cf9dd1056 Whitespace - tidy up asm and make it more consistent 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman
81673bba77 Add x86 const-time assembly 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman
664fea481c Add x86-64 const-time assembly 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Gilles Peskine
1783870681 compat.sh: add --preserve-logs option 
Similar to ssl-opt.sh.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-28 17:36:52 +02:00
Dave Rodgman
d395590597
Merge pull request #7579 from daverodgman/safer-ct-asm 
Arm assembly implementation of constant time primitives
 2023-08-28 08:26:29 +00:00
Jerry Yu
f65f71eef3 improve various issues 
- duplicate definition
- wrong comments
- redundant include statement

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-28 10:58:24 +08:00
Yanray Wang
044eb16379 pkwrite: zeroize buf containing info of private key 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-28 10:35:41 +08:00
Gilles Peskine
7be571ac85 Remove GNUTLS_LEGACY and OPENSSL_LEGACY 
They aren't used anywhere.

Keep the command line options of all.sh to avoid breaking any wrapper
scripts that people might have.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-27 21:51:54 +02:00
Gilles Peskine
e29203be88 Stop using "legacy" OpenSSL and GnuTLS 
None of the tests actually need GNUTLS_LEGACY (3.3.8): GNUTLS (3.4.10)
works.

None of the tests actually need OPENSSL_LEGACY (1.0.1j): OPENSSL (1.0.2g)
works.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-27 21:43:00 +02:00
Gilles Peskine
5f5e3886c5 Minor robustness improvement 
Let openssl use any experimental or obsolete cipher that's not in ALL.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-27 21:41:31 +02:00
Gilles Peskine
5cb8605d79 ssl-opt.sh doesn't actually use OPENSSL_LEGACY, so remove it 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-27 21:40:56 +02:00
Gilles Peskine
8ca2041145
Merge pull request #8074 from tgonzalezorlandoarm/tg/allowlist 
Implement allowlist of test cases that are legitimately not executed
 2023-08-24 18:03:20 +00:00
Gilles Peskine
2a296729d0
Merge pull request #8084 from AgathiyanB/remove-type-qualifier-in-assignment-casts 
Remove type qualifier in assignment casts
 2023-08-24 18:02:11 +00:00
David Horstmann
0ac57ca6c6 Rename is_psa_crypto -> in_psa_crypto_repo 
(For consistency with all.sh)

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:18 +01:00
David Horstmann
7f93d22ad9 Rename psa_crypto_lib_filename to just crypto_lib_filename 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:18 +01:00
David Horstmann
4dcddcfae2 Parameterize out of source build directory 
Use CMake to build the library out-of-source (rather than make)
in tests/scripts/test_psa_compliance.py and add a script argument for
the out-of-source build directory.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:18 +01:00
David Horstmann
76a7738537 Invert logic for repo detection in all.sh 
Instead of:
    ! in_psa_crypto_repo()
use
    in_mbedtls_repo()

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:18 +01:00
David Horstmann
e31014a681 Tweak test_psa_compliance pylint annotations 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:18 +01:00
David Horstmann
42f42f4394 Support psa-crypto repo in psa_storage.py 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:18 +01:00
David Horstmann
1d09184291 Modify test_psa_compliance.py for psa-crypto repo 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:18 +01:00
David Horstmann
795d8b523d Modify build_tree.py for the PSA Crypto repo 
When detecting the root dir, look both for PSA Crypto and Mbed TLS
directories.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:18 +01:00
David Horstmann
9a6c45b436 Make all.sh PSA-crypto-friendly 
Introduce changes needed to run all.sh in the psa-crypto repo. Where
behaviour must differ, detect that we are in the psa-crypto repo by
checking for the 'core' directory.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:11 +01:00
Tomás González
d43cab3f5c Correct analyze_outcomes identation 
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
 2023-08-24 09:12:40 +01:00
Gilles Peskine
f745e5b8de Merge remote-tracking branch 'development' into HEAD 2023-08-23 20:35:32 +02:00
Gilles Peskine
ef483255db Announce that #7420 is fixed 
This is part of a bigger issue https://github.com/Mbed-TLS/mbedtls/issues/7609
which is still pending since there are still configurations that are not
handled correctly. However https://github.com/Mbed-TLS/mbedtls/issues/7420
itself was fixed by https://github.com/Mbed-TLS/mbedtls/pull/7611.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-23 18:08:45 +02:00
Janos Follath
7ec993d804 Refine thread safety requirements 
Split and refine short term requirements for key deletion.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-23 16:04:48 +01:00
Agathiyan Bragadeesh
7d20138385 Add Changelog entry for DN changes 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-23 15:46:29 +01:00
Agathiyan Bragadeesh
733766bc71 Remove trailing whitespace in data file. 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-23 15:44:52 +01:00
Agathiyan Bragadeesh
de84f9d67a Add test for rejecting empty AttributeValue 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-23 11:44:04 +01:00
Agathiyan Bragadeesh
457ac84f01 Refactor previous fix 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-23 11:35:26 +01:00
Agathiyan Bragadeesh
4c7d7bf583 Add guard for empty AttributeValue 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-23 11:28:30 +01:00
Jerry Yu
782b966666 replace target arch macros in padlock 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-23 17:15:35 +08:00
Jerry Yu
d6e312dde4 replace aesni target detection macros 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-23 17:15:34 +08:00
Jerry Yu
72fd0bdc71 replace arm64 macro and aesce enable flag 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-23 17:15:34 +08:00
Jerry Yu
926221a26e Add target platform detection macros 
Now we have arm/x86 32/64 detection

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-23 17:15:34 +08:00
Agathiyan Bragadeesh
15df01240d Fix code style 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 17:50:00 +01:00
Agathiyan Bragadeesh
4606bf3f38 Refactor reading AttributeValue in dn gets 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 17:29:18 +01:00
Tom Cosgrove
41d689f389
Merge pull request #7985 from tom-cosgrove-arm/single-source-of-truth-for-licensing 
Single source of truth for licensing
 2023-08-22 16:27:21 +00:00
Agathiyan Bragadeesh
022f86f108 Prevent output of escaped null characters dn gets 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 16:56:04 +01:00
Agathiyan Bragadeesh
d9d79bb74b Rename parse_attribute_value_ber_encoded 
Now renamed to parse_attribute_value_der_encoded to be consistent with
names elsewhere

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 16:43:58 +01:00
Agathiyan Bragadeesh
8aa74ab6a9 Add return for buffer too small when reading OIDs 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 16:42:27 +01:00
Agathiyan Bragadeesh
f3b9724dcd Remove questionable use of macro. 
MBEDTLS_X509_SAFE_SNPRINTF was used after mbedtls_oid_get_numeric_string
so instead we have expanded the macro and kept the relevant code.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 16:37:11 +01:00
Agathiyan Bragadeesh
07f472a88b Add corruption detected return when writing asn1 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 16:29:39 +01:00
Gilles Peskine
dc23236f0a Revert "Install cryptography only on linux platform" 
This reverts commit eb2c39ed2b.

We temporarily turned off the cryptography requirement on Windows due to a
CI instance that had an old, incompatible verison of pip. That CI instance
has been upgraded so we no longer need the workaround.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-22 17:24:45 +02:00