Valerio Setti
80318d2775
ssl-opt: automatically detect requirements when using certs in dir-maxpath
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-13 12:26:42 +01:00
Yanray Wang
3463435ec5
ssl_helpers.c: fix review comments and improve code readability
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:20:42 +08:00
Yanray Wang
5ba709c449
Move #define Directive into ssl_helpers.h
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:20:42 +08:00
Yanray Wang
09a6f7e14f
Move TEST_AVAILABLE_ECC into ssl_helpers.h
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:20:42 +08:00
Yanray Wang
1db628f254
Move ECJPAKE_TEST_SET_PASSWORD into ssl_helpers.h
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:20:42 +08:00
Yanray Wang
a8f445e60f
Fix issue of conversion from size_t to int
...
ssl_helpers.c is treated with W3 warning level in MSVC complier.
So that it's reported as error for warning of conversion from
size_t to int. This change fixes all this type of warning seen in
Microsoft Visual Studio 12.0. Besides, some potential problems of
type conversion are also handled.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:20:42 +08:00
Yanray Wang
e64b40520d
Fix build error in CI about test_fail_if_psa_leaking
...
During test of component build_arm_linux_gnueabi_gcc_arm5vte and
build_arm_none_eabi_gcc_m0plus. It fails with
- error: implicit declaration of function
‘test_fail_if_psa_leaking’
It happens because test_fail_if_psa_leaking is defined in
helpers.function. This block of code is not converted into C code
while compiling ssl_helpers.c. The function has been moved to
psa_crypto_helpers.c in order to fix this build error.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:20:42 +08:00
Yanray Wang
b458b8c0ec
Fix build errors in CMake
...
tests/src/ssl_helpers.c depends on functions defined
in library/*.c. If it's complied as an OBJECT with other c files,
cmake complains undefined reference in link stage under programs/.
Therefore, tests/src/test_helpers/ is created to hold c files with
dependency of library/*.c. Besides, tests/src/test_helper/*.c is
separated into another OBJECT, mbedtls_test_helpers, as sources
to build all test suite executables.
In addition, everest header directory is included in case
MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED is enabled.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:20:42 +08:00
Yanray Wang
1fca4de942
ssl_helpers.c: remove duplicate comments for some functions
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:20:42 +08:00
Yanray Wang
4d07d1c394
Resolve build errors for ssl_helpers.c and test_suite_ssl.c
...
Since we move many functions from test_suite_ssl.function to
ssl_helpers.c in commit 8e2bbdd. This causes various of
build errors. This commit fixes all the build errors by
- including header files
- providing function definition
- adding guards for typedef statements and functions
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:20:42 +08:00
Yanray Wang
e6afd919dd
Move TLS connection related functions to ssl_helpers.c
...
Some functions are renamed in commit d51d285. This change moves all
those functions which are used to set up a TLS connection from
test_suite_ssl.function into ssl_helpers.c.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:20:42 +08:00
Yanray Wang
d577a68325
Improve code readability for test_suite_ssl.function
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:15:53 +08:00
Yanray Wang
bd29683c90
Rewrap the lines to fit code standard in test_suite_ssl.function
...
As the typedef statements and functions are renamed in commit
de3caee and commit d51d285 respectively. This commit aims
to align code lines to fit code standard and improve code
readability.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:15:53 +08:00
Yanray Wang
f7b62353cb
Rename the functions which are used to set up TLS connection
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:15:53 +08:00
Yanray Wang
55a6619135
Move the renamed typedef statements to ssl_helpers.h
...
With this change, the renamed typedef statements (commit de3caee)
are moved from test_suite_ssl.function into ssl_helpers.h
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:15:53 +08:00
Yanray Wang
9ef0dce9e3
Rename the typedef statements which are used for TLS connection
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:15:53 +08:00
Yanray Wang
47907a4bb4
Create ssl_helpers.c to hold functions of TLS connection
...
test_suite_ssl.function contains many functions that are used to set
up a TLS connection. To reduce its file size, those functions would
be moved to ssl_helpers.c under tests/src. As the start of this
implementation, some necessary header files are moved in advance.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-13 19:15:53 +08:00
Valerio Setti
77588e9451
ssl-opt: uniformize requirements in tests
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-13 12:00:10 +01:00
Dave Rodgman
756b028511
Merge pull request #7171 from daverodgman/pr5527
...
