mbedtls

Author	SHA1	Message	Date
Ronald Cron	eac00ad2a6	tls13: server: Note down client not being authenticated in SSL context Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-25 20:02:03 +02:00
Ronald Cron	a709a0f2c6	tls13: Declare PSK ephemeral key exchange mode first In the PSK exchange modes extension declare first PSK ephemeral if we support both PSK ephemeral and PSK. This is aligned with our implementation giving precedence to PSK ephemeral over pure PSK and improve compatibility with GnuTLS. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-25 19:05:26 +02:00
Tom Cosgrove	93003d87a9	Split out testing of core_add and core_add_if per Janos' request Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-10-25 17:01:19 +01:00
Minos Galanakis	37ca3a9acd	Moved tests from test_suite_bignum to test_suite_bignum_core This patch moves the following tests to test_suite_bignum_core: * `mbedtls_mpi_core_get_mont_r2_unsafe_neg()` * `mbedtls_mpi_core_get_mont_r2_unsafe()` Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-25 16:56:08 +01:00
Ronald Cron	dd0c8f9c26	tls13-kex-modes.sh: Remove unnecessary GnuTLS option Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-25 17:35:50 +02:00
Tom Cosgrove	eee0d6ce6b	Extend the unit tests for mbedtls_mpi_core_add_if() to also test mbedtls_mpi_core_add() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-10-25 16:29:58 +01:00
Minos Galanakis	a081c51cd3	Renamed mpi_core_get_mont_R2_unsafe_neg -> mpi_core_get_mont_r2_unsafe_neg Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-25 15:12:38 +01:00
Minos Galanakis	ae4fb671b4	mbedtls_mpi_core_get_mont_R2_unsafe: Removed NULL input checking Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-25 15:12:38 +01:00
Minos Galanakis	e1913a8da8	test_suite_bignum: Updated test cases for mbedtls_mpi_core_get_mont_R2_unsafe This patch adds tests for 192 and 2048 bits inputs. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-25 15:12:31 +01:00
Minos Galanakis	b9243ef231	test_suite_bignum: Fixed whitespace issues Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-25 15:12:23 +01:00
Minos Galanakis	4f43f61c6a	Renamed mbedtls_mpi_get_montgomery_constant_unsafe to mpi_core_get_mont_R2_unsafe Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-25 15:12:23 +01:00
Minos Galanakis	1a1b175554	test_suite_bignum: Added tests for `mpi_get_montgomery_constant_unsafe()` This patch adds the test for the method calculating the RR. The input/expected data are generated manually using the following Python3 snippet: ~~~~~ import math title="mpi_get_montgomery_constant_unsafe" tt = title + " #{}" in_data = [ "0f", ... ] def limb_no(number, bil=64): return int(math.ceil(int.bit_length(number)/(bil * 1.0))) def calc_rr(number, bil=64 ): return '{:x}'.format(pow(pow(2, limb_no(number, bil) * bil), 2, number)) def calc_rr_str(number, prefix=""): rr64 = calc_rr(number) rr32 = calc_rr(number, bil=32) return '{}:"{:x}":"{}":"{}"'.format(prefix,number, rr32, rr64) print("\n\n".join(["{}\n{}".format(tt.format(in_data.index(v)+1), calc_rr_str(int(v,base=16), title)) for v in in_data])) ~~~~~ Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-25 15:12:01 +01:00
Gilles Peskine	383b0bbea0	Merge pull request #6461 from tom-cosgrove-arm/fix-mbedtls_mpi_mod_modulus_init-calls-in-tests mbedtls_mpi_mod_modulus_init() must be called before any 'goto exit' in tests	2022-10-25 13:40:17 +02:00
Gilles Peskine	e5a715e8c0	Merge pull request #6449 from gilles-peskine-arm/bignum-core-shift_r Bignum core: shift_r	2022-10-25 10:40:39 +02:00
Gilles Peskine	af8ea3f738	Merge pull request #6468 from gilles-peskine-arm/bignum-test-suite-names Rename test_suite_bignum for consistency	2022-10-25 10:40:29 +02:00
Andrzej Kurek	2c7993c456	depends.py: add a config option to unset MBEDTLS_USE_PSA This lets us perform any test without MBEDTLS_USE_PSA Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-24 15:56:10 -04:00
Ronald Cron	2012361ae6	Merge pull request #6448 from ronald-cron-arm/tls13-kex-build-options TLS 1.3 Introduce and use key exchange mode config options	2022-10-24 15:21:37 +02:00
Przemek Stekiel	ab0451bc2c	Fix build command in test_psa_crypto_config_reference_hash_use_psa Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-24 11:29:35 +02:00
Przemek Stekiel	c86dedfdc1	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-24 09:16:04 +02:00
Przemek Stekiel	58bbc23ca3	Use coverage analyze as default task Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-24 08:10:10 +02:00
Ronald Cron	454eb9172d	ssl-opt.sh: Fix list of TLS 1.2 key exchanges with cert Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	70ed41754d	ssl-opt.sh: Simplify TLS 1.3 dependencies Simplify TLS 1.3 dependencies taking into account that MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED implies that MBEDTLS_SSL_PROTO_TLS1_3 is defined. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	5de538c9dd	ssl-opt.sh: Remove requires_key_exchange_with_cert_in_tls12_enabled Remove requires_key_exchange_with_cert_in_tls12_enabled and use `requires_any_configs_enabled` directly instead. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	c3f43b663e	all.sh: Add components testing TLS 1.3 kex partial enablement Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	8328113cad	ssl-opt.sh: Fix some test checks for ephemeral only kex build Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	59625848e6	ssl-opt.sh: TLS 1.3 kex: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_*ENABLED Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	73fe8df922	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED to guard TLS code (both 1.2 and 1.3) specific to handshakes involving PSKs. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	e68ab4f55e	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED to guard TLS code (both TLS 1.2 and 1.3) specific to handshakes involving certificates. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	41a443a68d	tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK.*ENABLED Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED instead of MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED to guard code specific to one of the TLS 1.3 key exchange mode with PSK. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	928cbd34e7	tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED instead of MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED to guard code specific to the TLS 1.3 ephemeral key exchange mode. Use it also for the dependencies of TLS 1.3 only tests relying on ephemeral key exchange mode, but for tests in tls13-kex-modes.sh where the change is done later using all MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_.*ENABLED macros. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	d8d2ea5674	Add TLS 1.3 key exchange mode config options Add TLS 1.3 specific configuration options to enable/disable the support for TLS 1.3 key exchange modes. These configurations are introduced to move away from the aforementioned enablement/disablement based on MBEDTLS_KEY_EXCHANGE_xxx_ENABLED options that relate to group of TLS 1.2 ciphersuites. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:41:57 +02:00
Andrzej Kurek	ba970be142	Fix test dependencies for cases that are PSA-based These should be using PSA-type macros, not MBEDTLS_XXX_C. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-21 13:39:00 -04:00
Gilles Peskine	fc4f11b5d0	Improve test component name Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-21 19:34:54 +02:00
Gilles Peskine	a020d535ad	Avoid having both test_suite_XXX.data and test_suite_XXX.*.data Although our build scripts support that, it's annoying, because it makes "test_suite_XXX" ambiguous between "all the data for test_suite_XXX.function" and "just test_suite_XXX.data". Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-21 19:00:38 +02:00
Gilles Peskine	42832bd406	Don't use test_suite_mpi as an example It just got renamed, and it's also not the most canonical example since it's a somewhat deprecated interface. Make a different module the example. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-21 18:56:47 +02:00
Gilles Peskine	ce22066211	Rename test_suite_bignum for consistency with bignum.{h,c} Align the name of the bignum test suite with the source module (which was renamed from mpi.c to bignum.c in the PolarSSL 1.x days). This also brings it into line with the test suites for the low-level bignum interfaces. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-21 18:54:43 +02:00
Andrzej Kurek	ed05279e4f	Comment fix Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-21 10:28:55 -04:00
Andrzej Kurek	d066c79d7e	Add missing ECB requirements for PSA cipher aes tests Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-21 10:28:55 -04:00
Andrzej Kurek	8f26c8a0cf	Fix a typo in test_suite_cipher Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-21 10:28:55 -04:00
Ronald Cron	89ca977128	ssl-opt.sh: Improve dependencies of some TLS 1.3 test cases Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:47:00 +02:00
Ronald Cron	bc5adf4ef8	ssl-opt.sh: Add dependencies on handshake with cert Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:47:00 +02:00
Ronald Cron	2ea36af693	ssl-opt.sh: TLS 1.3 kex: Do not use sig_algs if no cert Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:47:00 +02:00
Ronald Cron	81cd7ab492	tests: ssl: Add missing dependency on MBEDTLS_X509_CRT_PARSE_C Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:47:00 +02:00
Ronald Cron	f64cc03b09	tests: ssl: Add missing dependencies on certificate based handshake Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:47:00 +02:00
