Przemek Stekiel
3022370896
Add changelog entry for V3 extensions in CSR
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-27 16:06:08 +01:00
Gabor Mezei
b57c908855
Shorten the prefix of the test case belongs to the fix quasi-reduction function
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-27 14:37:42 +01:00
Gabor Mezei
26439bf692
Revert "Add dependency for generated test cases"
...
The 'MBEDTLS_TEST_HOOKS' belongs to a test function and
not to a test case.
This reverts commit 1e8c210b9d
.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-27 14:33:50 +01:00
Valerio Setti
18b9b035ad
test: add test for a full length serial of 0xFF
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-27 11:47:57 +01:00
Valerio Setti
a87f839113
test: improve error handling in x509_set_serial_check()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-27 11:29:42 +01:00
Valerio Setti
9b5e1da8f8
fixing a typo in comment
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-27 11:29:35 +01:00
Manuel Pégourié-Gonnard
169d9e6eb4
Merge pull request #6802 from gilles-peskine-arm/test_suite_psa_crypto_metadata-20221215
...
Add metadata tests for CCM* and TLS1.2-ECJPAKE-to-PMS
2023-01-27 10:05:00 +01:00
Przemek Stekiel
59f4a18b6f
Fix test dependency SHA1 -> SHA256
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-27 07:14:14 +01:00
Przemek Stekiel
36ad5e7ab5
Fix code style
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-26 22:30:45 +01:00
Gilles Peskine
b82977a429
Merge pull request #6962 from davidhorstmann-arm/fix-check-python-errors
...
Fix check python errors
2023-01-26 21:54:25 +01:00
Gilles Peskine
81505e4a16
Merge pull request #6917 from yanrayw/6658-not-print-Terminated-ubuntu-22.04
...
Fix the problem of printing "Terminated" in compat.sh under Ubuntu-22.04
2023-01-26 21:53:33 +01:00
Gilles Peskine
b20028b3a3
Avoid using external programs in inner loops
...
Don't use external programs for string manipulation that the shell can do.
This makes the script a little faster (~10% when testing PSK).
For this commit, I only looked at code run in the innermost loop.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-26 21:45:45 +01:00
Gilles Peskine
47aab850da
Batch cipher translations to go faster
...
Python has a high startup cost, so go back to invoking it only once per
server start, rather than once per client start. This is a measurable
performance improvement (running time ~*0.5 with PSK, less dramatic with
asymmetric crypto).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-26 21:45:45 +01:00
Gilles Peskine
292cd6f4e5
Don't use the cipher suite in check_openssl_server_bug
...
We can detect PSK based on $TYPE. This allows more flexibility in how cipher
suites are spelled.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-26 21:44:26 +01:00
Valerio Setti
af4815c6a4
x509: replace/fix name of new function for setting serial
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-26 17:43:09 +01:00
Valerio Setti
fa49a8ecdb
test: fix complementary domain testing for !MBEDTLS_ECP_C
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-26 17:16:38 +01:00
Gabor Mezei
1e8c210b9d
Add dependency for generated test cases
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-26 12:30:01 +01:00
Janos Follath
803638c023
Merge pull request #6939 from minosgalanakis/bignum/6027_hardcode_montgomery_moduli
...
Bignum: hardcode montgomery moduli
2023-01-25 16:51:11 +00:00
Przemek Stekiel
32e20919ac
Remove redundant check and add comment to inform about processing of empty extensions
...
Netscape Certificate Management System Administrator's Guide: Extension-Specific Policy Modules, Chapter 18: Extension-Specific Policy Modules, Netscape Certificate Type Extension Policy:
> The extension has no default value.
A bitstring with no flags set is still technically valid, as it will mean that the certificate has no designated purpose at the time of creation.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-25 16:20:25 +01:00
Przemek Stekiel
d7992df529
Use input files to parse CSR instead of bytes
...
Additionally fix the generation of test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr.der which was incorectly malformed.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-25 16:19:50 +01:00
Valerio Setti
de7bb5b361
test: add failing check for secp224r1 with compressed format
...
