Manuel Pégourié-Gonnard
edf059747a
Merge pull request #7691 from DemiMarie/test-equal
...
x509parse tests: Replace TEST_ASSERT with TEST_EQUAL
2023-06-21 11:02:21 +02:00
Paul Elliott
458b96b1a7
Merge pull request #7638 from AndrzejKurek/cert-apps-use-ips
...
Use better IP parsing in x509 apps
2023-06-20 17:21:04 +01:00
Demi Marie Obenour
16442cc929
x509parse tests: Replace TEST_ASSERT with TEST_EQUAL
...
The latter gives much more informative errors.
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2023-06-19 11:10:27 -04:00
Andrzej Kurek
c40a1b552c
Remove references to x509_invasive.h
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-07 08:54:34 -04:00
Przemek Stekiel
ff9c2996f3
Fix code style
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-07 09:01:29 +02:00
Przemek Stekiel
05d5c3e734
Further test improvements
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-07 09:01:29 +02:00
Przemek Stekiel
9a1c428966
Fix after rebase (remove redundant variables in tests)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-07 09:01:29 +02:00
Przemek Stekiel
a6a0a7929a
Use TEST_EQUAL instead of TEST_ASSERT in tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-07 09:01:29 +02:00
Przemek Stekiel
1969f6a453
Test optional fields in authorityKeyId
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-07 09:01:29 +02:00
Przemek Stekiel
0ad1006606
Check values in tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-07 09:01:29 +02:00
Przemek Stekiel
2568d47916
Use generated certs in DER format in tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-07 09:01:29 +02:00
Gilles Peskine
97edeb4fb8
Merge pull request #6866 from mprse/extract-key-ids
...
Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions v.2
2023-05-08 20:38:29 +02:00
Przemek Stekiel
67d3f52617
Use int instead uint in test function arguments
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-05-08 11:15:59 +02:00
Przemek Stekiel
8194285cf1
Fix parsing of authorityCertSerialNumber (use valid tags)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-05-03 16:19:16 +02:00
valerio
e50831c639
test: minor fix for non-initialized variable
...
Signed-off-by: valerio <valerio.setti@nordicsemi.no>
2023-04-24 13:47:18 +02:00
valerio
32f2ac9a18
test: proper positioning of USE_PSA_INIT + added missing exit labels
...
Signed-off-by: valerio <valerio.setti@nordicsemi.no>
2023-04-24 13:47:18 +02:00
Valerio Setti
569c171015
test: fix USE_PSA_INIT/DONE for x509 test suite
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-24 13:47:18 +02:00
Glenn Strauss
6f545acfaf
Add mbedtls_x509_crt_parse_cn_inet_pton() tests
...
Extended from https://github.com/Mbed-TLS/mbedtls/pull/2906
contributed by Eugene K <eugene.kobyakov@netfoundry.io>
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2023-04-11 08:29:42 -04:00
Przemek Stekiel
39dbe23845
Release memory for subject alt name in test
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-04 17:48:28 +02:00
Przemek Stekiel
019842119d
Adapt test for authority_key_id (parsing subject alt name)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-04 17:48:28 +02:00
Przemek Stekiel
8661fed943
Fix tests dependencies
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-04 17:48:28 +02:00
Przemek Stekiel
9a511c5bdf
Rename back mbedtls_x509_parse_general_name->mbedtls_x509_parse_subject_alt_name
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-04 17:48:28 +02:00
toth92g
9085cff438
Removing obsolete test after merging and correcting missing macro
...
Signed-off-by: toth92g <toth92g@gmail.com>
2023-04-04 17:48:28 +02:00
toth92g
8d435a0c8b
Renaming x509_get_subject_alt_name to x509_get_general_names and mbedtls_x509_parse_subject_alt_name to mbedtls_x509_parse_general_name so they can be used not only to collect subject alt name, but the V3 authority cert issuer that is also GeneralName type.
...
Also updated the x509_get_general_names function to be able to parse rfc822Names
Test are also updated according these changes.
Signed-off-by: toth92g <toth92g@gmail.com>
2023-04-04 17:48:28 +02:00
toth92g
5042b104c2
- Removing obsolete test files (DER strings are used instead of them to minimize resource usage)
...
- Renaming test functions to match the naming conventions
Signed-off-by: toth92g <toth92g@gmail.com>
2023-04-04 17:48:28 +02:00
toth92g
357b297b16
Correcting tests:
...
- Wrong condition was checked (ref_ret != 0 instead of ref_ret == 0)
- tags were not checked (nor lengths)
- Using ASSERT_COMPARE where possible
Signed-off-by: toth92g <toth92g@gmail.com>
2023-04-04 17:48:27 +02:00
toth92g
2d2fb3a5a7
Correting findings: Using DER format instead of PEM while testing to minimize the resource usage. Comparation of byte arrays in test are now done via the dedicated ASSERT_COMPARE test macro for better understanding
...