Ronald Cron	457fb7a523	tests: ssl: Fix ciphersuite identifier Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:44:45 +02:00
Przemek Stekiel	4e95590ae7	analyze_outcomes.py: Add test coverage regresion analyze for driver only builds Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-21 13:43:13 +02:00
Przemek Stekiel	01df9ddda7	Add test component: component_test_psa_crypto_config_reference_hash_use_psa Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-21 13:43:13 +02:00
Manuel Pégourié-Gonnard	0e7e47147c	Merge pull request #6447 from mprse/driver-only-hash-gap Fix test gap in driver-only-hashes build	2022-10-21 10:32:43 +02:00
Manuel Pégourié-Gonnard	45c6792faf	Merge pull request #6385 from AndrzejKurek/depends-py-reloaded Unified tests/scripts/depends.py - reloaded	2022-10-21 10:17:58 +02:00
Tom Cosgrove	be17655b57	mbedtls_mpi_mod_modulus_init() must be called before any 'goto exit' in tests Fixes Coverity issues 381527 and 381526. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-10-20 16:57:10 +01:00
Janos Follath	560805d665	Fix mbedtls_mpi_core_add_if test aliasing Signed-off-by: Janos Follath <janos.follath@arm.com>	2022-10-20 12:04:40 +01:00
Przemek Stekiel	2c95a56e13	Remove KNOWN_MBEDTLS_SUPPORTED_HASH_ALG as it is now not used anywhere Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-20 12:38:44 +02:00
Gilles Peskine	b0ee577287	Bignum core: test shift_r Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-20 12:00:57 +02:00
Janos Follath	ba516f7524	mpi_core_add_if test: Remove dependency on old API Signed-off-by: Janos Follath <janos.follath@arm.com>	2022-10-20 10:59:50 +01:00
Janos Follath	e153a715f0	mpi_core_add_if: simplify tests Use the new, limb size aware base class to generate tests for mpi_core_add_if(). Signed-off-by: Janos Follath <janos.follath@arm.com>	2022-10-20 10:40:03 +01:00
David Horstmann	2bb9c8a884	Change brace initialization to memset Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-20 10:18:37 +01:00
David Horstmann	01dd548025	Minor fixes to x509_get_name() test function Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-19 17:13:57 +01:00
Werner Lewis	f1c24f0fbc	Add missing include Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 16:43:22 +01:00
Werner Lewis	bd3ddafee2	Move tests added in #6289 Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 15:36:18 +01:00
Werner Lewis	6baf12b18d	Move legacy mod functions back to test_suite_mpi Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 15:20:01 +01:00
Werner Lewis	ffe4478936	Move mpi_core_bitlen tests to bignum_core files Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 15:20:01 +01:00
Werner Lewis	1b20e7e645	Redefine result() method to return List Many bignum tests have multiple calculated result values, so return these as a list, rather than formatting as a string. Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 15:20:01 +01:00
Werner Lewis	99e8178fa7	Add module for bignum_core test generation Separate file is added for classes used to generate cases for tests in bignum_core.function. Common elements of the BignumOperation class are added to classes in a new common file, for use across files. Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 15:20:01 +01:00
Werner Lewis	0c6ea12145	Move bignum_mod tests into separate files Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 15:20:01 +01:00
Werner Lewis	c9b6a0aef9	Move bignum_mod_raw tests into separate files Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 15:20:01 +01:00
Werner Lewis	c6004a2ab3	Move bignum_core tests into separate files Test cases for mpi_core_add_if, mpi_core_mla, mpi_core_sub, mpi_core_montmul are not copied into new files, these are generated in subsequent commits. Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 15:19:53 +01:00
Gilles Peskine	149c1516e7	Merge pull request #6435 from mpg/improve-outcome-analysis Improve outcome analysis for driver-only builds	2022-10-19 15:54:17 +02:00
Gilles Peskine	db2996357c	Merge pull request #6289 from gabor-mezei-arm/6237_Add_conditional_assign_and_swap_for_bignum Bignum: Add safe conditional assign and swap for the new MPI types	2022-10-19 15:51:19 +02:00
Andrzej Kurek	b8a97e7520	depends.py: rename domains argument to tasks Tasks can consist of domains and/or jobs. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	629c412e81	depends.py documentation fixes Now that the format of exclusive groups has been changed, update the documentation using it too. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	b489f958b8	depends.py: remove config options that are unset anyway Over the lifespan of this script these options have been removed from the "full" configuration. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	a44c5bcdb7	depends.py: rename config_pl usage to config_py Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	22b959d9a5	depends.py - add SHA256 dependency of LMS Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	65b2ac1f1d	Change the way exclusive groups are defined in depends.py Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	f4b18672ff	depends.py: fix TLS 1.3 requirements Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	a0cb4fa302	Improve depends.py readability Switch from SHA224 & SHA384 testing to SHA256 and SHA512. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	b50754ae86	Switch from x509_CRT_PARSE to KEY_EXCHANGE_WITH_CERT_ENABLED Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	e5535e3123	Add MBEDTLS_DES_C exclusive group dependencies Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	a2a9688501	Fix the memory allocation in test_suite_ssl ASSERT_ALLOC calculates the size itself, and the parameter indicates number of elements. ``` mbedtls_calloc( sizeof( *( pointer ) ), ( length ) ); ``` Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	6454a90c6d	Remove pre-1_2 TLS dependencies from depends.py Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	658442fe78	Remove unnecessary ECP_C dependencies Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	e5a5cc1944	Remove the dependency of tls1_3 key evolution tests on curve25519 Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	daf43fbe21	Move the location of MBEDTLS_ECP_C dependencies Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	2d637c4cbb	Fix unchecked allocation in test_suite_ssl Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	01af84a0ca	depends.py: Add script documentation Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	2f8ac287b6	Disable MBEDTLS_TEST_HOOKS in depends.py This option was increasing testing duration by about 40%. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	eabeb30c65	Fix SHA512 vs SHA384 dependencies When building SHA512 without SHA384, there are some code paths that resulted in unused variables or usage of undefined code. This commit fixes that. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	228b12ce54	Rework depends.py to run more tests with hashes The test coverage reduction introduced in dc25cee lowered the coverage of hash tests due to intertwining dependencies. This commit introduces a new class for building a domain using both the complementary and exclusive classes. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	fe46949686	depends.py: disable part of the test jobs Disable exclusive jobs that run with a single config disabled. A lot more bugs should be found by running jobs with only one config of a family enabled. This will also lessen the burden on the CI. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	fcbd2acbc2	Split depends.py all.sh job into seven Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	202932f521	Use upper case for constants in depends.py Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	3322c22087	Improve depends.py structrue Apply most improvements suggested by pylint. Use config.py instead of config.pl. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	0e8b2d74f0	Fix python formatting and indentation Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	3cca0c8e68	Add an all.sh component running depends.pl Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	e05b17fb85	Update depends.py Remove old and add new dependencies. Introduce a way to handle non-trivial problems stemming from exclusive group testing. Exclude SHA256 and SHA512, as these are tested in SHA224 and SHA384 jobs, respectively. Change config.h to mbedtls_config.h). Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	e64bd43495	Add missing ECP and ECDH dependencies in ssl test suites Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	8e44139ca0	Add missing CURVE25519 requirements to TLS 1.3 tests Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	84f30f2eb0	Add missing SHA256 dependency Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	e38b788b79	Add missing key exchange dependencies Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	90e8204476	Add missing SHA256 and ECDSA_C dependencies in test_suite_ssl Most of the tests (including those using endpoint_init functions) parse certificates that require MBEDTLS_SHA256_C to be present. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	0abebebe6d	Refactor ssl test suite to use pointers more This way it's easier to track structures that are partially set up. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	f502bcb13e	Fix missing AES dependencies Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Gilles Peskine	34a1557df6	Add domains for symmetric ciphers Add a domain for cipher base algorithms (block permutations and stream ciphers), a domain for block cipher chaining modes and a domain for block cipher padding modes. