yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-10-17 22:57:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
9145 commits 88 branches 205 tags 69 MiB
Commit graph

2639 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 79cf74a95f
Merge pull request #583 from ARMmbed/remove_peer_crt_after_handshake-baremetal 
[Baremetal] Allow removal of peer certificate to reduce RAM usage
 2019-06-24 18:11:46 +02:00
Manuel Pégourié-Gonnard 8dcd80ec5c
Merge pull request #578 from ARMmbed/x509_parse_bf-baremetal 
[Baremetal] Enhance X.509 CRT negative parsing tests
 2019-06-24 18:08:33 +02:00
Manuel Pégourié-Gonnard cc3b7ccb04
Merge pull request #579 from Patater/bm-dont-use-non-existent-encrypt-then-mac 
[Baremetal] ssl: Don't access non-existent encrypt_then_mac field
 2019-06-24 18:06:53 +02:00
Hanno Becker 890d7ee4cb Reintroduce numerous ssl-opt.sh tests if !MBEDTLS_SSL_KEEP_PEER_CERT 2019-06-19 14:59:41 +01:00
Hanno Becker 92820a1dff Add test for !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE to all.sh 2019-06-19 10:26:50 +01:00
Hanno Becker 8b6d2cd5af Add dependency to ssl-opt.sh tests which need peer CRT debug info 2019-06-19 10:26:17 +01:00
Hanno Becker 2e6d34761f Remove peer CRT from mbedtls_ssl_session if !KEEP_PEER_CERT 2019-06-19 10:25:01 +01:00
Hanno Becker 4a2f8e584f Add peer CRT digest to session tickets 
This commit changes the format of session tickets to include
the digest of the peer's CRT if MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
is disabled.

This commit does not yet remove the peer CRT itself.
 2019-06-19 10:25:01 +01:00
Simon Butcher 7400e8fb36 Merge remote-tracking branch 'origin/pr/591' into baremetal 2019-06-18 17:36:45 +01:00
Hanno Becker eddc78a844 Fix documentation of X.509 parsing test 2019-06-18 17:29:35 +01:00
Hanno Becker 5b4a619cfe Add X.509 CRT parsing test for mixed time-encodings 2019-06-18 17:29:35 +01:00
Hanno Becker 615bda0035 Improve X.509 CRT parsing test names 2019-06-18 17:29:35 +01:00
Hanno Becker b9df4bd8fc Add negative X.509 parsing tests for v3Ext in v1/v2 CRT 2019-06-18 17:29:35 +01:00
Hanno Becker 576f355ea6 Add negative X.509 parsing tests for IssuerID/SubjectID in v1 CRT 2019-06-18 17:29:35 +01:00
Hanno Becker 22adeeb95f Improve name of X.509 CRT parsing test 2019-06-18 17:29:35 +01:00
Hanno Becker 36023dc62b Always use the same X.509 alg structure inside and outside of TBS 2019-06-18 17:29:35 +01:00
Hanno Becker 53634e3f84 Fix test dependencies in X.509 CRT parsing suite 
Most tests use an sha256WithRSAEncryption OID which isn't recognized
unless RSA and SHA-256 are enabled.
 2019-06-18 17:29:35 +01:00
Hanno Becker d061c3d7ca Fix test case name formatting in X.509 parsing suite 2019-06-18 17:29:35 +01:00
Hanno Becker 57e0693302 Use ASN.1 NULL TLVs when testing invalid tags 
Previously, a test exercising the X.509 CRT parser's behaviour
on unexpected tags would use a '00' byte in place of the tag
for the expected structure. This makes reviewing the examples
harder because the binary data isn't valid DER-encoded ASN.1.