The test is expected to fail, so we verify that this is really
not suppported
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-25 14:02:03 +01:00
Gabor Mezei
9a66ab180c
Fix missing declarration
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-25 13:23:38 +01:00
David Horstmann
04bdbe3ee0
Remove unnecessary '\' linebreak characters
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-25 11:39:04 +00:00
Valerio Setti
9cb0f7a423
test: driver-only: fix disparities in random
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-25 11:49:11 +01:00
Valerio Setti
3002c99247
test: extend analyze_outcomes.py in order to skip only some test in a suite
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-25 11:49:00 +01:00
Valerio Setti
7e57920511
test: driver-only: fix disparities in psa_crypto_se_driver_hal
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-25 11:30:46 +01:00
Valerio Setti
4682948c1e
test: driver-only: fix disparities in ECP
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-25 11:30:31 +01:00
Przemek Stekiel
94e21e153f
Skip unsupported extensions
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-25 11:08:32 +01:00
Przemek Stekiel
92cce3fe6d
Use extension .csr.der to indicate format
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-25 10:33:26 +01:00
Przemek Stekiel
f0e25c72d9
Add missing dependencies for negative tests, remove PEM dependency
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-25 09:38:01 +01:00
Gilles Peskine
8296eabed6
Merge pull request #6957 from tom-cosgrove-arm/fix-spelling-of-doxygen-return
...
Fix doxygen return parameter spelling
2023-01-24 21:56:45 +01:00
Gilles Peskine
3b8623fe2c
Merge pull request #6903 from Mihir-Raj-Singh/Bignum_rename_mtoN
...
Rename modulus input argument from m to N
2023-01-24 21:48:54 +01:00
David Horstmann
79f14e3990
Give proper Dict type hints in crypto_knowledge.py
...
This prevents a return type error in a later function that uses the
dictionaries here properly typed.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 18:59:07 +00:00
David Horstmann
f0c75796be
Fix a missing type hint warning
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 18:53:15 +00:00
David Horstmann
6b3ce309ad
Don't wrap stdout and stderr in UTF-8 wrapper
...
This is no longer needed as we only print ASCII text directly
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 18:40:34 +00:00
David Horstmann
ce42cc24d1
Output diff without capturing it
...
Instead of capturing the output of diff and printing it, let diff do its
own outputting and se the return code to decide what to do.
This also means that the conversion of stdout to UTF-8 is not necessary,
as the reason it was needed was for printing diffs of files with UTF-8
characters in them.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 18:19:42 +00:00
Gabor Mezei
627e5b1f91
Only enable fix_quasi_reduction when testing
...
Avoid compiler error due to the fix_quasi_reduction function
is static and has not been used.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-24 18:13:24 +01:00
Gabor Mezei
246d66bb5f
Use reproductable random numbers
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-24 18:02:52 +01:00
David Horstmann
089d0d08a0
Add basic output on success
...
Whilst it is true that "silence is golden", no output at all could be
disconcerting and it makes searching in a CI log more difficult.
Add a simple status message that says "Checked N files, style ok".
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 16:56:18 +00:00
Gabor Mezei
6f96c89fc3
Fix pylint issues
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-24 17:38:26 +01:00
David Horstmann
c9f90aaf5a
Remove overly verbose output on success
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 16:00:01 +00:00
David Horstmann
28d2157002
Change print to print_err for an error message
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 15:53:36 +00:00
David Horstmann
7d52682958
Remove unnecessary "Line length options" heading
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 15:53:36 +00:00
David Horstmann
8b5a449c82
Document that the script must be run from the root
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 15:53:36 +00:00
David Horstmann
995a7c0de0
Remove provisional notice on code style script
...
Since code style is now enforced, the notice is wrong. Remove it to
avoid confusion.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 15:53:36 +00:00
Przemek Stekiel
a468768000
Dealocate memory for subject alt names
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-01-24 15:19:47 +01:00
Gabor Mezei
86c90fca3e
Rename variables to follow the naming convention
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-24 14:21:10 +01:00
Gabor Mezei
ee2aff2093
Add check for test input
...
The input for fix_quasi_reduction must be in range 0 <= X < 2N.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-24 14:21:05 +01:00
Manuel Pégourié-Gonnard
00d3e96042
Merge pull request #6855 from mpg/driver-only-ecdsa-starter
...
Driver-only ECDSA starter
2023-01-24 13:06:17 +01:00
Dave Rodgman
9ee8ebfb36
Merge pull request #6952 from daverodgman/getting-started
...
Update the getting-started doc
2023-01-24 10:25:57 +00:00