Fix undefined behavior in ssl_read if buf parameter is NULL
2023-03-13 10:46:29 +00:00
Pengyu Lv
62ed1aa316
ssl-opt: Add test for cache entry removal
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-03-13 09:28:17 +08:00
Przemek Stekiel
18cd6c908c
Use local macros for j-pake slient/server strings
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-12 16:59:28 +01:00
Przemek Stekiel
aa1834254e
Fix code style
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-12 16:59:28 +01:00
Przemek Stekiel
09104b8712
rework psa_pake_set_role to be consistent with requirements and adapt tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-12 16:59:28 +01:00
Przemek Stekiel
f15d335f5b
ecjpake_setup: clean up handling of errors
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-12 16:59:28 +01:00
Dave Rodgman
8e528ece74
Disable test under MBEDTLS_MEMORY_BUFFER_ALLOC_C
...
This test allocates too much memory to work when the alternative
memory allocator is used.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-12 13:30:56 +00:00
Dave Rodgman
45bed94406
Add parse failure test when MBEDTLS_RSA_C not set
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-12 10:01:02 +00:00
Dave Rodgman
651fb529f9
Make pkcs7_parse test not depend on MBEDTLS_RSA_C
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-12 10:00:44 +00:00
Dave Rodgman
4fa8590b62
Fix test dependency
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-12 09:34:08 +00:00
Dave Rodgman
f8565b3c2b
Add more PKCS #7 tests with expired cert
...
Add test which uses an expired cert but is otherwise OK, which
passes if and only if MBEDTLS_HAVE_TIME_DATE is not set.
Add similar test which verifies against a different data file,
which must fail regardless of MBEDTLS_HAVE_TIME_DATE.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-11 10:26:39 +00:00
Dave Rodgman
2e8442565a
Add PKCS #7 test files using expired cert
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-11 10:24:30 +00:00
Dave Rodgman
cc77fe8e52
Fix PKCS #7 tests when MBEDTLS_HAVE_TIME_DATE unset
...
Ensure that verification of an expired cert still fails, but
update the test to handle the different error code.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-11 09:46:13 +00:00
Dave Rodgman
d51b1c5666
Remove duplicate test macros
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-10 17:44:08 +00:00
Dave Rodgman
ca43e0d0ac
Fix test file extension
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-10 13:06:01 +00:00
Dave Rodgman
f2f2dbcfd7
Add test case for PKCS7 file with zero signers
...
The test file was created by manually modifying
tests/data_files/pkcs7_data_without_cert_signed.der, using
ASN.1 JavaScript decoder https://lapo.it/asn1js/
Changes made:
The SignerInfos set was truncated to zero length.
All the parent sequences, sets, etc were then adjusted
for their new reduced length.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-10 12:52:00 +00:00
Dave Rodgman
ac447837d3
Merge pull request #7206 from xkqian/test_memory_management_in_pkcs7
...
Test memory management in pkcs7
2023-03-10 11:29:50 +00:00
Przemek Stekiel
f3ae020c37
Use user/peer instead role in jpake driver-wrapper tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-10 09:18:03 +01:00
Przemek Stekiel
af94c13b2c
Add tests for user/peer input getters
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-10 09:18:03 +01:00
Przemek Stekiel
0c946e9aa9
Addapt jpake tests and add cases for set_user, set_peer
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-10 09:18:03 +01:00
Gilles Peskine
4da92832b0
Merge pull request #7117 from valeriosetti/issue6862
...
driver-only ECDSA: enable ECDSA-based TLS 1.2 key exchanges
2023-03-09 20:49:44 +01:00
Gilles Peskine
a25203c5f9
Merge pull request #7208 from paul-elliott-arm/interruptible_sign_hash_new_verify_tests
...