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Gilles Peskine	c3b4deeb6c	When exercising key exchanges, don't build the test suites Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Gilles Peskine	584c24ace4	Declare more reverse dependencies Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Gilles Peskine	b1284cf6bc	Don't test builds with only deprecated hashes Don't try to build with only SHA-1 or with only RIPEMD160 or with only MD{2,4,5}. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Gilles Peskine	bf7537d0a9	Use the full config as the baseline for all jobs Start each job from the full config minus some memory management settings and the job-specific settings. The original content of config.h no longer influences the configurations used for the jobs (but it still influences what jobs may run, in that the set of jobs is partly built by parsing #define and //#define lines in config.h). Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Gilles Peskine	e85163bb5c	Simplify final passed/failed reporting Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Gilles Peskine	0fa7cbeeb9	Add basic support for colored output Show "pass" lines in green and "fail" lines in red. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Gilles Peskine	54aa5c6957	Factor running config.pl into its own function Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Gilles Peskine	46c8256547	Flush log output after each line Otherwise the output can be out of order when redirected. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Gilles Peskine	b39e3ecee6	New script to exercise compilation options Unify curves.pl, key-exchanges.pl, depends-pkalgs.pl and depends-hashes.pl into a single, newly-written script. For curves, key exchanges and hashes, in addition to testing all-but-one settings in the group like the old scripts, also run the tests with a single option in the group. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	e40b92178d	Fix missing padding dependencies Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	252283f2aa	Fix missing cipher mode dependencies Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Przemek Stekiel	8258ea7b7d	test_suite_psa_crypto: adapt dependenies and guards so the test can run in the driver-only build Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-19 13:20:20 +02:00
Manuel Pégourié-Gonnard	0dc40773d6	Improve comments & messages Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-19 12:12:21 +02:00
Manuel Pégourié-Gonnard	deef905a1c	Update is_builtin_calling_md() for PKCS#1 v2.1 Since https://github.com/Mbed-TLS/mbedtls/pull/6141 it can "fall back" to PSA when MD is not available (but will use MD if available, to preserve backwards compatibility). Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-19 11:02:15 +02:00
Manuel Pégourié-Gonnard	98b91d40d6	RSA PKCS#1 v1.5 no longer depends on MD This has been the case since https://github.com/Mbed-TLS/mbedtls/pull/6065 which forgot to update the documentation, and also is_builtin_calling_md(), so update those. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-19 10:59:30 +02:00
Gabor Mezei	4dceede71b	Fix overly replacement in the documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-18 16:44:17 +02:00
Przemek Stekiel	98b1af4e34	test_suite_debug: adapt dependenies so the test can run in the driver-only build Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-18 14:52:41 +02:00
Janos Follath	7cd1ebe0bb	Merge pull request #6296 from gilles-peskine-arm/test_data_generation-pr_6093_followup Minor fixes to test_data_generation.py	2022-10-18 13:38:28 +01:00
Manuel Pégourié-Gonnard	d92fb01419	Skip bits not needed in outcome-analysis.sh Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-18 12:10:45 +02:00
David Horstmann	3cd67584bc	Improve X509 DN test naming Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-17 17:59:10 +01:00
David Horstmann	d0e3d45e96	Add explanatory comments to raw DER test data Break down the DER-encoded ASN.1 test data into its structure in a comment and explain it, to make it easier to understand where the data came from and how it is corrupted. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-17 17:55:04 +01:00
Gilles Peskine	47da7bfac8	Merge pull request #6434 from gilles-peskine-arm/lmots_import_export_test-memory_leak LMS: Fix memory leak if unit test fails	2022-10-17 17:57:59 +02:00
Aditya Deshpande	cfb441d5ee	Fix spacing and formatting Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>	2022-10-17 15:17:30 +01:00
Gabor Mezei	0c74e084d5	Fix condition Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-17 16:09:58 +02:00
Gilles Peskine	503d09b52d	Fix memory leak if unit test fails Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-17 12:27:43 +02:00
Manuel Pégourié-Gonnard	6c6f04b651	Merge pull request #6419 from mpg/fix-assert-alloc-usage Fix usage of ASSERT_ALLOC()	2022-10-17 12:10:48 +02:00
Gilles Peskine	8874cd570e	Merge pull request #4826 from RcColes/development Add LMS implementation	2022-10-14 18:33:01 +02:00
Aditya Deshpande	40c05cc8e4	Newlines at end of file + trim trailing whitespace Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>	2022-10-14 16:46:51 +01:00
Aditya Deshpande	17845b8f71	Add driver wrapper function for raw key agreement, along with test call for transparent drivers. Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>	2022-10-14 16:46:00 +01:00
Gabor Mezei	ffb4aa0ddc	Rename variables to have unambiguous names Use bytes instead of len in the variable names. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-14 16:39:04 +02:00
Gabor Mezei	8bcd7cca94	Use count instead of bytes in ASSERT_ALLOC argument Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-14 16:18:10 +02:00
Tom Cosgrove	edca207260	MBEDTLS_CIPHER_CHACHA20_POLY1305 is an mbedtls_cipher_type_t not an mbedtls_cipher_mode_t Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-10-14 12:10:40 +01:00
Manuel Pégourié-Gonnard	b3c30907d6	Merge pull request #6383 from mprse/aead_driver_test Enable testing of AEAD drivers with libtestdriver1	2022-10-14 11:11:01 +02:00
Manuel Pégourié-Gonnard	47b8de834d	Fix usage of ASSERT_ALLOC() The second argument is the number of elements of the type the first argument is pointing to, so we shouldn't be using sizeof there. This was resulting in overly large allocations. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-14 09:35:55 +02:00
Gilles Peskine	fa65237fd4	Fix which config header MBEDTLS_LMS_xxx is unset from Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-13 22:05:38 +02:00
Gilles Peskine	31c2dcb611	Fix file names in reproduction instructions in test data Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-13 20:48:15 +02:00
Gilles Peskine	2875aa7b01	Fix instructions and test data for pyhsslms interop tests The test data was invalid because it had the extra 4-byte prefix for HSS. Regenerate it (which produces completely new signatures since it is randomized). Rearrange the reproduction instructions for the second test case so that it shows more clearly how to generate a second signature with the same private key. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-13 20:45:05 +02:00
Raef Coles	8bccc999d9	Don't mention error type in LMS test comments Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:57:31 +01:00
Raef Coles	6d7d94a821	Use correct export length in LMS export tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:55:46 +01:00
Raef Coles	aa9d52bcdc	Rename LMS private key files to match library name Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:53:40 +01:00
Raef Coles	f8bfe2783b	Remove bad character from LMS test case Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:35:28 +01:00
Raef Coles	d543697092	Fix minor type in LMS test description Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:06:42 +01:00
Raef Coles	a2514f622f	Update pyhsslms test instructions with script Due to tool name conflict hampering data reproduction Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:04:21 +01:00
Raef Coles	ce18e528ff	Rename LMS private key files And remove now-unnecessary modification to check_files.py Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 16:45:05 +01:00
Raef Coles	e4d96b804c	Update LMS and LMOTS test comments Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 16:45:05 +01:00
Raef Coles	493724e3c2	Check correct output size in LMOTS export test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 15:43:07 +01:00
Raef Coles	ed0e4591dc	Add output length test for LMS export too-big test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 15:05:47 +01:00
Ronald Cron	49e4184812	Merge pull request #6299 from xkqian/tls13_add_servername_check Add server name check when proposing pre-share key	2022-10-13 16:00:59 +02:00
Raef Coles	33f7d66304	Add output check to export too-big buffer tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:36 +01:00
Raef Coles	1d88ea870f	Remove unneeded NULL pointer checks in LMS tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:35 +01:00
Raef Coles	d1c1f7f7be	Disable LMS in all.sh tests that lack _WANT_SHA256 Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:31 +01:00
Raef Coles	a21671123a	Remove `sudo pip3` in LM(OT)S tests instructions Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:27 +01:00
Raef Coles	1b43a7448d	Clean up LMS and LMOTS feature dependencies Remove SHA256 dependencies from tests, fix incorrect boolean logic in check_config, and change depends_hashes.pl to disable LMS in one test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:26 +01:00
