Commit graph

148 commits

Author SHA1 Message Date
Pengyu Lv
0a7108f32d Extend the validity period of pkcs7-rsa-sha*.crt to 10 years
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-06-06 10:31:30 +08:00
Pengyu Lv
0f5ca2dc87 Add rules to generate test-int-ca{2,3}.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-06-06 10:31:30 +08:00
Pengyu Lv
467deeffbb Add rules to generate test-ca2_cat-*.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-05-29 20:55:40 +08:00
Pengyu Lv
309d434f94 Add rules to generate server10*.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-05-29 20:55:40 +08:00
Pengyu Lv
44c42fe303 Add rules to generate server8*.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-05-29 20:55:40 +08:00
Pengyu Lv
2d5e6aecdf Add rules to generate server7*.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-05-29 20:55:40 +08:00
Jerry Yu
964ddb5cb4 Add rules to generate server6.crt
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-05-29 20:55:40 +08:00
Jerry Yu
540b0220a0 Add rules to generate server5-sha*.crt
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-05-29 20:55:40 +08:00
Jerry Yu
460b6cf0ba Add server5-der*crt generate command
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-05-29 20:55:40 +08:00
Jerry Yu
b7b40b494d Add rules to generate server5[-badsign].crt
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-05-29 20:55:40 +08:00
Pengyu Lv
f31d18a52b Add rules to generate server4.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-05-29 20:55:40 +08:00
Pengyu Lv
cd61b740c5 Add rules to generate server3.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-05-29 20:55:40 +08:00
Pengyu Lv
6f804693e5 Fix wrong target names in the Makefile in tests/data_files
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-05-29 20:55:40 +08:00
Pengyu Lv
491c64cd37 Mark all_intermediate as intermediate files
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-05-29 20:55:40 +08:00
Andrzej Kurek
00d55988d9 Fix wrong makefile target
Missing tab and a prerequisite that's not a file
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-05-22 09:37:55 -04:00
Mukesh Bharsakle
4823d5ff0e
Merge branch 'Mbed-TLS:development' into update-pkparse-tests-to-use-AES 2023-05-10 12:35:19 +01:00
Jethro Beekman
0167244be4 Read and write X25519 and X448 private keys
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
Co-authored-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>
Signed-off-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>
2023-05-04 13:01:47 +02:00
Valerio Setti
8820b57b6e test: fix makefile for ec_pub.[der/pem] generation
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-05-02 15:45:39 +02:00
Valerio Setti
c8b7865612 test: align ec_pub public keyfile with its ec_prv.sec1 counterpart
This change affects:
- both PEM and DER files, since they contain the same public key
  only in different formats
- "ec_pub.comp.pem" since it's the same as "ec_pub.pem" but in
  compressed format

