TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-27 22:51:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,480 Commits 177 Branches 276 Tags
0289c19b8aefbaa5d5ba930ceab4d4489a05916d
Commit Graph

5938 Commits

Author SHA1 Message Date
Gilles Peskine
a15b405a46 Merge pull request #7070 from yanrayw/2.28-7008-compatsh-disable-VERIFY-for-PSK 
Backport 2.28: compat.sh: remove VERIFY and duplicate test cases for PSK
 2023-02-10 15:07:31 +01:00
Gilles Peskine
da829035a2 Merge pull request #7053 from KloolK/typos-backport 
[Backport 2.28] Fix typos
 2023-02-10 15:07:03 +01:00
Yanray Wang
21daf2930a compat.sh: simplify code of iterating on VERIFY for PSK tests 
Since PSK cipher suites do not allow client certificate verification,
PSK test cases should be executed under VERIFY=NO. SUB_VERIFIES is
used to constrain verification option for PSK tests.

With aforementioned change, the latter check of
$VERIFY=YES && $TYPE!=PSK is redundant so it's removed.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-02-09 12:30:03 +08:00
Yanray Wang
8332db92bd compat.sh: remove G_CLIENT_PRIO as it's not used 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-02-09 12:15:04 +08:00
Yanray Wang
34ddcc9691 compat.sh: display "no" even if $VERIFY=YES for PSK test cases 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-02-09 12:15:04 +08:00
Yanray Wang
89ac843941 compat.sh: do not filter PSK ciphersuites for GnuTLS if $VERIFY=YES 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-02-09 12:15:04 +08:00
Yanray Wang
b1ae735f09 compat.sh: remove check_openssl_server_bug 
As there is no $VERIFY for PSK test cases,
check_openssl_server_bug is not functional in compat.sh.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-02-09 12:15:04 +08:00
Yanray Wang
571e24b6a5 compat.sh: avoid running duplicate test cases for PSK 
With the introduction of PSK_TESTS,
 - Either `compat.sh -V NO` or `compat.sh -V YES` runs the PSK tests
 - `compat.sh` or `compat.sh -V "NO YES"` runs PSK tests only once

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-02-09 12:15:04 +08:00
Yanray Wang
eafa355691 compat.sh: ignore $VERIFY in PSK TYPE 
There is no need to provide CA file in PSK. Thus VERIFY is
meaningless for PSK. This change omits the arguments passed to
the client and server for $VERIFY=YES.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-02-09 12:15:04 +08:00
hanno-becker
95f316ac38 X.509: Improve negative testing for SubjectAltName parsing 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-08 08:57:49 -05:00
Gilles Peskine
bfe79030a9 Merge pull request #7021 from lpy4105/issue/backport-do-not-run-x86-tests-on-arm64 
Backport 2.28: all.sh: test_m32_xx is not supported on arm64 host
 2023-02-07 10:26:16 +01:00
Jan Bruckner
6d47550723 Fix typos 
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2023-02-07 07:27:49 +01:00
Dave Rodgman
b028531a3b Merge pull request #7013 from gilles-peskine-arm/build-without-certs-2.28.2 
2.28 only: Fix the build without MBEDTLS_CERTS_C
 2023-02-06 11:39:01 +00:00
Gilles Peskine
a4f91485a6 Merge pull request #6983 from aditya-deshpande-arm/backport-check-files-characters 
[Backport 2.28] check_files.py: Allow specific Box Drawings characters to be used
 2023-02-03 11:46:03 +01:00
Dave Rodgman
ecb44208d1 Address missed instances of sizeof 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-02 15:34:23 +00:00
Dave Rodgman
1868870fba Fix use of sizeof without brackets 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-02 12:46:39 +00:00
Pengyu Lv
a89b36757c all.sh: test_m32_xx is not supported on arm64 host 
test_m32_xxx tests are x86 specific, but the support
function only identifies a 64-bit system. So the tests
will be run on arm64 host and cause a test failure.
This change restricts those tests to amd64/x86_64
only.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-02-02 17:28:10 +08:00
Gilles Peskine
5619443bf1 Test without MBEDTLS_CERTS_C 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-02-01 18:47:58 +01:00
Gilles Peskine
33d03feb61 Add missing dependencies on certs.c in unit tests 
The tests here use the test certificates from the cert module where
certificates are needed. Thus, wherever there is a dependency on
MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED, there is also a dependency on
MBEDTLS_CERTS_C.