Raef Coles	6b2c573b3d	And export buffer too large test to LMS and LMOTS Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:24 +01:00
Raef Coles	534f66f3f0	Fix assert arguments in LMS and LMOTS export tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:23 +01:00
Raef Coles	d1c2a80319	Remove duplicated assert from LMOTS tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:21 +01:00
Raef Coles	20d2e06ca4	Add cleanup frees in LMS and LMOTS tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:20 +01:00
Raef Coles	781f7bedb0	Properly mark LMOTS leak test as failed Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:18 +01:00
Raef Coles	d137c86125	Don't skip LMS tests due to out of memory error Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:17 +01:00
Raef Coles	76563399fd	Fix LMS and LMOTS test dependencies Mark them as depending on PSA_WANT_ALG_SHA256 so that test_depends_hashes_psa doesn't fail Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:15 +01:00
Raef Coles	59eb0d0f2b	Fix LMOTS signature leak test dependencies As it requires MBEDTLS_LMS_PRIVATE Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:12 +01:00
Raef Coles	d0c701237a	Replace TEST_ASSERT with TEST_EQUAL in LMS tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:09 +01:00
Raef Coles	f9b8502865	Add LMS import/export negative tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:06 +01:00
Raef Coles	4511055511	Exclude binary LMS keys from file checking Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:05 +01:00
Raef Coles	9fc303a99a	Add extra LMOTS import negative tests And fix failures that are related to the new tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:01 +01:00
Raef Coles	71f554b48f	Use real data for negative LMOTS tests To avoid errors caused by the null public keys and signatures Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:00 +01:00
Raef Coles	66edf6a833	Use hsslms data for LMOTS import/export test Also, test that export fails when the buffer is too small. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:58 +01:00
Raef Coles	8b55ba623e	Source LMOTS data from hsslms So it can be reproduced Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:57 +01:00
Raef Coles	a6b47c0aac	Add LMS hsslms interop tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:55 +01:00
Raef Coles	d6adcb6146	Add negative LMS import/export tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:53 +01:00
Raef Coles	810612e14e	Update LMS and LMOTS to use TEST_EQUAL Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:51 +01:00
Raef Coles	90e13fc3c6	Add repro instructions for LMS test data Add more interop tests, and use real data for the negative tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:49 +01:00
Raef Coles	0dc604ed2b	Change how LMS and LMOTS negative tests work Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:48 +01:00
Raef Coles	7726678b23	Remove debugging code left in LMOTS tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:46 +01:00
Raef Coles	370cc43630	Make LMS public key export part of public key api Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:28 +01:00
Raef Coles	be3bdd8240	Rename LMS and LMOTS init/free functions To match convention Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:18 +01:00
Raef Coles	5127e859d7	Update LMS and LMOTS dependency macros Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:11 +01:00
Raef Coles	b4568c5423	Disable LMS in PSA crypto client test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:07 +01:00
Raef Coles	47bccb7e47	Disable LMS_PRIVATE in all.sh when LMS is disabled Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:06 +01:00
Raef Coles	a7e03adef5	Disable LMS in all.sh when PSA isn't enabled Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:04 +01:00
Raef Coles	98c504373c	Update LMS test description To correct copy-paste error Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:02 +01:00
Raef Coles	40158e11fc	Add LMOTS test hook to header Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:58 +01:00
Raef Coles	9c9027b1a4	Add extra LMS and LMOTS tests NULL-message and LMOTS signature leak tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:50 +01:00
Raef Coles	f5919e2997	Update LMS/LMOTS tests Document tests and source of data, use test RNG, pass more parameters into each test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:43 +01:00
Raef Coles	e9479a0264	Update LMS API to support multiple parameter sets Parameterise macros to allow variation of sizes Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:36 +01:00
Raef Coles	ab4f87413a	Add MBEDTLS_LMS_PRIVATE define To enable private key operations Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:35 +01:00
Raef Coles	01c71a17b3	Update LMS and LMOTS api Fix function names and parameters. Move macros to be more private. Update implementation. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:25 +01:00
Raef Coles	c8f9604d7b	Use PSA hashing for LMS and LMOTS Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:23 +01:00
Raef Coles	7dce69a27a	Make LMOTS a private api Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:22 +01:00
Raef Coles	8ff6df538c	Add LMS implementation Also an LM-OTS implementation as one is required for LMS. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:15 +01:00
Manuel Pégourié-Gonnard	f155ab9a91	Abort on errors when we should We're not strictly required to abort, but at least to leave the context is an invalid state. For "late" functions like input() and output(), calling abort() is the easiest way to do that. Do it systematically for input() and output() by using a wrapper. psa_pake_get_implicit_key() was already doing it. For "early" function, we can just leave the operation in its current state which is already invalid. Restore previous tests about that. Not adding systematic tests, though, just test the two functions that are the most important, and more likely to return errors. Since we now abort in more cases, we need to make sure we don't invalidate the operation that's going to be re-used later in the test. For that reason, use a copy of the operation for calls to input() and output() that are expected to return errors. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-13 13:20:31 +02:00
Manuel Pégourié-Gonnard	b63a9ef09f	Fix buffer sizes in ecjpake_setup test function Also, the error code changed from INSUFFICIENT_MEMORY to INVALID_DATA. Temporarily remove a test about aborting the operation on error. Auto-abort will be re-introduced in the next commit in a more systematic way. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-13 13:17:20 +02:00
Gilles Peskine	0fe6631486	Merge pull request #6291 from gilles-peskine-arm/platform.h-unconditional-3.2 Include platform.h unconditionally	2022-10-13 10:19:22 +02:00
Przemek Stekiel	072fad12d9	Disable MBEDTLS_SSL_TICKET_C in aead driver test. MBEDTLS_SSL_TICKET_C depends now on: MBEDTLS_GCM_C \|\| MBEDTLS_CCM_C \|\| MBEDTLS_CHACHAPOLY_C. All features are disabled in this config. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-13 09:59:52 +02:00
Manuel Pégourié-Gonnard	2aa5af9bec	Merge pull request #6403 from mpg/print-failed-suites Print the list of failed suites in verbose mode	2022-10-13 09:59:45 +02:00
Xiaokang Qian	ed0620cb13	Refine code base on comments Move code to proper macro guards protection Fix typo issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00
Xiaokang Qian	2f9efd3038	Address comments base on review Change function name to ssl_session_set_hostname() Remove hostname_len Change hostname to c_string Update test cases to multi session tickets Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:49 +00:00
Xiaokang Qian	adf84a4a8c	Remove public api mbedtls_ssl_reset_hostname() Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:05:11 +00:00
Xiaokang Qian	281fd1bdd8	Add server name check when proposeing pre-share key Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:03:41 +00:00
Gilles Peskine	8fd3254cfc	Merge pull request #6374 from mprse/enc_types Test TLS 1.2 builds with each encryption type	2022-10-12 12:45:50 +02:00
Ronald Cron	78317c832b	Merge pull request #6327 from yuhaoth/pr/tls13-psk-after-session-tickets TLS 1.3: PSK and NewSessionTicket: Add support for sending PSK and Ticket together.	2022-10-12 12:39:51 +02:00
Przemek Stekiel	ee1bb4145f	Make sure that disabled features are not included in image and fix test config Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-12 10:15:59 +02:00
Gilles Peskine	fcee740b83	Automatically enable PK_PARSE for RSA in PSA PSA crypto currently needs MBEDTLS_PK_PARSE_C to parse RSA keys to do almost anything with them (import, get attributes, export public from private, any cryptographic operations). Force it on, for symmetry with what we're doing for MBEDTLS_PK_WRITE_C. Fixes #6409. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 21:15:24 +02:00
Gilles Peskine	aef1ba679d	Add build with a typical configuration for a PSA crypto service Disable non-crypto features that can't be called through the PSA API, as well as algorithms that have no PSA interface. This serves as a non-regression test for #6408 and #6409. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 21:09:21 +02:00
Gilles Peskine	58e5d804ee	test_suite_pk: Add missing dependencies on MBEDTLS_PEM_PARSE_C Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 20:57:38 +02:00
Gilles Peskine	d23d8dee24	test_suite_dhm: Add missing dependencies on MBEDTLS_PEM_PARSE_C Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 20:57:21 +02:00
