yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
24745 commits 1 branch 0 tags 94 MiB
Commit graph

377 commits

Author SHA1 Message Date
Gilles Peskine
1a24895bfd Simplify string escapes 
Treat backslash as a universal escape character: "\n" is a newline,
backslash escapes any non-alphanumeric character.

This affects some test cases that had "\," standing for backslash-comma.
With the new uniform treatment of backslashes, this needs to be "\\,".

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-04-26 19:39:54 +02:00
Gilles Peskine
935a987b2b
Merge pull request #7436 from AndrzejKurek/x509-verify-san-ip 
x509 SAN IP parsing
 2023-04-21 22:00:58 +02:00
Andrzej Kurek
af04f6307f Add an IPv4 mapped IPv6 test 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-04-18 07:26:59 -04:00
Andrzej Kurek
fe050815c8 Introduce an additional test for IPV4 parsing 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-04-13 09:20:05 -04:00
Andrzej Kurek
e404612580 Replace old macro in test_suite_x509parse 
MD_CAN_SHAXXX should be now used.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-04-13 09:19:58 -04:00
Glenn Strauss
7bd00e0708 use MBEDTLS_PK_CAN_ECDSA_SOME 
instead of MBEDTLS_ECDSA_C in test data dependencies

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2023-04-11 08:29:43 -04:00
Glenn Strauss
700ffa0744 use MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA 
instead of MBEDTLS_SHA256_C in test data dependencies

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2023-04-11 08:29:42 -04:00
Glenn Strauss
6f545acfaf Add mbedtls_x509_crt_parse_cn_inet_pton() tests 
Extended from https://github.com/Mbed-TLS/mbedtls/pull/2906
contributed by Eugene K <eugene.kobyakov@netfoundry.io>