Interruptible_{sign|verify}_hash: Add public key verification tests
2023-03-09 20:48:13 +01:00
Dave Rodgman
bf4016e5d5
Merge pull request #6567 from mprse/ecjpake-driver-dispatch
2023-03-09 19:23:05 +00:00
Dave Rodgman
8657e3280a
Add corrupt PKCS #7 test files
...
Generated by running "make <filename>" and commiting the result.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-09 15:59:15 +00:00
valerio
2bf85e349d
ssl-opt: enable test for accelerated ECDH + USE_PSA
...
Signed-off-by: valerio <valerio.setti@nordicsemi.no>
2023-03-09 16:39:07 +01:00
valerio
f27472b128
ssl-opt: enable test and fix failures for reference ECDH + USE_PSA"
...
Signed-off-by: valerio <valerio.setti@nordicsemi.no>
2023-03-09 16:20:38 +01:00
Przemek Stekiel
b8eaf635ba
Remove MBEDTLS_SHA256_C from PSA_WANT_ALG_JPAKE config and adapt test dependencies
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-09 12:14:26 +01:00
Manuel Pégourié-Gonnard
913d9bb921
Merge pull request #7162 from valeriosetti/issue7055
...
Legacy MBEDTLS_PK_PARSE_C and MBEDTLS_PK_WRITE_C dependencies in test_suite_psa_crypto
2023-03-08 17:07:19 +01:00
Valerio Setti
1470ce3eba
fix typos
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-08 16:50:12 +01:00
Valerio Setti
2f081473b6
test: fix disparities in test_suite_ssl
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-08 16:47:28 +01:00
Valerio Setti
f84b7d5c21
test: enable ECDSA based key exchanges in driver coverage tests
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-08 16:47:28 +01:00
Manuel Pégourié-Gonnard
289e5baa83
Merge pull request #7082 from valeriosetti/issue6861
...
driver-only ECDSA: add ssl-opt.sh testing with testing parity
2023-03-08 16:45:38 +01:00
Gabor Mezei
eb591ff94d
Add test generation for ecp_mod_p256_raw
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-03-08 14:12:20 +01:00
Gabor Mezei
ab6ac91a0a
Extract Secp256r1 from the prototype
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-03-08 14:09:50 +01:00
Valerio Setti
c0e7da55c5
test: removing remaning dependencies of PK_WRITE/PK_PARSE from test_suite_psa_crypto suites
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-08 11:03:09 +01:00
Valerio Setti
f9bc5b75f1
test: remove dependencies on PK_WRITE and PK_PARSE from test_suite_psa_crypto suites
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-08 11:03:09 +01:00
Valerio Setti
ccfad9ae0e
ssl-opt: remove remaining redundant dependencies
...
There were some dependencies that are now automatically satisfied by the
detect_required_features() function.
After this check there should be no redundant requirement for:
- requires_pk_alg "ECDSA"
- requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT
- requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-08 10:25:05 +01:00
Valerio Setti
3b2c02821e
ssl-opt: return to previous debug level in test
...
This was a leftover from some debug activity that unfortunately ended up
in previous commits.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-08 10:22:29 +01:00
Gilles Peskine
a2fc399f57
Merge pull request #6829 from AndrzejKurek/unify-psa-errors
...
Unify PSA to Mbed TLS error translation
2023-03-07 19:55:44 +01:00
Gilles Peskine
30fc999f43
Merge pull request #7164 from oberon-microsystems/fix-test-exported-length-edwards
...
Fix expected export length for Edwards curves in test suite.
2023-03-07 19:53:48 +01:00
Valerio Setti
213c4eae3a
ssl-opt: enhance comment for get_tls_version() function
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-07 19:29:57 +01:00
Janos Follath
fe780a3c4b
Merge pull request #7184 from gabor-mezei-arm/6349_Secp224r1_fast_reduction
...