Gilles Peskine	9624a5932e	Add mbedtls_dhm_parse_dhmfile test case with DER input dh.optlen.der is the result of converting dh.optlen.pem from PEM to DER. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 20:52:34 +02:00
Jerry Yu	c2bfaf00d9	fix wrong typo Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-11 18:07:19 +08:00
Manuel Pégourié-Gonnard	ac6c67053d	Print the list of failed suites in verbose mode In verbose mode, the full output of each failing suite is printed out, which for some suites runs in the 1000s of lines. If you didn't redirect output to a file, this is a lot to scroll and can make it hard to quickly identify which test suites failed. So, let's print out that information at the end. This is useful information for starting to figure out what went wrong. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-11 10:48:32 +02:00
Gilles Peskine	b50e433b66	Test mbedtls_mpi_core_bitlen Copy the test data for mbedtls_mpi_bitlen except for 0-length and negative cases. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Gilles Peskine	e943283f2f	More mbedtls_mpi_bitlen test cases * with leading zero limb * with trailing zero limb * negative Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Gilles Peskine	24baa81043	Improve mbedtls_mpi_bitlen test descriptions Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Gilles Peskine	c5772a194e	mbedtls_test_read_mpi_core: allow odd number of hex digits Test functions must now take a char* argument rather than data_t*. This does not affect existing test data. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Janos Follath	1b5c85c75b	Merge pull request #6386 from gilles-peskine-arm/bignum-mbedtls_test_read_mpi_core Introduce mbedtls_test_read_mpi_core	2022-10-10 15:14:46 +01:00
Jerry Yu	03aa174d7c	Improve test message and title Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-10 21:48:37 +08:00
Gabor Mezei	44ba2f6db9	Add more test cases Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 15:32:12 +02:00
Gabor Mezei	a67a1a3ebc	Remove the 'is_fail' parameter from the test functions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 15:25:59 +02:00
Gabor Mezei	d71eb0c3ac	Use better test macro Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 13:09:04 +02:00
Gabor Mezei	d6441da4c5	Remove redundant memory initialization When memory is allocated it is also initialized with 0. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 13:05:16 +02:00
Gabor Mezei	251cb632f1	Remove unused macro definition Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 13:02:21 +02:00
Przemek Stekiel	52a428b824	Fix MBEDTLS_SSL_TICKET_C, MBEDTLS_SSL_SESSION_TICKETS dependencies Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-10 11:23:18 +02:00
Przemek Stekiel	42bb3ff40b	Adapt expected results in ChaCha20-Poly1305 ( invalid tag length) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-10 07:28:40 +02:00
Jerry Yu	63b06ea06e	Update test cases Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-08 14:56:38 +08:00
Jerry Yu	25ab654781	Add dummy ticket support Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-07 10:11:05 +08:00
Jerry Yu	8897c07075	Add server only guards for psk callback Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-07 10:11:05 +08:00
Przemek Stekiel	c1ceae4848	crypto_config_test_driver_extension.h: add support for ChaCha20 - Poly1305 This is done to have LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 defined in libtestdriver1. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-06 16:53:47 +02:00
David Horstmann	db73d3b149	Add mbedtls_x509_get_name memory leak unit test Introduce a unit test to test mbedtls_x509_get_name() and add a testcase with a corrupt DER-encoded name that causes mbedtls_x509_get_name() to have to cleanup things it is allocated. If it fails to do this, a memory leak is detected under Asan builds. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-05 13:09:57 +01:00
Manuel Pégourié-Gonnard	ec7012dbc7	Fix I/O format of PSA EC J-PAKE for compliance The format used by the mbedtls_ecjpake_xxx() APIs and that defined by the PSA Crypto PAKE extension are quite different; the former is tailored to the needs of TLS while the later is quite generic and plain. Previously we only addressed some part of this impedance mismatch: the different number of I/O rounds, but failed to address the part where the legacy API adds some extras (length bytes, ECParameters) that shouldn't be present in the PSA Crypto version. See comments in the code. Add some length testing as well; would have caught the issue. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-05 12:52:48 +02:00
Gilles Peskine	99a82dce74	Readability improvement Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-05 11:20:56 +02:00
Gilles Peskine	80ca44f33c	Merge pull request #6325 from gabor-mezei-arm/6308_missing_initialization_in_test Add initialization for structures in test	2022-10-05 11:09:35 +02:00
Gilles Peskine	22514eb99b	Fix typo in documentation Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-04 15:09:53 +02:00
Gabor Mezei	8fcde5bb8e	Remove duplicate test case Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-04 13:53:33 +02:00
Gabor Mezei	02e5d439db	Add more tests for cond_assign/swap functions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-03 16:45:11 +02:00
Gabor Mezei	6546a6cc03	Rewrite tests for cond_assign/swap The cond_swap and cond_assign test functions now requires the same limb size for the MPI parameters. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-03 14:56:51 +02:00
Przemek Stekiel	6a5cc74cc4	Fix typos and comments Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-03 09:04:16 +02:00
Przemek Stekiel	bd99a0221b	test_driver_aead.c: add support for LIBTESTDRIVER1 tests Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-02 21:01:23 +02:00
Przemek Stekiel	e290f2ea14	all.sh: add testing of AEAD drivers with libtestdriver1 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-02 20:58:39 +02:00
Gilles Peskine	5bbdfce44c	Streamline mbedtls_mpi_core_lt_ct unit test Use mbedtls_test_read_mpi_core() to read the test data. Among other benefits, X and Y are now allocated to their exact size, so analyzers (Asan, Valgrind, Coverity, ...) have a chance of complaining if the tested function overflows the buffer. Remove TEST_CF_PUBLIC calls which are no longer necessary. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:53:04 +02:00
Gilles Peskine	3aae4e815e	New function mbedtls_test_read_mpi_core Allocate and read an MPI from a binary test argument. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:51:41 +02:00
Gilles Peskine	571576fc5c	Move the definition of data_t to a header file This way it can be used in helper functions. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:51:41 +02:00
Gilles Peskine	bdc7b8bb6a	Allow test assertions on constant-flow scalar data When testing a function that is supposed to be constant-flow, we declare the inputs as constant-flow secrets with TEST_CF_SECRET. The result of such a function is itself a constant-flow secret, so it can't be tested with comparison operators. In TEST_EQUAL, TEST_LE_U and TEST_LE_S, declare the values to be compared as public. This way, test code doesn't need to explicitly declare results as public if they're only used by one of these macros. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:51:41 +02:00
Gilles Peskine	97483b0fd4	Remove incorrect comment This comment (which used to be attached to the implementation, and should not have been moved to the header file) is incorrect: the library function mbedtls_mpi_read_string preserves leading zeros as desired, but does not create a zero-limb object for an empty string. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:51:41 +02:00
Tom Cosgrove	c621a6d38f	Update tests to account for CIPHER_FEATURE_UNAVAILABLE on non-authenticated alg Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-30 17:15:54 +01:00
Gabor Mezei	ec5685f1ee	Use exact-size buffers for inputs and outputs to library functions in tests Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 14:48:54 +02:00
Gabor Mezei	f5ca726ce1	Rename variables to match bettr to its purpose The length in bytes is used with the 'len' prefix and the length in limbs is used with the 'limbs' prefix. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 14:35:42 +02:00
Gabor Mezei	8b05e3b148	Add memory freeing Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:41 +02:00
Gabor Mezei	a7584888da	Use exact-size buffers for inputs and outputs to library functions in tests Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:41 +02:00
Gabor Mezei	821d15107b	Check true and false condition in the same test case Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:41 +02:00
Gabor Mezei	3eff425b1a	Use only one limb parameter for assign Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:40 +02:00
Gabor Mezei	027d696434	Remove unused code Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:40 +02:00
Gabor Mezei	b2763ef507	Do not read uninitialized memory Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:40 +02:00
Gabor Mezei	cfc0eb8d22	Remove unused parameter Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:39 +02:00
Gabor Mezei	53e455db7b	Remove return value checking from test functions of assign and swap Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:39 +02:00
Gabor Mezei	b27b1c5db0	Add tests for conditional assign and swap functions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:30 +02:00
Gilles Peskine	845de0898e	Merge pull request #6083 from tom-cosgrove-arm/issue-6015-montgomery-multiplication Montgomery multiplication from bignum prototype	2022-09-30 10:35:21 +02:00