Fixes `make test` when MBEDTLS_CERTS_C is disabled.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-02-01 18:47:58 +01:00
Aditya Deshpande
a9186f37a8 Allow whole Box Drawings range 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-02-01 13:31:57 +00:00
Aditya Deshpande
e76dc39641 Modify comments to make them more inclusive 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-01-30 13:52:03 +00:00
Aditya Deshpande
ed514d3218 Allow specific Box Drawing UTF characters that are used in Markdown trees in check_files.py 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-01-30 13:24:11 +00:00
Manuel Pégourié-Gonnard
4b7cb8c737 Merge pull request #6919 from valeriosetti/issue6843-backport 
Backport: Improve X.509 cert writing serial number management
 2023-01-30 13:09:09 +01:00
Manuel Pégourié-Gonnard
54be0fafc6 Merge pull request #6968 from aditya-deshpande-arm/backport-check-names-exclusions 
[Backport 2.28] check_names.py: Compare identifiers in excluded files against symbols parsed by nm
 2023-01-30 09:22:09 +01:00
Aditya Deshpande
7d20bb4740 Re-add empty lines that were accidentally omitted in the previous commit. 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-01-27 16:03:22 +00:00
Manuel Pégourié-Gonnard
27276fcb97 Merge pull request #6844 from gilles-peskine-arm/test_suite_psa_crypto_metadata-20221215-2.28 
Backport 2.28: Add metadata tests for CCM* and TLS1.2-ECJPAKE-to-PMS
 2023-01-27 10:05:04 +01:00
Gilles Peskine
f57f3db920 Merge pull request #6931 from AndrzejKurek/timeless-selftest-waz-bad 
[2.28] Enable the timing.c selftest with MBEDTLS_TIMING_ALT
 2023-01-26 21:55:44 +01:00
Gilles Peskine
0f16ce0116 Merge pull request #6963 from davidhorstmann-arm/2.28-fix-check-python-errors 
[Backport 2.28] Fix check python errors
 2023-01-26 21:54:30 +01:00
Gilles Peskine
c2738f22b3 Merge pull request #6954 from gilles-peskine-arm/6658-not-print-Terminated-ubuntu-22.04-2.28 
Backport 2.28: Fix the problem of printing "Terminated" in compat.sh under Ubuntu-22.04
 2023-01-26 21:53:28 +01:00
Valerio Setti
7ba0037468 test: improve error handling in x509_set_serial_check() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-01-26 18:03:27 +01:00
Andrzej Kurek
3a261a4dfd Add a selftest run for the TIMING_ALT test 
The fuzz programs require one layer of directories
more when adding include directories.
Also remove an unnecessary include directory in the Makefile.

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-01-26 04:33:59 -05:00
Aditya Deshpande
94375c81f0 Update check_names.py so that identifiers in excluded files are still compared against the output of nm. 
This fixes the issue where excluding a file containing identifiers from checks would cause check_symbols_in_header to fail.

Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-01-25 17:10:23 +00:00
David Horstmann
4fc7e0ed62 Fix a missing type hint warning 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-01-24 19:01:31 +00:00
Manuel Pégourié-Gonnard
85f65f8f2f Merge pull request #6944 from AndrzejKurek/2.28-depends-py-kex-fixes 
[Backport 2.28] Depends.py - add exclusive domain tests to key exchange testing
 2023-01-24 09:32:09 +01:00
Andrzej Kurek
ddf6260aae Remove obsolete comment from depends.py 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-01-23 06:19:14 -05:00
Yanray Wang
2a7b2a6a9d Redirect stdout/stderr to SRV_OUT 
Under Ubuntu-22.04, wait command prints out Terminated message.
Therefore server process is handled with identical ways like other
processes in compat.sh. In addition, PROCESS_ID is renamed as
SRV_PID to improve code readability.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-01-20 15:51:25 +01:00
Yanray Wang
d2ad200ff9 Remove Terminated message from stdout 
Under Ubuntu-22.04, wait command prints out Terminated message
if the process has been killed by kill command. This messes up
the output in compat.sh

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-01-20 15:51:23 +01:00
Dave Rodgman
5fce4f6a45 Add regression test 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-01-20 13:24:01 +00:00
Dave Rodgman
bd2b8e4e6a Fix test guards 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-01-20 11:42:54 +00:00
Andrzej Kurek
15a3f1d0b8 Add missing key exchange requirements to test_suite_ssl 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-01-19 17:12:38 -05:00
Andrzej Kurek
cbb34b9e22 Add missing KEX DHE-RSA requirement for one ssl test 
This specific cipher is used to test record splitting.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-01-19 15:19:52 -05:00
Andrzej Kurek
eeb8624f2d Add missing RSA-type dependencies in test_suite_ssl 
These are not run in development because of the overlapping
!TLS_1_3 requirement and usage of full config.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-01-19 15:18:35 -05:00
Andrzej Kurek
01bdab3e30 Add missing key exchange requirements to test_suite_ssl 
Some of the tests use mbedtls_test_cli_key_rsa_der and
mbedtls_test_cli_crt_rsa_der, and these can be used with
specific ciphersuites.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-01-19 15:18:00 -05:00
Andrzej Kurek
de416fc2c6 depends.py: enable key exchange tests 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-01-17 10:40:28 -05:00
Andrzej Kurek
721cff1a89 Fix a copy-paste error in define comment 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-01-17 05:44:06 -05:00
Andrzej Kurek
c890b22fb3 Add a test for external alternate timing implementation 
Copy the original implementation
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-01-17 05:11:29 -05:00
Ville Skyttä
a74468155d Use grep -E instead of egrep 
`egrep` has been deprecated in GNU grep since 2007,
and since 3.8 it emits obsolescence warnings:
https://git.savannah.gnu.org/cgit/grep.git/commit/?id=a9515624709865d480e3142fd959bccd1c9372d1

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-01-16 11:08:46 +00:00
Tom Cosgrove
c1ae9f95bf Have compat.sh and ssl-opt.sh not return success for > 255 errors 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-01-13 12:14:43 +00:00
Valerio Setti
5b787142a9 test: x509: add function for testing long serials 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-13 08:40:26 +01:00
Gilles Peskine
b9e56fb560 Switch code style check to enforcement mode 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-01-11 14:52:38 +01:00