Commit graph

23431 commits

Author SHA1 Message Date
Przemek Stekiel
3022370896 Add changelog entry for V3 extensions in CSR
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-27 16:06:08 +01:00
Gabor Mezei
b57c908855
Shorten the prefix of the test case belongs to the fix quasi-reduction function
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-27 14:37:42 +01:00
Gabor Mezei
26439bf692
Revert "Add dependency for generated test cases"
The 'MBEDTLS_TEST_HOOKS' belongs to a test function and
not to a test case.

This reverts commit 1e8c210b9d.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-27 14:33:50 +01:00
Valerio Setti
18b9b035ad test: add test for a full length serial of 0xFF
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-27 11:47:57 +01:00
Valerio Setti
a87f839113 test: improve error handling in x509_set_serial_check()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-27 11:29:42 +01:00
Valerio Setti
9b5e1da8f8 fixing a typo in comment
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-27 11:29:35 +01:00
Manuel Pégourié-Gonnard
169d9e6eb4
Merge pull request #6802 from gilles-peskine-arm/test_suite_psa_crypto_metadata-20221215
Add metadata tests for CCM* and TLS1.2-ECJPAKE-to-PMS
2023-01-27 10:05:00 +01:00
Przemek Stekiel
59f4a18b6f Fix test dependency SHA1 -> SHA256
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-27 07:14:14 +01:00
Przemek Stekiel
36ad5e7ab5 Fix code style
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-26 22:30:45 +01:00
Gilles Peskine
b82977a429
Merge pull request #6962 from davidhorstmann-arm/fix-check-python-errors
Fix check python errors
2023-01-26 21:54:25 +01:00
Gilles Peskine
81505e4a16
Merge pull request #6917 from yanrayw/6658-not-print-Terminated-ubuntu-22.04
Fix the problem of printing "Terminated" in compat.sh under Ubuntu-22.04
2023-01-26 21:53:33 +01:00
Gilles Peskine
b20028b3a3 Avoid using external programs in inner loops
Don't use external programs for string manipulation that the shell can do.
This makes the script a little faster (~10% when testing PSK).

For this commit, I only looked at code run in the innermost loop.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-26 21:45:45 +01:00
Gilles Peskine
47aab850da Batch cipher translations to go faster
Python has a high startup cost, so go back to invoking it only once per
server start, rather than once per client start. This is a measurable
performance improvement (running time ~*0.5 with PSK, less dramatic with
asymmetric crypto).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-26 21:45:45 +01:00
Gilles Peskine
292cd6f4e5 Don't use the cipher suite in check_openssl_server_bug
We can detect PSK based on $TYPE. This allows more flexibility in how cipher
suites are spelled.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-26 21:44:26 +01:00
Valerio Setti
af4815c6a4 x509: replace/fix name of new function for setting serial
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-26 17:43:09 +01:00
Valerio Setti
fa49a8ecdb test: fix complementary domain testing for !MBEDTLS_ECP_C
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-26 17:16:38 +01:00
Gabor Mezei
1e8c210b9d
Add dependency for generated test cases
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-26 12:30:01 +01:00
Janos Follath
803638c023
Merge pull request #6939 from minosgalanakis/bignum/6027_hardcode_montgomery_moduli
Bignum: hardcode montgomery moduli
2023-01-25 16:51:11 +00:00
Przemek Stekiel
32e20919ac Remove redundant check and add comment to inform about processing of empty extensions
Netscape Certificate Management System Administrator's Guide: Extension-Specific Policy Modules, Chapter 18: Extension-Specific Policy Modules, Netscape Certificate Type Extension Policy:
> The extension has no default value.

A bitstring with no flags set is still technically valid, as it will mean that the certificate has no designated purpose at the time of creation.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-25 16:20:25 +01:00
Przemek Stekiel
d7992df529 Use input files to parse CSR instead of bytes
Additionally fix the generation of test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr.der which was incorectly malformed.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-25 16:19:50 +01:00
Valerio Setti
de7bb5b361 test: add failing check for secp224r1 with compressed format
The test is expected to fail, so we verify that this is really
not suppported