Extract Secp224r1 fast reduction from the prototype
2023-03-07 10:57:58 +00:00
Xiaokang Qian
c96d2de569
Update corrupted char for pkcs7 corrupt signer info cases
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-03-07 10:35:47 +00:00
Przemek Stekiel
4aa99403f4
Fix configuration for accelerated jpake
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-07 10:50:09 +01:00
Xiaokang Qian
d2988adb31
Add rsa dependencies for pkcs7 corrupt signer info cases
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-03-07 08:38:58 +00:00
Xiaokang Qian
9c703d80ca
Add fuzz bad cases for signer info 1 and 2
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-03-07 08:38:58 +00:00
Xiaokang Qian
8993a14567
Add unexpected tag cases for signer info 1 and 2
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-03-07 08:38:58 +00:00
Xiaokang Qian
e8c696ffd1
Add invalid size test case for signer info[2](The third one)
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-03-07 08:38:58 +00:00
Xiaokang Qian
72b4bcac03
Add invalid size test case for signer info 1(the second one)
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-03-07 08:38:55 +00:00
Manuel Pégourié-Gonnard
a5ffa93e43
Merge pull request #7142 from mpg/driver-only-ecdh-starter
...
Driver-only ECDH starter
2023-03-07 09:14:38 +01:00
Paul Elliott
8c092052bd
Add public key verification tests
...
Add public key verification tests, and alter test intent comments to make it
obvious that verify_hash_interruptible can do public keys as well as private
and keypairs.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-03-06 17:49:14 +00:00
Manuel Pégourié-Gonnard
86393db84d
Revert local experiment.
...
This was never meant to be committed here.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-06 16:19:05 +01:00
Valerio Setti
23e50b9042
ssl-opt: remove redundant ECDSA dependencies in TLS1.3 tests
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-06 14:48:39 +01:00
Manuel Pégourié-Gonnard
07d92620d4
Fix some message strings and comments in all.sh
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-06 13:38:55 +01:00
Manuel Pégourié-Gonnard
0d1f5be688
Add comment about shared config function
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-06 13:35:21 +01:00
Valerio Setti
5d8d1a7f60
analyze_outcomes: print all output on stderr
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-06 11:08:17 +01:00
Manuel Pégourié-Gonnard
228a30d16c
Merge pull request #7120 from mpg/md-light
...
Define "MD light" subset of MD
2023-03-06 11:02:19 +01:00
Dave Rodgman
4693fd9e9e
Merge pull request #7173 from daverodgman/zeroize-platform
...
Use platform-provided secure zeroization
2023-03-06 09:16:12 +00:00
Stephan Koch
6eb73113b1
Fix codestyle with uncrustify.
...
Signed-off-by: Stephan Koch <koch@oberon.ch>
2023-03-03 17:48:40 +01:00
Dave Rodgman
45cef61fa4
Merge branch 'development' into md-light
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-03 14:28:13 +00:00
Dave Rodgman
1f39a62ce6
Merge pull request #7151 from gilles-peskine-arm/psa-headers-alt
...
Allow alternative names for overridable PSA headers
2023-03-03 12:37:51 +00:00
Przemek Stekiel
5a49d3cce3
Replace mbedtls_x509_san_node with mbedtls_x509_subject_alternative_name
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-03 12:58:11 +01:00
Przemek Stekiel
8e83d3aaa9
Add tests for writting SAN to CSR
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-03 12:58:05 +01:00
Dave Rodgman
e11c1ceac9
Merge pull request #7200 from paul-elliott-arm/interruptible_sign_hash_fail_tests
...
Enable all keys for interruptible op fail tests
2023-03-03 11:51:57 +00:00
Andrzej Kurek
8a045ce5e6
Unify PSA to Mbed TLS error translation
...
Move all error translation utilities to psa_util.c.
Introduce macros and functions to avoid having
a local copy of the error translating function in
each place.
Identify overlapping errors and introduce a
generic function.
Provide a single macro for all error translations
(unless one file needs a couple of different ones).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-03 05:23:44 -05:00
Dave Rodgman
05b80a4eee
Merge pull request #6201 from gilles-peskine-arm/tls13_only-renegotiation
...
Disable MBEDTLS_SSL_RENEGOTIATION in TLS-1.3-only builds
2023-03-03 09:56:51 +00:00
Dave Rodgman
e965c3c4bd
Merge pull request #7197 from daverodgman/armclang-sha-warning
...
