Commit graph

5774 commits

Author SHA1 Message Date
Gilles Peskine
294be94922
Merge pull request #7818 from silabs-Kusumit/PBKDF2_cmac_implementation
PBKDF2 CMAC implementation
2023-08-17 11:15:16 +00:00
Gilles Peskine
d370f93898
Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn
OPC UA - add support for RFC822 and DirectoryName SubjectAltNames when generating CSR's
2023-08-16 09:19:46 +00:00
Kusumit Ghoderao
6c104b9b3b Modify derive output test cases and add actual output
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-08-16 11:47:24 +05:30
Paul Elliott
6da3d83f33 Fix resource leak in test failure case
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-08-11 16:28:06 +01:00
Manuel Pégourié-Gonnard
26b7c93d9d
Merge pull request #7992 from valeriosetti/issue7755
driver-only ECC: BN.x509 testing
2023-08-10 19:41:09 +00:00
Manuel Pégourié-Gonnard
54da1a69a2
Merge pull request #7578 from daverodgman/safer-ct5
Improve constant-time interface
2023-08-10 16:57:39 +00:00
Tom Cosgrove
e7700a7d0a
Merge pull request #7936 from AgathiyanB/assert-false-macro
Add TEST_FAIL macro for tests
2023-08-10 15:01:34 +00:00
Valerio Setti
3580f448eb test: solve test disparities for x509[parse/write] suites
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-10 14:50:43 +02:00
Dave Rodgman
ac69b45486 Document and test mbedtls_ct_size_if_else_0
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-10 12:18:13 +01:00
Dave Rodgman
98ddc01a7c Rename ...if0 to ...else_0
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-10 12:11:31 +01:00
Dave Rodgman
b7825ceb3e Rename uint->bool operators to reflect input types
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-10 11:58:18 +01:00
Valerio Setti
c5d85e5ead test: remove BIGNUM dependencies from pk[parse/write] suites
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-10 06:43:23 +02:00
Janos Follath
115784bd3f
Merge pull request #1040 from waleed-elmelegy-arm/development-restricted
Improve & test legacy mbedtls_pkcs5_pbe2
2023-08-09 09:43:23 +01:00
Gilles Peskine
a79256472c
Merge pull request #7788 from marekjansta/fix-x509-ec-algorithm-identifier
Fixed x509 certificate generation to conform to RFCs when using ECC key
2023-08-07 19:14:54 +00:00
Minos Galanakis
2cae936107 test_suite_ecp: Moved curve bitlenth check after quasi reduction.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-08-07 16:49:22 +01:00
Minos Galanakis
831a2e6369 test_suite_ecp: Fixed curve bit-length.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-08-07 16:45:54 +01:00
Dave Rodgman
953f2a4780
Merge pull request #7892 from AgathiyanB/fix-coverage-MBEDTLS_ECP_NIST_OPTIM-disabled
Add dependency MBEDTLS_ECP_NIST_OPTIM for ECP test
2023-08-07 14:37:08 +00:00
Dave Rodgman
4dd89310e9 Update w.r.t. test macro name changes from #6253
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-07 11:49:12 +01:00
Dave Rodgman
c98f8d996a
Merge branch 'development' into safer-ct5
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-07 11:47:35 +01:00
Dave Rodgman
2ec9892f24
Merge pull request #6253 from tom-cosgrove-arm/rename-assert_compare-to-test_assert_compare
Rename test macros `ASSERT_COMPARE()`, `ASSERT_ALLOC()` and `ASSERT_ALLOC_WEAK()`
2023-08-04 13:45:10 +00:00
Dave Rodgman
003a5e1ca7
Merge pull request #1046 from Mbed-TLS/merge_3.4.1
Merge 3.4.1
2023-08-03 18:23:37 +01:00
Dave Rodgman
a0fc9987da Merge branch 'development' into merge_3.4.1
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-03 15:56:59 +01:00
Dave Rodgman
6f80ac4979
Merge pull request #7864 from waleed-elmelegy-arm/enforce-min-RSA-key-size
Enforce minimum key size when generating RSA key size
2023-08-03 12:57:52 +00:00
Gilles Peskine
6919546ddf Update more test dependencies when using test-ca.key
Those test cases aren't actually executed due to another typo which is
beyond the scope of this commit and will be resolved in
https://github.com/Mbed-TLS/mbedtls/pull/8029 . But update DES to AES anyway.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-03 12:02:14 +02:00
Waleed Elmelegy
d4e7fe09b3 Change tests to work on different MBEDTLS_RSA_GEN_KEY_MIN_BITS configs
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-08-02 16:59:59 +00:00
Gilles Peskine
a824f8bc91 Update test dependencies when using test-ca.key
"tests/data_files/test-ca.key" is now encrypted using AES instead of DES.
Update test dependencies accordingly. This fixes `depends.py cipher_id`.

