TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-05-11 14:38:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
22,926 Commits 180 Branches 280 Tags
ab895c8c5e95f7bd4d3beb0b24050920d8785b8a
Commit Graph

22926 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Przemek Stekiel
ab895c8c5e Remove duplicated function 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-04 10:54:53 +01:00
Przemek Stekiel
2a4f744468 Remove generation of authorityKeyId_subjectKeyId.crt from makefile 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-04 10:54:52 +01:00
Przemek Stekiel
d32960b326 Rename back mbedtls_x509_parse_general_name->mbedtls_x509_parse_subject_alt_name 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-04 10:54:52 +01:00
Przemek Stekiel
20082be063 Fix Subject Key Identifier, Authority Key Identifier entries in oid_x509_ext 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-04 10:54:49 +01:00
Przemek Stekiel
b80bbfca37 Adapt mbedtls_x509_crt_free after rebase 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-04 10:54:49 +01:00
toth92g
c0f013f657 Adding missing ending of comment 
Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:47 +01:00
toth92g
7dbc47e8e6 Adding some comments for easier understand 
Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:46 +01:00
toth92g
58b1ec7db2 Removing whitespaces (to meet sanity checks) 
Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:44 +01:00
toth92g
d51d1c00c8 Removing obsolete test after merging and correcting missing macro 
Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:42 +01:00
toth92g
3062d1f66c Renaming x509_get_subject_alt_name to x509_get_general_names and mbedtls_x509_parse_subject_alt_name to mbedtls_x509_parse_general_name so they can be used not only to collect subject alt name, but the V3 authority cert issuer that is also GeneralName type. 
Also updated the x509_get_general_names function to be able to parse rfc822Names

Test are also updated according these changes.

Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:41 +01:00
toth92g
ef074c3624 - Removing obsolete test files (DER strings are used instead of them to minimize resource usage) 
- Renaming test functions to match the naming conventions

Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:38 +01:00
toth92g
4fa2b759c1 Correcting tests: 
- Wrong condition was checked (ref_ret != 0 instead of ref_ret == 0)
- tags were not checked (nor lengths)
- Using ASSERT_COMPARE where possible

Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:37 +01:00
toth92g
e95bd6e264 Replacing tabs with spaces 
Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:37 +01:00
toth92g
f1eac715ed Correting findings: Using DER format instead of PEM while testing to minimize the resource usage. Comparation of byte arrays in test are now done via the dedicated ASSERT_COMPARE test macro for better understanding 
Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:35 +01:00
toth92g
0d4cdffebc Correcting documentation issues: 
- Changelog entry is Feature instead of API Change
- Correcting whitespaces around braces
- Also adding defensive mechanism to x509_get_subject_key_id
  to avoid malfunction in case of trailing garbage

Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:34 +01:00
toth92g
de503386cb Updating the new code parts based on the coding standards: adding missing whitespaces to brackets 
Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:32 +01:00
toth92g
d2bba1ad86 Updating the new code parts based on the coding standards: adding missing whitespaces to brackets 
Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:32 +01:00
toth92g
67c6806055 x509parse tests used only last 16 bits of the return values. They are updated to check the whole 32 bit value 
Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:30 +01:00
toth92g
b81008b43d Replacing hard-coded literals with macros of the library in the new x509parse tests 
Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:29 +01:00
toth92g
29ff62eee3 Adding openssl configuration file and command to Makefile to be able to reproduce the certificate for testing Authority and Subject Key Id fields 
Increasing heap memory size of SSL_Client2 and SSL_Server2, because the original value is not enough to handle some certificates. The AuthorityKeyId and SubjectKeyId are also parsed now increasing the size of some certificates

Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:29 +01:00
toth92g
f7b9b78c9f Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions. Updating mbedtls_x509_crt_free function to also free the new dynamic elements (issuer field of AuthorityKeyId). 
A few tests are also added which test the feature with a correct certificate and multiple ones with erroneous ASN1 tags.

Signed-off-by: toth92g <toth92g@gmail.com>
 2023-01-04 10:54:25 +01:00
David Horstmann
71159f45ab Switch to the new code style 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-01-03 12:51:59 +00:00
Manuel Pégourié-Gonnard
7a389ddc84 Merge pull request #6784 from valeriosetti/issue6702 
Make SHA224_C/SHA384_C independent from SHA256_C/SHA512_C
 2023-01-03 09:36:58 +01:00
Janos Follath
b4b0bb737d Merge pull request #5907 from mpg/use-psa-rsa-pss 
Use PSA more often in `pk_verify_ext()`
 2022-12-30 12:33:50 +00:00
Manuel Pégourié-Gonnard
4511ca063a Use PSS-signed CRL for PSS tests 
Otherwise, in builds without PKSC1_V15, tests that are supposed to
accept the certificate will fail, because once the cert is OK they will
move on to checking the CRL and will choke on its non-PSS signature.