Victor Barpp Gomes	d0225afcb6	Add a new test with a binary hwSerialNum Signed-off-by: Victor Barpp Gomes <17840319+Kabbah@users.noreply.github.com>	2022-09-29 13:52:55 -03:00
Victor Barpp Gomes	47c7a732d2	Print RFC 4108 hwSerialNum in hex format Signed-off-by: Victor Barpp Gomes <17840319+Kabbah@users.noreply.github.com>	2022-09-29 11:34:23 -03:00
Tom Cosgrove	4386ead662	Correct the aliasing requirements in doc for mbedtls_mpi_core_montmul(), and test them Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-29 14:40:21 +01:00
Przemek Stekiel	48a6a666a0	Add ssl-opt tls 1.2 tests for single cipher builds Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-29 15:29:33 +02:00
Przemek Stekiel	8d4b241028	Remove redundant indirect dependencies after optimizing setup for one cipher components Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-29 10:13:40 +02:00
Przemek Stekiel	a891a091a3	test_suite_cmac.data: fix bug: use cipher type instead cipher id Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-29 09:53:20 +02:00
Przemek Stekiel	68db0d2f67	Optimize one cipher only components and adapt nemes Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-29 08:32:25 +02:00
Ronald Cron	77c691f099	Merge pull request #6194 from xkqian/tls13_add_psk_client_cases TLS 1.3: Add PSK client cases	2022-09-28 17:08:06 +02:00
Przemek Stekiel	0cc3466c9e	Change testing strategy to default + one cypher only (psa/no psa) In full config TLS 1.2 is disabled. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 12:06:57 +02:00
Przemek Stekiel	b0de1c040b	Add components to build and test default/full config with legacy-ccm cipher only Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 11:15:16 +02:00
Przemek Stekiel	9550c05757	Add component to build and test full config with stream cipher only Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 09:51:55 +02:00
Xiaokang Qian	a70bd9108a	Fix the description of psk client cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-28 07:50:13 +00:00
Manuel Pégourié-Gonnard	e3358e14b2	Merge pull request #6051 from mprse/permissions_2b_v2 Permissions 2b: TLS 1.3 sigalg selection	2022-09-28 09:50:04 +02:00
Manuel Pégourié-Gonnard	f3f9e450b6	Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2 Ad-hoc KDF for EC J-PAKE in TLS 1.2	2022-09-28 09:47:32 +02:00
Przemek Stekiel	d582a01073	Make MBEDTLS_SSL_CONTEXT_SERIALIZATION dependent on AEAD Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 07:59:01 +02:00
Xiaokang Qian	ca343ae280	Improve message logs and test cases description in psk Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-28 02:07:54 +00:00
Gabor Mezei	0bb138241b	Add initialization for structures Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-27 18:48:44 +02:00
Przemek Stekiel	6f29a6c4b4	test_suite_cipher.function: always include aes.h It is done to have MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH macro available (used in tests) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-27 15:04:14 +02:00
Przemek Stekiel	a82290b727	Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions Both functions are calling mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions. These functions are guarded with MBEDTLS_CIPHER_MODE_AEAD \|\| MBEDTLS_NIST_KW_C flags - make it consistent. As a result ssl_server2 won't build now with MBEDTLS_SSL_SESSION_TICKETS enabled (mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions not available). Mark MBEDTLS_SSL_SESSION_TICKETS as dependent on MBEDTLS_CIPHER_MODE_AEAD \|\| MBEDTLS_NIST_KW_C and disable MBEDTLS_SSL_SESSION_TICKETS in stream cipher only build. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-27 15:04:14 +02:00
Przemek Stekiel	11c362a050	Add component to build and test default config with stream cipher only Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-27 15:04:08 +02:00
Xiaokang Qian	9c172042b6	Change cases description base on comments Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-27 11:41:50 +00:00
Xiaokang Qian	e12d30d751	Move psk related cases into tls13-kex-modes.sh Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-27 11:34:14 +00:00
Andrzej Kurek	3539f2c90b	Improve readability in ecjpake tests Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-26 10:56:02 -04:00
Xiaokang Qian	954d5769ef	PSK: change descriptions base on comments Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-26 08:40:10 +00:00
Xiaokang Qian	ac8195f4f7	Fix wrongly kex mode fallback issue in psk cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-26 06:31:58 +00:00
Gilles Peskine	12a1e85caa	Merge pull request #6138 from Zaya-dyno/validation_remove_change_key_agree Validation remove change key agree	2022-09-23 17:04:20 +02:00
Gilles Peskine	f70f4ead7f	Merge pull request #6248 from gilles-peskine-arm/all-sh-force-3.2 Fix all.sh --force	2022-09-23 17:04:00 +02:00
Gilles Peskine	87953f228f	Merge pull request #6091 from Zaya-dyno/validation_remove_change_pk Validation remove change pk	2022-09-23 17:03:30 +02:00
Paul Elliott	2c282c9bd0	Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.	2022-09-23 15:48:33 +01:00
Gabor Mezei	f29c2a5313	Add initialization for structures Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-23 15:25:27 +02:00
Xiaokang Qian	210727f3b1	Skip some psk cases cause wrong fallback to ephemeral Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 07:25:40 +00:00
Xiaokang Qian	dea2cbe199	Fix various test issues in psk m->m cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	658204c71e	Remove negative test cases for m->O and m->G Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	8939930b82	Rebase and fix some test failures Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	cffb18cee7	Fix various issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	8f7d7c7aaf	Address comments about description of psk cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	edc35e7ffd	Refine the psk test cases for m->G Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	2efece22a0	Refine the psk test cases for m->O Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	3cbbbbcb08	Shorten the description in psk m->m test cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	d7dcc4274b	Unified the test title of psk cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	2aaf1c1d74	Re-work psk test cases against openssl and gnutls Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	8e76e1de21	Add m->m cases with client be set to psk_all or all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	ca48dddf62	Add m->m with client be set to ephemeral or ephemeral_all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	198cefd1fa	Add force_version tls13 to the psk test cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	f9b694ba8f	Add m->m cases with client be set to psk and psk_ephemeral mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	e0cc584f70	Change result strings based on actula psk test result Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	df6a3891e8	Add client psk test cases for all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	a39d0d5e2b	Add client test cases for ephemeral_all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	01173c21b1	Add client test cases for ephemeral mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	ff5705bdd7	Add client test cases for psk_ephemeral mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	73894232e8	Add client test cases for psk_all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	cf6442e2e4	Add client test cases for psk mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:30 +00:00
XiaokangQian	335cfaadf9	Finalize client side code for psk Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-09-23 01:48:26 +00:00
Gilles Peskine	07ba2be20b	Merge pull request #6304 from yuhaoth/pr/exclude-pre_shared_key-from-hrr-msg TLS 1.3: PSK: Exclude pre_shared_key for HRR	2022-09-22 10:21:06 +02:00
Manuel Pégourié-Gonnard	1475ac49a4	Merge pull request #6107 from Zaya-dyno/validation_remove_change_hash Validation remove change hash	2022-09-22 09:24:44 +02:00
Manuel Pégourié-Gonnard	d5c82fb821	Merge pull request #6085 from Zaya-dyno/validation_remove_change_cipher Validation remove and change in files related to cipher in library	2022-09-22 09:10:13 +02:00
Jerry Yu	9370612312	remove certificate setting from psk_ephemeral HRR test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-21 22:44:24 +08:00
Tom Cosgrove	119eae2e51	Update names of test cases in generate_bignum_tests.py Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-21 12:19:18 +01:00
Tom Cosgrove	c573882674	Merge remote-tracking branch 'upstream/development' into issue-6015-montgomery-multiplication	2022-09-21 12:08:43 +01:00
Manuel Pégourié-Gonnard	d433cd7d07	Merge pull request #6283 from mpg/driver-only-hashes-wrap-up Driver only hashes wrap-up	2022-09-21 08:29:46 +02:00
Jerry Yu	2db49df44b	Add psk_ephemeral HRR tests Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-21 11:03:28 +08:00
Dave Rodgman	36e1d9ef1d	Merge pull request #6203 from wernerlewis/ecp_group_test Add test for ECP group metadata	2022-09-20 17:35:53 +01:00
Ronald Cron	50969e3af5	ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 15:57:57 +02:00
Tom Cosgrove	b0b77e1b13	Document and test aliasing of the bignums given to mbedtls_mpi_core_mla() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-20 13:33:40 +01:00
Ronald Cron	277cdcbcde	ssl-opt.sh: tls13 opaque key: Enable client authentication Enable client authentication in TLS 1.3 opaque key tests to use the opaque key on client side. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00
