Jarno Lamsa
18987a420b
Add micro-ecc based ecc-files to mbedtls
...
The files are from https://github.com/intel/tinycrypt
Using commit 6e0eb53fc8403988f97345e94081b0453f47231d as a base.
2019-04-24 15:40:43 +03:00
Hanno Becker
ba8cd67467
Guard CID implementations by MBEDTLS_SSL_CID
2019-04-23 12:31:42 +01:00
Hanno Becker
b60c85c67c
Indicate ssl-opt.sh CID tests only test the stub CID code
2019-04-23 12:02:34 +01:00
Hanno Becker
8d0893d0b0
Add warnings about status of implementation of CID API
2019-04-23 12:01:20 +01:00
Hanno Becker
963cb35a24
Fix use of requires_config_enabled in ssl-opt.sh
...
requires_config_enabled doesn't support multiple config options.
Tests having multiple configuration dependencies must be prefixed
with multiple invocations of requires_config_enabled instead.
2019-04-23 11:52:44 +01:00
Hanno Becker
4f98b6ad17
Fix typo in CID test in ssl-opt.sh
2019-04-23 11:52:14 +01:00
Hanno Becker
6dde3dd8ec
Print peer CID from ssl_client2
2019-04-23 11:51:47 +01:00
Hanno Becker
8be8a95dea
Print peer CID from ssl_server2
2019-04-23 11:51:40 +01:00
Hanno Becker
14751aa966
Improve wording of CID debug msg in ssl_server2 example application
2019-04-23 11:39:53 +01:00
Hanno Becker
b9b7e29536
Clarify that mbedtls_ssl_set_cid() applies to all subsequent HSs
2019-04-23 11:38:47 +01:00
Hanno Becker
d928c06d01
Document that the use of CID is disabled by default.
...
(Even if MBEDTLS_SSL_CID is set in config.h)
2019-04-23 11:37:38 +01:00
Hanno Becker
efde5b2e96
Reference CID Draft in Connection ID documentation in config.h
2019-04-23 11:36:56 +01:00
Jaeden Amero
20d707dd3e
Merge remote-tracking branch 'origin/pr/2571' into mbedtls-2.16
...
* origin/pr/2571:
Clarify comment mangled by an earlier refactoring
Add an "out-of-box" component
Run ssl-opt.sh on 32-bit runtime
2019-04-16 15:10:18 +01:00
Jaeden Amero
69bc50a9a9
Merge remote-tracking branch 'origin/pr/2557' into mbedtls-2.16
...
* origin/pr/2557:
Give credit to OSS-Fuzz for #2404
2019-04-16 15:08:08 +01:00
Jaeden Amero
d17b5e9abc
Merge remote-tracking branch 'origin/pr/2553' into mbedtls-2.16
...
* origin/pr/2553:
Remove ssl_cert_test sample app
2019-04-16 15:07:25 +01:00
Jaeden Amero
cc9b400271
Merge remote-tracking branch 'origin/pr/2568' into mbedtls-2.16
...
* origin/pr/2568:
Fix typo in data_file generator code
2019-04-16 14:40:36 +01:00
Jaeden Amero
544fe92221
Merge remote-tracking branch 'origin/pr/2550' into mbedtls-2.16
...
* origin/pr/2550:
Fix the proxy seed in Travis runs
2019-04-16 14:38:18 +01:00
Simon Butcher
7326bc8577
Merge pull request #2524 from hanno-arm/baremetal_config
...
[Baremetal] Introduce baremetal config and scripts to measure memory usage
2019-04-12 17:19:40 +01:00
Gilles Peskine
0a47c4ffbb
Clarify comment mangled by an earlier refactoring
2019-04-10 18:47:51 +02:00
Gilles Peskine
99a3310fba
Add an "out-of-box" component
...
Just run `make` and `make test`. And `selftest` for good measure.
2019-04-10 18:47:51 +02:00
Gilles Peskine
7dd44b28f1
Run ssl-opt.sh on 32-bit runtime
...
Run ssl-opt.sh on x86_32 with ASan. This may detect bugs that only
show up on 32-bit platforms, for example due to size_t overflow.
For this component, turn off some memory management features that are
not useful, potentially slow, and may reduce ASan's effectiveness at
catching buffer overflows.
2019-04-10 18:47:50 +02:00
Hanno Becker
224eb0c53b
Use AES-128 instead of AES-256 in baremetal ciphersuite
2019-04-10 12:24:10 +01:00
Jaeden Amero
e59c4193fb
Fix typo in data_file generator code
...
The file to generate is `server10_int3-bs.pem`, not
`server10-bs_int3-bs.pem`.