Tests that are supposed to reject the cert due to an invalid signature
from the CA will not check the CRL because they don't recognize the CA
as valid, so they have no reason to check the CA's CRL. This was hiding
the problem until the recent commit that added a test where the cert is
supposed to be accepted.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-12-30 10:13:41 +01:00
Valerio Setti
ea8c88fcbb test: fix some descriptions 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-29 11:08:35 +01:00
Manuel Pégourié-Gonnard
6ea0a8d883 Disable 'wrong salt len' PK test with USE_PSA 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-12-29 10:07:08 +01:00
Valerio Setti
62e1ebbbc7 changelog: fix text error 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-28 13:28:42 +01:00
Valerio Setti
c963bb11c7 test: remove SHA224 from default test driver config 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-28 12:58:14 +01:00
Gilles Peskine
b402e4bde1 Merge pull request #6595 from mfischer/lms_heap 
lms: Move merkle tree generation to heap allocation
 2022-12-23 18:29:04 +01:00
Gilles Peskine
8eee21e3b3 Merge pull request #6836 from gilles-peskine-arm/code-style-more-kr-20221222 
Tweak code style to be more like K&R
 2022-12-23 18:23:37 +01:00
Valerio Setti
326cf46764 test: improved readability in sha self tests 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-23 14:57:18 +01:00
Valerio Setti
e269750f0d sha: fix description for starts functions 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-23 14:29:54 +01:00
Valerio Setti
77b1452784 test: fix error in test_suite_ssl 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-23 10:53:06 +01:00
Manuel Pégourié-Gonnard
676766ff77 Merge pull request #6776 from gabor-mezei-arm/6222_bignum_mod_mul 
Bignum: Implement fixed width modular multiplication
 2022-12-23 10:39:30 +01:00
Manuel Pégourié-Gonnard
2fcb4c1d06 Merge pull request #6747 from gilles-peskine-arm/bignum-mod-random 
Bignum mod random
 2022-12-23 10:36:22 +01:00
Gilles Peskine
e19d7e5141 Require a space after a cast 
Align with K&R2.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-12-22 23:18:30 +01:00
Valerio Setti
fe6c19b69c added changelog file for PR #6784 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-22 15:05:27 +01:00
Valerio Setti
65287636f8 config: remove SHA224_C from some config files 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-22 14:29:40 +01:00
Valerio Setti
b6bf7dcc28 test: fix depends.py for hash tests 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-22 14:28:03 +01:00
Valerio Setti
543d00ef6f sha: remove SHA1 from ssl_cookie 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-22 14:27:34 +01:00
Valerio Setti
d55cb5b3f0 sha: decline MD defines for various SHA 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-22 14:26:55 +01:00
Valerio Setti
d10e0a6341 sha: fix minor issues/typos 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-22 14:25:26 +01:00
Manuel Pégourié-Gonnard
2510dd41bf Merge pull request #6282 from gstrauss/sw_derive_y 
mbedtls_ecp_point_read_binary from compressed fmt
 2022-12-22 10:20:31 +01:00
Gilles Peskine
5efe449a6a More robust dependency filtering 
Only remove the MBEDTLS_HAVE_INTnn dependency, not any other dependency that
might be present.

No behavior change, this is just robustness.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-12-21 20:33:30 +01:00
Gilles Peskine
f287366376 Simplify logic and document test_cases_for_values 
Explain what's going on in BignumModRawConvertRep.test_case_for_values.

Simplify the logic and the interdependencies related to limb sizes:
* Montgomery is the special case, so base the decisions on it.
* As soon as we've encountered one limb size, no matter what it is,
  give up.

No behavior change, other than changing the numbering of test cases (which
previously included more skipped test cases).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-12-21 20:31:14 +01:00
Gilles Peskine
394da2d857 Pacify pylint 
Except for missing documentation, which will come in a subsequent commit.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-12-21 20:22:38 +01:00
Gilles Peskine
6d40e54db0 Split the high nesting of BignumModRawConvertRep.generate_function_tests 
Pylint complains about the nesting. It's not wrong.

No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-12-21 20:22:38 +01:00
Gilles Peskine
636809f2b9 Fix type declaration 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-12-21 20:12:31 +01:00
Minos Galanakis
342b9a903d bignum_mod_raw.py: Added a filtering logic to BignumModRawConvertRep.generate_function_tests() 
This patch introduces a hybrid approach to input_styles, and will remove the
dependency requirements from test cases with `ModulusRepresentation.OPT_RED`

As a result it is reducing testing input duplication.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2022-12-21 18:00:01 +00:00