Ronald Cron	e3196d270c	ssl-opt.sh: tls13 opaque key: Do not force version on client side Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00
Ronald Cron	6ec2123bf3	ssl-opt.sh: Align prefix of TLS 1.3 opaque key tests Align prefix of TLS 1.3 opaque key tests with the prefix of the othe TLS 1.3 tests. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00
Ronald Cron	067a1e735e	tls13: Try reasonable sig alg for CertificateVerify signature Instead of fully validating beforehand signature algorithms with regards to the private key, do minimum validation and then just try to compute the signature. If it fails try another reasonable algorithm if any. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00
Ronald Cron	67ea2543ed	tls13: server: Add sig alg checks when selecting best certificate When selecting the server certificate based on the signature algorithms supported by the client, check the signature algorithms as close as possible to the way they are checked to compute the signature for the server to prove it possesses the private key associated to the certificate. That way we minimize the odds of selecting a certificate for which the server will not be able to compute the signature to prove it possesses the private key associated to the certificate. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:26:32 +02:00
Tom Cosgrove	ea45c1d2d4	Document and test aliasing of output for mbedtls_mpi_core_montmul() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-20 13:17:51 +01:00
Werner Lewis	05feee1841	Restore vbuf value after modification Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 12:05:58 +01:00
Werner Lewis	ccae25b4bf	Add explicit mbedtls_ecp_tls_read_group_id call Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 10:00:07 +01:00
Werner Lewis	7403d93f8a	Add leading zeros to group metadata Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 09:41:05 +01:00
Werner Lewis	57807308d5	Fix typo in MBEDTLS_ECP_DP_BP512R1 Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 09:16:11 +01:00
Tom Cosgrove	f2b3818a69	Test when all three inputs to mbedtls_mpi_core_sub() are aliased Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-20 09:08:31 +01:00
Asfandyar Orakzai	c155415f04	Merge branch 'Mbed-TLS:development' into codegen_1.1	2022-09-19 12:34:40 +02:00
Manuel Pégourié-Gonnard	1367f40d38	Fix memory corruption in an SSL test function Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-19 11:00:23 +02:00
Manuel Pégourié-Gonnard	73f9233a73	Use full config for testing driver-only hashes Stating from the default config means a few things are implicitly excluded; starting from the full config makes it all fully explicit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-19 10:47:05 +02:00
Manuel Pégourié-Gonnard	79e1467799	Fix include path for programs Same problem as #6101, same fix (the second commit of #6111). Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-19 09:27:53 +02:00
Jerry Yu	7a51305478	Add multi-session tickets test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-19 14:26:07 +08:00
Gilles Peskine	cca6ce8829	Fix directory mixup with generated data files CMakeLists.txt was calling generate_psa_tests.py and siblings to list the generated test data files with a --directory option, intended the output to be this argument textually. This used to work, but no longer does, because the --directory argument is relative to the current directory when the Python script is invoked, and the script now shows an absolute path. CMakeLists.txt now completely ignores the directory part of the listed data file paths and builds its own. The base_xxx_files variables now contain actual base names, without a "suites/" prefix. This makes it more robust with respect to the behavior of the Python script, but it will break if we put data files in multiple different directories one day. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-18 23:08:38 +02:00
Gilles Peskine	e188734f51	Don't use parallel jobs for pylint When pylint runs in parallel, it loses the ability to detect duplicated code across modules. Duplicated code is usually a bad thing, so give pylint the opportunity to let us know. This makes pylint slightly slower, but going from 2 threads to 1 does not make it anywhere close to twice as slow. On my machine, with Python 3.5, pylint -j2 takes about 12s while single-threaded pylint takes about 16s of wall clock time. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-18 21:27:37 +02:00
Ronald Cron	be0224aef3	Merge pull request #6167 from yuhaoth/pr/finalize-tls13-session-tickets	2022-09-18 21:18:13 +02:00
Gilles Peskine	d9071e7d96	Unify check_repo_path We had 4 identical copies of the check_repo_path function. Replace them by a single copy in the build_tree module where it naturally belongs. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-18 21:17:09 +02:00
Gilles Peskine	ef843f2b0c	MBEDTLS_PLATFORM_VSNPRINTF_ALT requires MBEDTLS_PLATFORM_C mbedtls_vsnprintf replacement works like mbedtls_snprintf replacement, so copy the requirements for MBEDTLS_PLATFORM_VSNPRINTF_ALT. (MBEDTLS_PLATFORM_xxx_MACRO shouldn't require MBEDTLS_PLATFORM_C, but that's a separate preexisting problem which I do not try address at this time.) Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-18 14:05:23 +02:00
Asfandyar Orakzai	4c93bb52ef	removed changed made to the test/bionic/Dockerfile Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>	2022-09-17 22:20:33 +02:00
asfand-silabs	b549776a23	Merge branch 'Mbed-TLS:development' into codegen_1.1	2022-09-17 19:54:01 +02:00
Gilles Peskine	4537d6d838	Move implementation detail from docstring to comment Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-17 10:38:58 +02:00
Gilles Peskine	64f2efdc40	More precise name for test data generation We have Python code both for test code generation (tests/scripts/generate_test_code.py) and now for test data generation. Avoid the ambiguous expression "test generation". This commit renames the Python module and adjusts all references to it. A subsequent commit will adjust the documentation. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-17 10:38:58 +02:00
Gilles Peskine	1716f06ee3	Merge pull request #6093 from wernerlewis/bignum_test_script Add bignum test case generation script	2022-09-17 10:37:26 +02:00
Werner Lewis	c2fb540c67	Use a script specific description in CLI help Previous changes used the docstring of the test_generation module, which does not inform a user about the script. Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-16 17:03:54 +01:00
Andrzej Kurek	2be1689504	Add capacity testing to EC J-PAKE to PMS tests Let the caller restrict the capacity but limit it to 32 bytes. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-16 07:14:04 -04:00
Andrzej Kurek	d37850404a	Add derivation step testing to EC J-PAKE to PMS tests Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-16 06:45:44 -04:00
Manuel Pégourié-Gonnard	07018f97d2	Make legacy_or_psa.h public. As a public header, it should no longer include common.h, just use build_info.h which is what we actually need anyway. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-16 12:02:48 +02:00
Archana	e17071a5ee	Update Dockerfile with missing packages Signed-off-by: Archana <archana.madhavan@silabs.com> Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>	2022-09-16 11:01:01 +02:00
Archana	634e0d25cb	Update check_names.py to exclude autogen file Don't look for MBED keywords on the autogenerated psa_crypto_driver_wrappers.c file. This is needed since the naming of constants is dependent on the driver json and the naming conventions used through the library is stuck at a place where it does not swing either way ( mbedtls_ / psa_). Signed-off-by: Archana <archana.madhavan@silabs.com> Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>	2022-09-16 11:01:01 +02:00
Archana	25876b8abb	Adding JSONSchema to CI scripts jsonschema is added to the ci scripts and Dockerfile Signed-off-by: Archana <archana.madhavan@silabs.com> Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>	2022-09-16 11:01:01 +02:00
Archana	04cfe34639	JSON Validation added (1) JSON file structure altered a bit. (2) JSON validated against schema. (3) Corresponding changes in the python script. Signed-off-by: Archana <archana.madhavan@silabs.com> Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>	2022-09-16 11:01:01 +02:00
Archana	e829cd6953	Driver Wrapper CodeGen Rev 1.1 (1) Add in driver jsons. (2) Improve Python scripts to take JSON file directory and template directory paths as arguments. (3) Add in file augment template files to template common functionality (4) render tempplates for Header files, ID generation and key management. (5) Changed driver ID nomenclature to be in synch with function names. Signed-off-by: Archana <archana.madhavan@silabs.com> Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>	2022-09-16 11:01:01 +02:00
Gilles Peskine	a844b4b370	No need to use MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED in tests Initializing return status variables to CORRUPTION_DETECTED is a second line of defense in library code in case there's a code path where we forget to assign to the variable. This isn't useful in test code. In any case, here, we might as well define the variable at the point of use. This fixes a build error in configurations with MBEDTLS_ERROR_C and MBEDTLS_PSA_CRYPTO_C both disabled, because then mbedtls/error.h isn't included so MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED isn't defined. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-15 21:05:04 +02:00