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2023-04-11 08:29:42 -04:00
Eugene K
3208b0b391 add IP SAN tests changes per mbedTLS standards 
Signed-off-by: Eugene K <eugene.kobyakov@netfoundry.io>
 2023-04-11 08:29:42 -04:00
Valerio Setti
6c496a1553 solve disparities for ECP_LIGHT between ref/accel 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-04-11 11:33:50 +02:00
Andrzej Kurek
43d7131c14 Fix rfc822name test arguments 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-29 11:41:32 -04:00
Andrzej Kurek
532b8d41af Move an x509 malformation test 
Now, that the errors are not silently ignored
anymore, instead of expecting a <malformed>
tag in parsed data, the test case returns
an error.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-29 11:40:36 -04:00
Andrzej Kurek
d90376ef46 Add a test for a malformed directoryname sequence 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-29 11:38:45 -04:00
Andrzej Kurek
d348632a6a Switch from PEM to DER format for new x509 directoryname test 
This simplifies generating malformed data and doesn't require
the PEM support for tests.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-29 11:03:01 -04:00
Andrzej Kurek
151d85d82c Introduce a test for a malformed directoryname SAN 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-29 11:03:01 -04:00
Andrzej Kurek
e12b01d31b Add support for directoryName subjectAltName 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-29 11:03:01 -04:00
Manuel Pégourié-Gonnard
a946489efd X.509: use MD_CAN macros 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:28:00 +01:00
Paul Elliott
ac2251dad1
Merge pull request #7076 from mprse/parse_RFC822_name 
Add parsing of x509 RFC822 name + test
 2023-02-27 14:16:13 +00:00
Gilles Peskine
ffb92b0789
Merge pull request #7105 from davidhorstmann-arm/fix-oid-printing-bug 
Fix bugs in OID to string conversion
 2023-02-21 23:16:44 +01:00
Przemek Stekiel
a006f8c17b Adapt dependencies for parsing rfc822Name test 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-02-21 13:36:56 +01:00
David Horstmann
a4fad2ba67 Correct error code in test_suite_x509parse.data 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-02-20 14:57:47 +00:00
Przemek Stekiel
5b9e4168cf Add rfc822Name support in mbedtls_x509_info_subject_alt_name + adapt test 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-02-20 15:09:50 +01:00
Przemek Stekiel
608e3efc47 Add test for parsing SAN: rfc822Name 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-02-20 15:09:50 +01:00
Manuel Pégourié-Gonnard
718eb4f190
Merge pull request #7025 from AndrzejKurek/uri_san 
Add the uniformResourceIdentifier subtype for the subjectAltName
 2023-02-20 11:29:59 +01:00
Andrzej Kurek
570a0f808b Move to DER certificates for new x509 tests 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-14 05:52:49 -05:00
Andrzej Kurek
4077372b98 Fix SHA requirement for SAN URI tests 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-13 10:18:17 -05:00
Andrzej Kurek
7a05fab716 Added the uniformResourceIdentifier subtype for the subjectAltName. 
Co-authored-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-13 10:03:07 -05:00
Manuel Pégourié-Gonnard
d3d8c852a0
Merge pull request #6997 from valeriosetti/issue6858 
driver-only ECDSA: get testing parity in X.509
 2023-02-13 15:30:06 +01:00
Valerio Setti
a119cb64ef test: remove redundant ECDSA_C dependencies from test_suite_x509parse.data 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-13 09:54:49 +01:00
Valerio Setti
00a6c6fcbe test: fix for using proper sign/verify macros 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-08 13:52:31 +01:00
Valerio Setti
fcc6933a53 test: fix disparities in x509parse and x509write suites 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-08 13:52:31 +01:00
Andrzej Kurek
7dcdc132d5 Change SHA256_C to HAS_ALG_SHA256_VIA[..] in x509 tests 
This way these tests won't be skipped in a configuration with a driver.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-07 05:24:34 -05:00
Hanno Becker
5d82c3b99c X.509: Improve negative testing for SubjectAltName parsing 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-07 05:10:29 -05:00
Hanno Becker
db305ff42e X.509: Improve negative testing for SubjectAltName parsing 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-07 05:10:29 -05:00
Przemek Stekiel
59f4a18b6f Fix test dependency SHA1 -> SHA256 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-27 07:14:14 +01:00
Przemek Stekiel
d7992df529 Use input files to parse CSR instead of bytes 
Additionally fix the generation of test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr.der which was incorectly malformed.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-25 16:19:50 +01:00
Przemek Stekiel
94e21e153f Skip unsupported extensions 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-25 11:08:32 +01:00
Przemek Stekiel
92cce3fe6d Use extension .csr.der to indicate format 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-25 10:33:26 +01:00
Przemek Stekiel
f0e25c72d9 Add missing dependencies for negative tests, remove PEM dependency 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-25 09:38:01 +01:00
Przemek Stekiel
160968586b Add negative test cases and use DER format for CSRs 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-24 10:57:19 +01:00
Przemek Stekiel
3f948c96e2 Fix typo in test dependencies 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-24 10:57:19 +01:00
Przemek Stekiel
685d472db3 Adapt expected output of existing tests 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-24 10:57:19 +01:00
Przemek Stekiel
46a4a4987e Add tests to very parsing of CSR v3 extensions 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-24 10:57:19 +01:00
Manuel Pégourié-Gonnard
7a389ddc84
Merge pull request #6784 from valeriosetti/issue6702 
Make SHA224_C/SHA384_C independent from SHA256_C/SHA512_C
 2023-01-03 09:36:58 +01:00
Manuel Pégourié-Gonnard
4511ca063a Use PSS-signed CRL for PSS tests 
Otherwise, in builds without PKSC1_V15, tests that are supposed to
accept the certificate will fail, because once the cert is OK they will
move on to checking the CRL and will choke on its non-PSS signature.

Tests that are supposed to reject the cert due to an invalid signature
from the CA will not check the CRL because they don't recognize the CA
as valid, so they have no reason to check the CA's CRL. This was hiding
the problem until the recent commit that added a test where the cert is
supposed to be accepted.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-12-30 10:13:41 +01:00
Valerio Setti
b6bf7dcc28 test: fix depends.py for hash tests 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-22 14:28:03 +01:00
Manuel Pégourié-Gonnard
3b1a706935 Disable 'wrong salt len' test with USE_PSA 
We've decided not to check it, see
https://github.com/Mbed-TLS/mbedtls/issues/5277

Also add a test that we accept the certificate with USE_PSA.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-12-21 09:55:30 +01:00
Valerio Setti
e7221a21ad test: adjust depends.py to new SHA224/SHA384 changes 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-12-16 14:43:48 +01:00
Gilles Peskine
4a480ac5a1
Merge pull request #6265 from Kabbah/x509-info-hwmodulename-hex 
`x509_info_subject_alt_name`: Render HardwareModuleName as hex
 2022-11-08 17:11:07 +01:00
David Horstmann
d0e3d45e96 Add explanatory comments to raw DER test data 
Break down the DER-encoded ASN.1 test data into its structure in a
comment and explain it, to make it easier to understand where the data
came from and how it is corrupted.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-17 17:55:04 +01:00