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-25 14:02:03 +01:00
Gabor Mezei
9a66ab180c
Fix missing declarration
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-25 13:23:38 +01:00
David Horstmann
04bdbe3ee0 Remove unnecessary '\' linebreak characters
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-25 11:39:04 +00:00
Valerio Setti
9cb0f7a423 test: driver-only: fix disparities in random
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-25 11:49:11 +01:00
Valerio Setti
3002c99247 test: extend analyze_outcomes.py in order to skip only some test in a suite
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-25 11:49:00 +01:00
Valerio Setti
7e57920511 test: driver-only: fix disparities in psa_crypto_se_driver_hal
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-25 11:30:46 +01:00
Valerio Setti
4682948c1e test: driver-only: fix disparities in ECP
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-25 11:30:31 +01:00
Przemek Stekiel
94e21e153f Skip unsupported extensions
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-25 11:08:32 +01:00
Przemek Stekiel
92cce3fe6d Use extension .csr.der to indicate format
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-25 10:33:26 +01:00
Przemek Stekiel
f0e25c72d9 Add missing dependencies for negative tests, remove PEM dependency
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-25 09:38:01 +01:00
Gilles Peskine
8296eabed6
Merge pull request #6957 from tom-cosgrove-arm/fix-spelling-of-doxygen-return
Fix doxygen return parameter spelling
2023-01-24 21:56:45 +01:00
Gilles Peskine
3b8623fe2c
Merge pull request #6903 from Mihir-Raj-Singh/Bignum_rename_mtoN
Rename modulus input argument from m to N
2023-01-24 21:48:54 +01:00
David Horstmann
79f14e3990 Give proper Dict type hints in crypto_knowledge.py
This prevents a return type error in a later function that uses the
dictionaries here properly typed.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 18:59:07 +00:00
David Horstmann
f0c75796be Fix a missing type hint warning
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 18:53:15 +00:00
David Horstmann
6b3ce309ad Don't wrap stdout and stderr in UTF-8 wrapper
This is no longer needed as we only print ASCII text directly

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 18:40:34 +00:00
David Horstmann
ce42cc24d1 Output diff without capturing it
Instead of capturing the output of diff and printing it, let diff do its
own outputting and se the return code to decide what to do.

This also means that the conversion of stdout to UTF-8 is not necessary,
as the reason it was needed was for printing diffs of files with UTF-8
characters in them.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 18:19:42 +00:00
Gabor Mezei
627e5b1f91
Only enable fix_quasi_reduction when testing
Avoid compiler error due to the fix_quasi_reduction function
is static and has not been used.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-24 18:13:24 +01:00
Gabor Mezei
246d66bb5f
Use reproductable random numbers
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-24 18:02:52 +01:00
David Horstmann
089d0d08a0 Add basic output on success
Whilst it is true that "silence is golden", no output at all could be
disconcerting and it makes searching in a CI log more difficult.

Add a simple status message that says "Checked N files, style ok".

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 16:56:18 +00:00
Gabor Mezei
6f96c89fc3
Fix pylint issues
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-24 17:38:26 +01:00
David Horstmann
c9f90aaf5a Remove overly verbose output on success
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 16:00:01 +00:00
David Horstmann
28d2157002 Change print to print_err for an error message
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 15:53:36 +00:00
David Horstmann
7d52682958 Remove unnecessary "Line length options" heading
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 15:53:36 +00:00
David Horstmann
8b5a449c82 Document that the script must be run from the root
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 15:53:36 +00:00
David Horstmann
995a7c0de0 Remove provisional notice on code style script
Since code style is now enforced, the notice is wrong. Remove it to
avoid confusion.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 15:53:36 +00:00
Przemek Stekiel
a468768000 Dealocate memory for subject alt names
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-24 15:19:47 +01:00
Gabor Mezei
86c90fca3e
Rename variables to follow the naming convention
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-24 14:21:10 +01:00
Gabor Mezei
ee2aff2093
Add check for test input
The input for fix_quasi_reduction must be in range 0 <= X < 2N.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-24 14:21:05 +01:00
Manuel Pégourié-Gonnard
00d3e96042
Merge pull request #6855 from mpg/driver-only-ecdsa-starter
Driver-only ECDSA starter
2023-01-24 13:06:17 +01:00
Dave Rodgman
9ee8ebfb36
Merge pull request #6952 from daverodgman/getting-started
Update the getting-started doc
2023-01-24 10:25:57 +00:00