Enable -Werror in all.sh for armclang
2023-03-03 09:01:41 +00:00
Valerio Setti
194e2bdb6a
fix typos
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-02 17:18:10 +01:00
Paul Elliott
ddbc6ed6cd
Enable all keys for interruptible op fail tests
...
Due to a misunderstanding about the purpose of the test, I had limited this to
ECC keys only, however this defeats the purpose of the test, and left gaps in
test coverage.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-03-02 16:03:43 +00:00
Dave Rodgman
0fddf829d5
Add more detailed comment
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-02 15:32:12 +00:00
Gilles Peskine
57897b8d6a
Merge pull request #6493 from AndrzejKurek/pymod
...
Use `config.py` as a module in `depends.py`
2023-03-02 15:38:47 +01:00
Dave Rodgman
1c232a8311
Enable -Werror for armclang
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-02 13:39:04 +00:00
Dave Rodgman
2f386c55ff
Disable MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT for armclang
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-02 13:38:33 +00:00
Gilles Peskine
136d25c416
Explicitly disable all DTLS options in tls13-only.h
...
This makes no difference when starting from the default configuration. It
allows tls13-only.h to be used with other base configurations such as `full`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-01 19:49:58 +01:00
Gilles Peskine
7d3186d18a
Disable MBEDTLS_SSL_RENEGOTIATION in tls13-only configuration
...
There's no renegotiation in TLS 1.3, so this option should have no effect.
Insist on having it disabled, to avoid the risk of accidentally having
different behavior in TLS 1.3 if the option is enabled (as happened in
https://github.com/Mbed-TLS/mbedtls/issues/6200 ).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-01 19:47:23 +01:00
Dave Rodgman
f4385faa6f
Merge pull request #7188 from paul-elliott-arm/interruptible_sign_hash_complete_after_start_fail
...
Interruptible {sign|verify} hash - Call complete() after start() failure.
2023-03-01 17:18:08 +00:00
Paul Elliott
42585f678b
Merge pull request #7176 from paul-elliott-arm/interruptible_sign_hash_verify_test_improvements
...
Interruptible {sign|verify} hash verification test improvements
2023-03-01 15:00:45 +00:00
Paul Elliott
ebf2e38662
Merge pull request #7177 from paul-elliott-arm/interruptible_sign_hash_improve_num_ops_testing
...
Interruptible sign hash improve num ops testing
2023-03-01 14:59:44 +00:00
Paul Elliott
de7c31e082
Improve comment wording
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-03-01 14:43:52 +00:00
Przemek Stekiel
f5dcb8886a
Rework pake input getters tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-01 12:28:21 +01:00
Gilles Peskine
1eae11565d
Merge pull request #6949 from bensze01/replace_pkcs7_fuzzer_tests
...
Replace fuzzer-generated PKCS #7 memory management tests
2023-03-01 10:46:22 +01:00
Pengyu Lv
c6298ad46a
Use parentheses to avoid executing the output
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-03-01 10:31:29 +08:00
Pengyu Lv
c2b1864ceb
Revert "Check if the license server is available for armcc"
...
This reverts commit 55c4fa4f41
.
After discussion, We decided not to check the availability
of the license server for the impacts on CI and user usages.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-03-01 10:25:08 +08:00
Paul Elliott
7c17308253
Add num_ops tests to sign and verify interruptible hash
...
This is the only test usable for non-deterministic ECDSA, thus needs this
code path testing as well.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-28 17:23:29 +00:00
Paul Elliott
8359c14c14
Add hash corruption test to interruptible verify test
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-28 17:23:29 +00:00
Paul Elliott
c1e0400bac
Add test to check not calling get_num_ops()
...
Make sure that not calling get_num_ops() inbetweeen calls to complete() does
not mean that ops get lost (Regression test for previous fix).