This commit uses the ASN.1 NULL TLV '05 00' to test invalid
tags, and adapts surrounding structures' length values accordingly.
This eases reviewing because now the ASN.1 structures are still
well-formed at the place where the mismatch occurs.
 2019-06-18 17:29:35 +01:00
Hanno Becker 98c6b6a5f0 Shorten X.509 CRT parsing test names 2019-06-18 17:29:35 +01:00
Hanno Becker 24d93a424f Extend negative testing for X.509 Signature parsing 2019-06-18 17:28:54 +01:00
Hanno Becker 56eb0b45c9 Extend negative testing for X.509 SignatureAlgorithm parsing 2019-06-18 17:28:54 +01:00
Hanno Becker cb60e2c917 Extend negative testing for X.509 v3 Extension parsing 2019-06-18 17:28:54 +01:00
Hanno Becker 543cc8a6fd Extend negative testing for X.509 SubjectID parsing 2019-06-18 17:28:54 +01:00
Hanno Becker 96480c1ab0 Extend negative testing for X.509 IssuerID parsing 2019-06-18 17:28:54 +01:00
Hanno Becker 1d3aab9ee8 Extend negative testing for X.509 SubjectPublicKeyInfo parsing 2019-06-18 17:28:54 +01:00
Hanno Becker 74f1d4b6cc Extend negative testing for X.509 Subject parsing 2019-06-18 17:28:54 +01:00
Hanno Becker f3ca578a73 Extend negative testing for X.509 Validity parsing 2019-06-18 17:28:54 +01:00
Hanno Becker f59cd6b020 Extend negative testing for X.509 Issuer parsing 2019-06-18 17:28:54 +01:00
Hanno Becker d4b6daf70a Extend negative testing for X.509 AlgorithmIdentifier parsing 2019-06-18 17:28:54 +01:00
Hanno Becker 1a0d3740b9 Extend negative testing for X.509 Serial number parsing 2019-06-18 17:28:54 +01:00
Hanno Becker baf32b8cea Extend negative testing for X.509 Version parsing 2019-06-18 17:28:54 +01:00
Hanno Becker d6ea7252db Extend negative testing for X.509 TBS header parsing 2019-06-18 17:28:54 +01:00
Simon Butcher f2ef573f2b Merge remote-tracking branch 'origin/pr/598' into baremetal 2019-06-18 15:00:02 +01:00
Simon Butcher f1ff74574d Merge remote-tracking branch 'origin/pr/597' into baremetal 2019-06-18 14:58:37 +01:00
Hanno Becker b2c6383b7b Add missing !MBEDTLS_X509_REMOVE_INFO guards to ssl-opt.sh 2019-06-18 11:05:44 +01:00
Peter Kolbus b1cb0bde72 all.sh: Add test for MBEDTLS_X509_REMOVE_INFO 
Add a test scenario that runs make/make test with
MBEDTLS_X509_REMOVE_INFO enabled.
 2019-06-18 11:05:44 +01:00
Hanno Becker 4a156fc854 Apply guards to make ssl-opt.sh work with MBEDTLS_X509_REMOVE_INFO 
Multiple tests in ssl-opt.sh grep for debug output that's omitted
if MBEDTLS_X509_REMOVE_INFO is defined. This commit modifies ssl-opt.sh
to skip those tests in this case.
 2019-06-18 11:05:44 +01:00
Hanno Becker 98f85c8c25 Add missing dependencies on !MBEDTLS_X509_REMOVE_INFO 2019-06-18 11:05:44 +01:00
Hanno Becker 02a2193f60 Rename MBEDTLS_X509_INFO to !MBEDTLS_X509_REMOVE_INFO 2019-06-18 11:05:44 +01:00
Peter Kolbus dc470ae8af Reduce code size when mbedtls_x509_*_info() unused 
Introduce MBEDTLS_X509_INFO to indicate the availability of the
mbedtls_x509_*_info() function and closely related APIs. When this is
not defined, also omit name and description from
mbedtls_oid_descriptor_t, and omit OID arrays, macros, and types that
are entirely unused. This saves several KB of code space.

Change-Id: I056312613379890e0d70e1d08c34171287c0aa17
 2019-06-18 11:05:37 +01:00
Manuel Pégourié-Gonnard 31ae7facb3 Add test for build warnings with baremetal.h 2019-06-18 12:03:51 +02:00
Jarno Lamsa 8a91c0650a Add tests for re-init flow for context serialization 2019-06-18 11:50:11 +03:00
Jarno Lamsa cc281b8a54 ssl-opt.sh tests for serialization are currently using stub implementation 2019-06-18 11:50:11 +03:00
Jarno Lamsa dcfc2a7364 Add missing slashes to tests 2019-06-18 11:50:11 +03:00
Jarno Lamsa fa45e6005e Add serialization tests to ssl-opt.sh 2019-06-18 11:50:11 +03:00
Hanno Becker 1abb159e90 Merge branch 'mbedtls-2.16' into baremetal 2019-06-18 09:00:37 +01:00
Simon Butcher c725e4b34e Merge remote-tracking branch 'origin/pr/590' into baremetal 2019-06-17 17:57:26 +01:00
Jaeden Amero 418e7611f6 Merge remote-tracking branch 'origin/pr/2484' into mbedtls-2.16 
* origin/pr/2484:
  Correct placement of ChangeLog entry
  Improve documentation of mbedtls_x509_get_ext()
  Adapt ChangeLog
  Always return a high-level error code from X.509 module
  Obey bounds of ASN.1 substructures
 2019-06-14 15:28:42 +01:00
Jaeden Amero 7aed01c0dc Merge remote-tracking branch 'origin/pr/2481' into mbedtls-2.16 
* origin/pr/2481:
  Document support for MD2 and MD4 in programs/x509/cert_write
  Correct name of X.509 parsing test for well-formed, ill-signed CRT
  Add test cases exercising successful verification of MD2/MD4/MD5 CRT
  Add test case exercising verification of valid MD2 CRT
  Add MD[245] test CRTs to tree
  Add instructions for MD[245] test CRTs to tests/data_files/Makefile
  Add suppport for MD2 to CSR and CRT writing example programs
  Convert further x509parse tests to use lower-case hex data
  Correct placement of ChangeLog entry
  Adapt ChangeLog
  Use SHA-256 instead of MD2 in X.509 CRT parsing tests
  Consistently use lower case hex data in X.509 parsing tests
 2019-06-14 08:50:47 +01:00