The makefile was also updated accordingly to reflect these
dependencies.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-05-02 15:45:39 +02:00
Valerio Setti
547b3a4ab5 fix typos
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-24 10:24:37 +02:00
Valerio Setti
232a006a46 test: fix extension in DER test files
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-18 12:53:19 +02:00
Valerio Setti
8b7d4323da test: add Makefile target for the generated DER files
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-18 11:08:44 +02:00
Mukesh Bharsakle
b17f6a211d Updating makefile to document key generation
Signed-off-by: Mukesh Bharsakle <bharsaklemukesh975@gmail.com>
2023-04-12 00:05:45 +01:00
Andrzej Kurek
303704ef4a Remove unnecessary tabs
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-29 11:41:34 -04:00
Andrzej Kurek
d90376ef46 Add a test for a malformed directoryname sequence
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-29 11:38:45 -04:00
Andrzej Kurek
d348632a6a Switch from PEM to DER format for new x509 directoryname test
This simplifies generating malformed data and doesn't require
the PEM support for tests.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-29 11:03:01 -04:00
Andrzej Kurek
151d85d82c Introduce a test for a malformed directoryname SAN
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-29 11:03:01 -04:00
Andrzej Kurek
4a4f1ec8e9 Add the original certificate to be malformed for x509 tests
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-29 11:03:01 -04:00
Andrzej Kurek
e12b01d31b Add support for directoryName subjectAltName
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-29 11:03:01 -04:00
Paul Elliott
9f02a4177b
Merge pull request #7009 from mprse/csr_write_san
Added ability to include the SubjectAltName extension to a CSR - v.2
2023-03-17 10:07:27 +00:00
Dave Rodgman
2e8442565a Add PKCS #7 test files using expired cert
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-11 10:24:30 +00:00
Xiaokang Qian
c96d2de569 Update corrupted char for pkcs7 corrupt signer info cases
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-03-07 10:35:47 +00:00
Xiaokang Qian
9c703d80ca Add fuzz bad cases for signer info 1 and 2
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-03-07 08:38:58 +00:00
Xiaokang Qian
8993a14567 Add unexpected tag cases for signer info 1 and 2
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-03-07 08:38:58 +00:00
Xiaokang Qian
e8c696ffd1 Add invalid size test case for signer info[2](The third one)
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-03-07 08:38:58 +00:00
Xiaokang Qian
72b4bcac03 Add invalid size test case for signer info 1(the second one)
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-03-07 08:38:55 +00:00
Przemek Stekiel
8e83d3aaa9 Add tests for writting SAN to CSR
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-03 12:58:05 +01:00
Gilles Peskine
1eae11565d
Merge pull request #6949 from bensze01/replace_pkcs7_fuzzer_tests
Replace fuzzer-generated PKCS #7 memory management tests
2023-03-01 10:46:22 +01:00
Bence Szépkúti
35d674a6ee Replace usage of echo -e in pkcs7 data Makefile
This use of the shell builtin is not portable.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-02-28 17:01:21 +01:00
Paul Elliott
ac2251dad1
Merge pull request #7076 from mprse/parse_RFC822_name
Add parsing of x509 RFC822 name + test
2023-02-27 14:16:13 +00:00
Bence Szépkúti
248971348b Replace fuzzer-generated PKCS7 regression tests
This commit adds well-formed reproducers for the memory management
issues fixed in the following commits:

290f01b3f5
e7f8c616d0
f7641544ea

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-02-24 15:31:03 +01:00
Dave Rodgman
e42cedf256
Merge pull request #7077 from daverodgman/pkcs7-fixes-dm-rebased
Pkcs7 fixes
2023-02-21 11:53:30 +00:00
Przemek Stekiel
608e3efc47 Add test for parsing SAN: rfc822Name
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-20 15:09:50 +01:00
Manuel Pégourié-Gonnard
718eb4f190
Merge pull request #7025 from AndrzejKurek/uri_san
Add the uniformResourceIdentifier subtype for the subjectAltName
2023-02-20 11:29:59 +01:00
Dave Rodgman
c5874db5b0 Add test-case for signature over zero-length data
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-16 16:14:46 +00:00
Gilles Peskine
c5e2a4fe67
Merge pull request #6937 from valeriosetti/issue6886
Add test for PK parsing of keys using compressed points
2023-02-14 19:54:29 +01:00
Andrzej Kurek
570a0f808b Move to DER certificates for new x509 tests
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-02-14 05:52:49 -05:00
Andrzej Kurek
7a05fab716 Added the uniformResourceIdentifier subtype for the subjectAltName.
Co-authored-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-02-13 10:03:07 -05:00
Dave Rodgman
a22749e749
Merge pull request #6816 from nick-child-ibm/pkcs7_coverage
Pkcs7 coverage
2023-02-10 12:55:29 +00:00
Nick Child
3dafc6c3b3 pkcs7: Drop support for signature in contentInfo of signed data
The contentInfo field of PKCS7 Signed Data structures can
optionally contain the content of the signature. Per RFC 2315
it can also contain any of the PKCS7 data types. Add test and
comments making it clear that the current implementation
only supports the DATA content type and the data must be empty.

Return codes should be clear whether content was invalid or
unsupported.
Identification and fix provided by:
 - Demi Marie Obenour <demiobenour@gmail.com>
 - Dave Rodgman <dave.rodgman@arm.com>

Signed-off-by: Nick Child <nick.child@ibm.com>
2023-02-07 20:04:52 +00:00