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-28 17:20:14 +00:00
Paul Elliott
9e8819f356
Move 'change max_ops' test into ops tests
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-28 17:20:14 +00:00
Paul Elliott
5770224ef3
Rename max ops tests to ops tests
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-28 17:20:14 +00:00
Gilles Peskine
7e677fa2c5
Merge pull request #6389 from gilles-peskine-arm/ecdsa-use-psa-without-pkwrite
...
Remove pkwrite dependency in pk using PSA for ECDSA
2023-02-28 18:17:16 +01:00
Gilles Peskine
b52b788e55
Merge pull request #6895 from yuhaoth/pr/add-aes-with-armv8-crypto-extension
...
Add AES with armv8 crypto extension
2023-02-28 18:16:37 +01:00
Paul Elliott
587e780812
Test calling complete() after {sign|verify}_hash_start fails
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-28 17:13:39 +00:00
Gilles Peskine
e4616830b3
Merge pull request #7137 from lpy4105/issue/1785/ssl-test-script-fail
...
compat.sh: Skip static ECDH cases if unsupported in openssl
2023-02-28 18:11:39 +01:00
Dave Rodgman
17152df58d
Merge pull request #7175 from paul-elliott-arm/interruptible_sign_hash_test_comments
...
Interruptible sign hash test comments
2023-02-28 17:09:43 +00:00
Gilles Peskine
ebb63420cc
Merge pull request #7124 from oberon-microsystems/fix-test-output-length-on-success-only
...
Fix test to check output length on PSA_SUCCESS only
2023-02-28 18:09:33 +01:00
Bence Szépkúti
35d674a6ee
Replace usage of echo -e in pkcs7 data Makefile
...
This use of the shell builtin is not portable.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-02-28 17:01:21 +01:00
Dave Rodgman
ffb4dc38c8
Merge pull request #7183 from paul-elliott-arm/interruptible_sign_hash_test_max_ops_0
...
Interruptible {sign|verify} hash : Change max_ops=min tests to use a value of zero.
2023-02-28 15:56:01 +00:00
Bence Szépkúti
4a2fff6369
Fix expected error code
...
This was overlooked during the rebase.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-02-28 16:40:27 +01:00
Gabor Mezei
804cfd32ea
Follow the naming convention
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-27 16:50:09 +01:00
Paul Elliott
ac2251dad1
Merge pull request #7076 from mprse/parse_RFC822_name
...
Add parsing of x509 RFC822 name + test
2023-02-27 14:16:13 +00:00
Paul Elliott
cd7e8bce03
Change max_ops=min tests to use zero
...
Zero is the minimum value defined by the spec, just because the internal
implementation treats zero and one as the same thing does not mean that other
implementations will also do so.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-27 12:21:36 +00:00
Stephan Koch
5819d2c141
Feedback from Arm: guarantee that output_length <= output_size even on error, to reduce the risk that a missing error check
...
escalates into a buffer overflow in the application code
Signed-off-by: Stephan Koch <koch@oberon.ch>
2023-02-27 11:49:13 +01:00
oberon-sk
10c0f770ce
asymmetric_encrypt: check output length only if return code is PSA_SUCCESS.
...
Signed-off-by: Stephan Koch <koch@oberon.ch>
2023-02-27 11:48:51 +01:00
Paul Elliott
c2033502f5
Give edge case tests a better name
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-26 18:47:58 +00:00
Paul Elliott
c7f6882995
Add comments to each test case to show intent
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-26 18:47:58 +00:00
Dave Rodgman
21dfce7a5c
Add tests
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-25 17:10:38 +00:00
Dave Rodgman
a4e8fb0041
Add tests
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-24 15:57:30 +00:00
Bence Szépkúti
248971348b
Replace fuzzer-generated PKCS7 regression tests
...
This commit adds well-formed reproducers for the memory management
issues fixed in the following commits:
290f01b3f5
e7f8c616d0
f7641544ea
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-02-24 15:31:03 +01:00
Pengyu Lv
55c4fa4f41
Check if the license server is available for armcc
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-02-24 18:31:50 +08:00
Przemek Stekiel
6f2d1f419a
Further pake tests optimizations
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-24 10:22:47 +01:00
Pengyu Lv
df07003c49
all.sh: add support function for build_armcc
...