Signed-off-by: toth92g <toth92g@gmail.com>
2023-04-04 17:48:27 +02:00
toth92g
0e2e2d6841
x509parse tests used only last 16 bits of the return values. They are updated to check the whole 32 bit value
...
Signed-off-by: toth92g <toth92g@gmail.com>
2023-04-04 17:48:27 +02:00
toth92g
a41954d0cf
Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions. Updating mbedtls_x509_crt_free function to also free the new dynamic elements (issuer field of AuthorityKeyId).
...
A few tests are also added which test the feature with a correct certificate and multiple ones with erroneous ASN1 tags.
Signed-off-by: toth92g <toth92g@gmail.com>
2023-04-04 17:48:27 +02:00
Andrzej Kurek
d90376ef46
Add a test for a malformed directoryname sequence
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-29 11:38:45 -04:00
Andrzej Kurek
d40c2b65a6
Introduce proper memory management for SANs
...
DirectoryName parsing performs allocation that has to be handled.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-29 11:03:01 -04:00
Andrzej Kurek
e12b01d31b
Add support for directoryName subjectAltName
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-29 11:03:01 -04:00
Manuel Pégourié-Gonnard
7224086ebc
Remove legacy_or_psa.h
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-21 16:29:31 +01:00
Manuel Pégourié-Gonnard
33a13028e5
X.509: fix test failures
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-21 16:28:00 +01:00
Przemek Stekiel
608e3efc47
Add test for parsing SAN: rfc822Name
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-20 15:09:50 +01:00
Valerio Setti
178b5bdddf
pk: move MBEDTLS_PK_CAN_ECDSA_SOME macro to pk.h and fix tests
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 11:15:06 +01:00
Valerio Setti
25fd51f4af
test: add missing include in test_suite_x509parse
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-10 15:21:40 +01:00
Gilles Peskine
0cfb08ddf1
Merge pull request #6922 from mprse/csr_v3
...
Parsing v3 extensions from a CSR - v.2
2023-02-03 16:41:11 +01:00
Dave Rodgman
6dd757a8ba
Fix use of sizeof without brackets
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-02 12:40:50 +00:00
Przemek Stekiel
d7992df529
Use input files to parse CSR instead of bytes
...
Additionally fix the generation of test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr.der which was incorectly malformed.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-25 16:19:50 +01:00
Gilles Peskine
449bd8303e
Switch to the new code style
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-11 14:50:10 +01:00
Manuel Pégourié-Gonnard
4511ca063a
Use PSS-signed CRL for PSS tests
...
Otherwise, in builds without PKSC1_V15, tests that are supposed to
accept the certificate will fail, because once the cert is OK they will
move on to checking the CRL and will choke on its non-PSS signature.
Tests that are supposed to reject the cert due to an invalid signature
from the CA will not check the CRL because they don't recognize the CA
as valid, so they have no reason to check the CA's CRL. This was hiding
the problem until the recent commit that added a test where the cert is
supposed to be accepted.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-30 10:13:41 +01:00
Manuel Pégourié-Gonnard
cc6e0a650f
Fix missing initialisation of PSA Crypto
...
This fixes the two failures in test_suite_x509parse when both
ECP_RESTARTABLE and USE_PSA_CRYPTO are enabled.
The failure happened because the operation is dispatched to PSA when
restart is disabled (max_ops == 0).
Previously it was correct for this test function not to initialize PSA,
because it depends on ECP_RESTARTABLE which used to conflict with
USE_PSA_CRYPTO, but that's no longer the case.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-09 10:09:32 +01:00
Gilles Peskine
4a480ac5a1
Merge pull request #6265 from Kabbah/x509-info-hwmodulename-hex
...
`x509_info_subject_alt_name`: Render HardwareModuleName as hex
2022-11-08 17:11:07 +01:00
Glenn Strauss
a4b4041219
Shared code to free x509 structs
...
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-10-28 12:51:35 -04:00
David Horstmann
2bb9c8a884
Change brace initialization to memset
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-10-20 10:18:37 +01:00
David Horstmann
01dd548025
Minor fixes to x509_get_name() test function
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-10-19 17:13:57 +01:00
David Horstmann
3cd67584bc
Improve X509 DN test naming
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-10-17 17:59:10 +01:00
David Horstmann
db73d3b149
Add mbedtls_x509_get_name memory leak unit test
...
Introduce a unit test to test mbedtls_x509_get_name() and add a testcase
with a corrupt DER-encoded name that causes mbedtls_x509_get_name() to
have to cleanup things it is allocated. If it fails to do this, a memory
leak is detected under Asan builds.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-10-05 13:09:57 +01:00
Victor Barpp Gomes
47c7a732d2
Print RFC 4108 hwSerialNum in hex format
...
Signed-off-by: Victor Barpp Gomes <17840319+Kabbah@users.noreply.github.com>
2022-09-29 11:34:23 -03:00