2019-04-10 11:50:36 +01:00
Hanno Becker
2dcdc926b6
Add basic Connection ID tests to ssl-opt.sh
2019-04-09 18:27:04 +01:00
Hanno Becker
1029acee1d
ssl_server2: Add cmd line options to configure use of CID extension
2019-04-09 18:27:04 +01:00
Hanno Becker
7a7aa1943e
ssl_client2: Add cmd line options to configure use of CID extension
2019-04-09 18:27:04 +01:00
Hanno Becker
ec37030afe
ssl_client2: Add helper to unhexify binary command line data
2019-04-09 18:27:04 +01:00
Hanno Becker
b9e7dea082
Add dummy implementations for CID API
2019-04-09 18:26:59 +01:00
Hanno Becker
2c54db5e66
Update version_features.c
2019-04-09 18:26:59 +01:00
Hanno Becker
c8e80eeda0
Update query_config.c
2019-04-09 18:26:59 +01:00
Hanno Becker
29a54c8415
Add dep of MBEDTLS_SSL_CID on MBEDTLS_SSL_PROTO_DTLS to config check
2019-04-09 18:26:59 +01:00
Hanno Becker
6198af33a0
Add API for the use of the DTLS Connection ID extension
2019-04-09 18:26:53 +01:00
Hanno Becker
81bd97149f
Add new configuration option controlling CID extension
2019-04-09 15:12:41 +01:00
Jaeden Amero
da6a3c4d15
Give credit to OSS-Fuzz for #2404
...
Add "Credit to OSS-Fuzz", in addition to Guido Vranken, for identifying
bug #2404 .
2019-04-08 11:27:43 +01:00
Ron Eldor
1ec99c66b8
Remove ssl_cert_test sample app
...
Remove the ssl_cert_test sample application, as it uses
hardcoded certificates that moved, and is redundant with the x509
tests and applications. Fixes #1905 .
2019-04-07 16:51:18 +03:00
Jaeden Amero
0ea24a9127
Merge remote-tracking branch 'origin/pr/2500' into mbedtls-2.16
...
* origin/pr/2500:
Fix default port number information
2019-04-05 14:26:20 +01:00
Manuel Pégourié-Gonnard
ab9bf63b06
Fix the proxy seed in Travis runs
...
This is what we do in Jenkins, so it only makes sense to do it here as well.
This will avoid random failures for no other reason than the proxy was
dropping all the messages due to an unlucky PRNG seed.
See https://docs.travis-ci.com/user/environment-variables/ for syntax
2019-04-05 15:23:20 +02:00
Jaeden Amero
db8821cb7e
Merge remote-tracking branch 'origin/pr/2470' into mbedtls-2.16
...
* origin/pr/2470:
Silence pylint
check-files.py: readability improvement in permission check
check-files.py: use class fields for class-wide constants
check-files.py: clean up class structure
abi_check.py: Document more methods
check-files.py: document some classes and methods
Fix pylint errors going uncaught
Call pylint3, not pylint
New, documented pylint configuration
2019-04-05 14:20:00 +01:00
Jaeden Amero
f41fa48dd4
Merge remote-tracking branch 'origin/pr/2520' into mbedtls-2.16
...
* origin/pr/2520:
Fix errors in AEAD test function
2019-04-05 14:17:47 +01:00
Jaeden Amero
77027354f4
Merge remote-tracking branch 'origin/pr/2503' into mbedtls-2.16
...
* origin/pr/2503:
Fix ChangeLog entry ordering
Fix typo
Add non-regression test for buffer overflow
Improve documentation of mbedtls_mpi_write_string()
Adapt ChangeLog
Fix 1-byte buffer overflow in mbedtls_mpi_write_string()
2019-04-05 14:10:02 +01:00
Jaeden Amero
1c752f175d
Merge remote-tracking branch 'origin/pr/2501' into mbedtls-2.16
...
* origin/pr/2501:
Change Perl to Python in test builds
2019-04-05 14:08:11 +01:00
Jaeden Amero
9bfcebfe27
Merge remote-tracking branch 'origin/pr/2364' into mbedtls-2.16
...
* origin/pr/2364:
Increase okm_hex buffer to contain null character
Minor modifications to hkdf test
Add explanation for okm_string size
Update ChangeLog
Reduce buffer size of okm
Reduce Stack usage of hkdf test function
2019-04-05 13:53:22 +01:00
Jaeden Amero
5546267c86
Merge remote-tracking branch 'origin/pr/2510' into mbedtls-2.16
...
* origin/pr/2510:
Remove Circle CI script
2019-04-05 13:51:52 +01:00
Jaeden Amero
749c944664
Merge remote-tracking branch 'origin/pr/2514' into mbedtls-2.16
...
* origin/pr/2514:
x509.c: Fix potential memory leak in X.509 self test
2019-04-05 13:48:45 +01:00
Hanno Becker
7f6e808212
Remove uninitialized variable error in baremetal.sh
2019-04-03 13:48:09 +01:00
Hanno Becker
b4d8fab27e
Rename generate_codesize_stats.sh to extract_codesize_stats.sh
2019-04-03 13:46:27 +01:00
Hanno Becker
275e5bfb9b
Remove TODO from configs/baremetal.h
2019-04-03 13:39:31 +01:00
Hanno Becker
1373724166
Add static callgraph output to baremetal.sh --ram --stack
2019-04-03 12:17:20 +01:00
Hanno Becker
e6c3c7f52c
Correct ECP optimization params in baremetal_test.sh
2019-04-03 12:04:32 +01:00
Hanno Becker
c7c20817dc
Measure stack usage in baremetal script
...
So far, `baremetal.sh --ram --stack` ran `callgrind` to extract
a call stack in an example run of ssl_client2 and ssl_server2.
This, however, needs to be complemented with per-function stack
usage to be able to extract the maximum stack usage.
This commit adds `-fstack-usage` to the CFLAGS used when building
the library in `baremetal.sh --ram` runs, which generates *.su
files indicating the stack usage of individual functions.
2019-04-03 12:04:26 +01:00