With this change, "--list-components" will not list
"build_armcc" on the system which is not installed
with Arm Compilers.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-02-24 16:03:31 +08:00
Pengyu Lv
51b5f00a43
all.sh: Skip build_mingw correctly
...
If i686-w64-mingw32-gcc is not installed, then
build_mingw should be unsupported.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-02-24 15:38:52 +08:00
Manuel Pégourié-Gonnard
623c73b46d
Remove config.py call on now-internal option
...
It turns out config.py wouldn't complain, but it's still confusing.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-02-23 20:36:05 +01:00
Przemek Stekiel
083745e097
Fix code style
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-23 17:28:23 +01:00
Gilles Peskine
df6e84a447
Test the PSA alternative header configuration macros
...
Test that MBEDTLS_PSA_CRYPTO_PLATFORM_FILE and
MBEDTLS_PSA_CRYPTO_STRUCT_FILE can be set to files in a directory that comes
after the standard directory in the include file search path.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-02-23 17:18:33 +01:00
Przemek Stekiel
bdc21e623e
Disable MBEDTLS_PSA_CRYPTO_SE_C is ecdsa psa builds
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-23 17:12:19 +01:00
Valerio Setti
1af76d119d
ssl-opt: automatically detect requirements from the specified certificates
...
This moslty focus on tests using "server5*" cerificate. Several cases
are taken into account depending on:
- TLS version (1.2 or 1.3)
- server or client roles
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-23 16:55:59 +01:00
Valerio Setti
3f2309fea6
ssl-opt: remove redundant requires_config_enabled when force_ciphersuite is set
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-23 13:47:30 +01:00
Manuel Pégourié-Gonnard
0d4152186d
Make MBEDTLS_MD_LIGHT private for now.
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-02-23 13:02:13 +01:00
Valerio Setti
d1f991c879
ssl-opt: fix required configs in ECDSA related tests
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-23 09:31:41 +01:00
Pengyu Lv
9e7bb2a92c
Update some comments
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-02-23 16:03:56 +08:00
Przemek Stekiel
d59d2a4dee
Optimize pake tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-23 07:30:40 +01:00
Janos Follath
406b9172ad
Merge pull request #7044 from minosgalanakis/bignum/6342_add_named_moduli_setup
...
Bignum: Add named moduli setup
2023-02-22 12:14:33 +00:00
Valerio Setti
6445912d9c
test: enable ssl-opt in test_psa_crypto_config_[accel/reference]_ecdsa_use_psa
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-22 12:35:16 +01:00
Przemek Stekiel
51a677bb30
Remove support for pake opaque driver
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:32 +01:00
Przemek Stekiel
80a8849903
Adapt conditional compilation flags for jpake alg
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:32 +01:00
Przemek Stekiel
6b64862ef7
Documentation fixes and code adaptation
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:32 +01:00
Przemek Stekiel
251e86ae3f
Adapt names to more suitable and fix conditional compilation flags
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:32 +01:00
Przemek Stekiel
b45b8ce474
Disable MBEDTLS_PSA_CRYPTO_SE_C is hash psa builds
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:32 +01:00
Przemek Stekiel
3e784d8981
PSA crypto pake: call abort on each failure
...
Adapt driver hook counters in pake driver test.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:32 +01:00
Przemek Stekiel
a48cf500d7
mbedtls_test_transparent_pake_abort: call driver/build-in impl even when status is forced
...
This is done to solve the problem with memory leak when pake abort status is forced. In this case the driver/build-in abort function was not executed.
After failure core clears the operation object and no successive abort call is possible.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:32 +01:00
Przemek Stekiel
f62b3bb087
Optimization of pake core functions
...
Adapt pake test (passing NULL buffers is not allowed).
Passing the null buffer to psa_pake_output results in a hard fault.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:32 +01:00
Przemek Stekiel
9dd2440c95
Change pake input: key_lifetime -> key attributes
...
In the future key attributes will be available for opaque driver via psa_crypto_driver_pake_get_password_key().
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:32 +01:00