Gilles Peskine	945b23c46f	Include platform.h unconditionally: automatic part We used to include platform.h only when MBEDTLS_PLATFORM_C was enabled, and to define ad hoc replacements for mbedtls_xxx functions on a case-by-case basis when MBEDTLS_PLATFORM_C was disabled. The only reason for this complication was to allow building individual source modules without copying platform.h. This is not something we support or recommend anymore, so get rid of the complication: include platform.h unconditionally. There should be no change in behavior since just including the header should not change the behavior of a program. This commit replaces most occurrences of conditional inclusion of platform.h, using the following code: ``` perl -i -0777 -pe 's!#if.\n#include "mbedtls/platform.h"\n(#else.\n(#define (mbedtls\|MBEDTLS)_.\n\|#include <(stdarg\|stddef\|stdio\|stdlib\|string\|time)\.h>\n))?#endif.*!#include "mbedtls/platform.h"!mg' $(git grep -l '#include "mbedtls/platform.h"') ``` Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-15 20:33:07 +02:00
Tom Cosgrove	c71ca0cb3c	Remove some unnecessary whitespace (two spaces after commas) Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 15:38:17 +01:00
Tom Cosgrove	dbc156172c	Don't bother to test b + a after testing a + b if a == b Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 15:36:23 +01:00
Tom Cosgrove	17f1fdca0f	Update comments in mpi_core_add_if() test Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 15:23:56 +01:00
Tom Cosgrove	b7438d1f62	Update name of mbedtls_mpi_montg_init() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 15:05:59 +01:00
Tom Cosgrove	359feb0d2f	Better wording for the reason why we use an input MPI for a scalar value Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:52:34 +01:00
Tom Cosgrove	e2159f2083	Use the MAX() macro Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:40:10 +01:00
Tom Cosgrove	be7209db1f	Remove unnecessary casts Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:32:38 +01:00
Tom Cosgrove	50c477bd6b	Use S and sum (rather than X/expected) in mpi_core_add_if() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:28:30 +01:00
Tom Cosgrove	1feb5ac1b7	Switch to using TEST_LE_S() and TEST_LE_U() in tests Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:22:35 +01:00
Tom Cosgrove	2b177926ad	Use ASSERT_ALLOC() in tests Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:07:18 +01:00
Przemek Stekiel	c454aba203	ssl-opt.sh: add tests for key_opaque_algs option Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-15 14:22:29 +02:00
Manuel Pégourié-Gonnard	409a620dea	Merge pull request #6255 from mprse/md_tls13 Driver-only hashes: TLS 1.3	2022-09-15 10:37:46 +02:00
Manuel Pégourié-Gonnard	18dff1f226	Merge pull request #5871 from superna9999/4153-psa-expose-ec-j-pake Expose ECJPAKE through the PSA Crypto API	2022-09-15 09:25:55 +02:00
Ronald Cron	62e24ba186	Merge pull request #6260 from yuhaoth/pr/add-multiple-pre-config-psks TLS 1.3:Add multiple pre-configured psk test for server	2022-09-15 08:58:40 +02:00
Nick Child	8ce1b1afc8	pkcs7: Correct various syntatical mistakes Resond to feedback from the following comments: - use correct spacing [1-7] - remove unnecessary parenthesis [8] - fixup comments [9-11] - remove unnecessary init work [12] - use var instead of type for sizeof [13] [1] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953655691 [2] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953661514 [3] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953689929 [4] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953696384 [5] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953697558 [6] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953697793 [7] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953697951 [8] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953699102 [9] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r971223775 [10] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967133905 [11] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967135932 [12] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967151430 [13] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967154159 Signed-off-by: Nick Child <nick.child@ibm.com>	2022-09-14 15:13:52 -05:00
Nick Child	34d5e931cf	pkcs7: Use better return code for unimplemented specifications In response to feedback [1] [2], use MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE instead of MBEDTLS_ERR_PKCS7_INVALID_FORMAT for errors due to the pkcs7 implemntation being incomplete. [1] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953649079 [2] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953658276 Signed-off-by: Nick Child <nick.child@ibm.com>	2022-09-14 14:44:03 -05:00
Andrzej Kurek	4ba0e45f8e	all.sh: don't build with ECJPAKE_TO_PMS if SHA256 is not available Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-14 14:58:49 -04:00
Nick Child	8a94de40c7	test/pkcs7: Reduce number of test functions In response to feedback[1], we can reuse much of the functions in similar test cases by specifying some additional parameters. Specifically, test cases which probe the functionality of `mbedtls_pkcs7_parse_der` have all been merged into one test function. Additionally, all test cases which examine the `mbedtls_pkcs7_signed_data_verify` and `mbedtls_pkcs7_signed_hash_verify` functions have been merged into two test functions (one for single and one for multiple signers). [1] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953686780 Signed-off-by: Nick Child <nick.child@ibm.com>	2022-09-14 11:27:29 -05:00
Werner Lewis	52ae326ebb	Update references to file targets in docstrings Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-14 16:52:45 +01:00
Werner Lewis	ac446c8a04	Add combination_pairs helper function Wrapper function for itertools.combinations_with_replacement, with explicit cast due to imprecise typing with older versions of mypy. Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-14 16:52:45 +01:00
Werner Lewis	b6e809133d	Use typing.cast instead of unqualified cast Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-14 16:52:45 +01:00
Andrzej Kurek	d8705bc7b7	Add tests for the newly created ad-hoc EC J-PAKE KDF Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-14 08:39:41 -04:00
Ronald Cron	208257b39f	Merge pull request #6259 from yuhaoth/pr/add-psk_ephemeral-possible-group-tests TLS 1.3: PSK: Add possible group tests for psk with ECDHE	2022-09-14 14:21:46 +02:00
Jerry Yu	673b0f9ad3	Randomize order of psks Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-14 18:02:26 +08:00
Manuel Pégourié-Gonnard	b2407f2b91	Merge pull request #6261 from mprse/hash_size_macro Create MBEDTLS_MAX_HASH_SIZE in hash_info.h	2022-09-14 10:00:06 +02:00
Przemek Stekiel	dcec7ac3e8	test_psa_crypto_config_accel_hash_use_psa: enable tls.1.3 at the end and adapt comment Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-13 18:08:54 +02:00
Przemek Stekiel	a4af13a46c	test_psa_crypto_config_accel_hash_use_psa: enable TLS 1.3 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-13 18:08:54 +02:00
Dave Rodgman	8cc46aa22c	Merge pull request #6275 from daverodgman/fixcopyright Correct copyright and license in crypto_spe.h	2022-09-13 11:23:52 +01:00
Jerry Yu	a02841bb8a	revert changes on PSK tests Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-13 11:07:27 +08:00
Dave Rodgman	53a18f23ac	Correct copyright and license in crypto_spe.h Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-09-12 17:57:32 +01:00
Werner Lewis	3dc45198e6	Replace L/R inputs with A/B Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-12 17:35:27 +01:00
Werner Lewis	1fade8adb6	Move symbol definition out of __init__ Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-12 17:34:15 +01:00
Andrzej Kurek	d681746a51	Split some ssl-opt.sh test cases into two There's a slightly different behaviour without MBEDTLS_SSL_ASYNC_PRIVATE that has to be handled. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-12 05:37:46 -04:00
Andrzej Kurek	07e3570f8c	Add an ssl-opt.sh run to all.sh for the accel_hash_use_psa config Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-12 05:37:46 -04:00
Andrzej Kurek	934e9cd47f	Switch to the new version of hash algorithm checking in ssl-opt.sh Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-12 05:34:23 -04:00
Andrzej Kurek	9c061a2d19	Add a posibility to check for the availability of hash algs to ssl-opt The new function now dispatches a check for either an MBEDTLS or PSA define to check for SHA_XXX. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-12 05:34:23 -04:00
Manuel Pégourié-Gonnard	f6a6a2d815	Merge pull request #6216 from AndrzejKurek/tls-tests-no-md-compat TLS without MD - compat.sh addition to all.sh hash acceleration tests	2022-09-12 10:23:49 +02:00
Hannes Tschofenig	fd6cca4448	CID update to RFC 9146 The DTLS 1.2 CID specification has been published as RFC 9146. This PR updates the implementation to match the RFC content. Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>	2022-09-07 17:15:05 +02:00
Przemek Stekiel	40afdd2791	Make use of MBEDTLS_MAX_HASH_SIZE macro Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-06 14:18:45 +02:00
Neil Armstrong	2a73f21878	Fixup expected status handling in ecjpake_setup() and add more coverage for psa_pake_set_password_key() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-09-06 11:34:54 +02:00
Jerry Yu	58af2335d9	Add possible group tests for psk with ECDHE Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-06 14:49:39 +08:00

... 6 7 8 9 10 ...

7893 commits