This is a partial cherry-pick of 1a4cc5e92c
(done manually because the context on the same line is different).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-02 16:38:21 +02:00
Kusumit Ghoderao
6eff0b2258 Remove test vector
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-08-02 17:22:49 +05:30
Gilles Peskine
550d147078 Bump version to 3.4.1
```
./scripts/bump_version.sh --version 3.4.1
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-02 12:50:23 +02:00
Gilles Peskine
267bee9be8
Merge pull request #7903 from valeriosetti/issue7773
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/DH
2023-08-02 10:16:44 +00:00
Gilles Peskine
50745e7e35 Update failing unit tests to use the moved data files
After upgrading certificates, some parsing unit tests are failing because
the new certificates have a different expiry date, by design. Switch those
test cases to using the moved copy of the old data (as we did in a more
systematic way in the development branch).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-02 12:12:53 +02:00
Bence Szépkúti
895074e3f9
Merge pull request #8002 from valeriosetti/issue7904
PSA maximum size macro definitions should take support into account
2023-08-02 05:57:28 +00:00
Dave Rodgman
926d8da47e Fix test dependency
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 17:28:26 +01:00
Dave Rodgman
378280e57f Revert "Move constant_flow.h into the main library"
This reverts commit fd78c34e23.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 17:22:55 +01:00
Dave Rodgman
fd78c34e23 Move constant_flow.h into the main library
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 12:48:33 +01:00
Dave Rodgman
04a334af55 Make const-time test not depend on internal knowledge of mbedtls_ct_condition_t
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 12:48:33 +01:00
Valerio Setti
f5051efa81 test: properly size output buffer in key_agreement_fail()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-31 11:35:48 +02:00
Xiaokang Qian
d0657b0015 ecp_mod_p448 has been moved to ecp_mod_p_generic_raw, remove here
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-07-31 06:46:28 +00:00
Xiaokang Qian
e25597dad7 Make ecp_mode_xxx functions depend on the new macro
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-07-31 06:46:28 +00:00
Dave Rodgman
c2ad3ad62a Fix error in test vectors
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-28 16:44:18 +01:00
Valerio Setti
1eacae865e test: check exported length against proper MAX_SIZE
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-28 17:29:48 +02:00
Dave Rodgman
fa5a4bbb02 Improve mbedtls_ct_memmove_left w.r.t. const-flow tests
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-28 16:13:52 +01:00
Dave Rodgman
8de3482507 Fix false-positive non-const-time errors in test
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-28 15:10:00 +01:00
Kusumit Ghoderao
be55b7e45a Add test cases for 16 byte and empty password
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-27 21:22:26 +05:30
Dave Rodgman
a0f81e8ef8 Add OID tests for HMAC-xxx
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-27 16:02:42 +01:00
Waleed Elmelegy
d7bdbbeb0a Improve naming of mimimum RSA key size generation configurations
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 14:50:09 +00:00
Tom Cosgrove
0540fe74e3 Fix code style
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-27 14:17:27 +01:00
Agathiyan Bragadeesh
763b353f2f Replace TEST_ASSERT("message" == 0) with TEST_FAIL
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-27 13:52:31 +01:00
Dave Rodgman
5c60382201 code style
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-27 13:28:41 +01:00
Dave Rodgman
d2c9f6d256 Strengthen psa_mac_verify testing
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-27 13:00:02 +01:00
Dave Rodgman
0c38385858 Use psa_mac_compare in tests; add some HMAC edge-cases
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-27 12:54:09 +01:00
Waleed Elmelegy
3d158f0c28 Adapt tests to work on all possible minimum RSA key sizes
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 11:03:35 +00:00
Waleed Elmelegy
ab5707185a Add a minimum rsa key size config to psa config
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 11:00:03 +00:00
Waleed Elmelegy
76336c3e4d Enforce minimum key size when generating RSA key size
Add configuration to enforce minimum size when
generating a RSA key, it's default value is 1024
bits since this the minimum secure value currently
but it can be any value greater than or equal 128
bits. Tests were modifed to accommodate for this
change.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 10:58:25 +00:00
Valerio Setti
a55f042636 psa: replace DH_KEY_PAIR_LEGACY with new symbols
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-27 09:15:34 +02:00
Dave Rodgman
44fae4908d Add PSA HMAC MD5 test
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-26 18:45:19 +01:00
Dave Rodgman
faff45c917 Add HMAC tests for other digest algorithms
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-26 18:13:58 +01:00
Dave Rodgman
fe5adfe547 Add HMAC test-cases for SHA3
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-26 17:58:48 +01:00
Gilles Peskine
6b9017045f Don't call psa_crypto_init with uninitialized local contexts (entropy)
psa_crypto_init can fail, and if it does we'll try calling free() on the
local variable, which is uninitialized. This commit fixes memory corruption
when a test fails.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-26 18:43:39 +02:00
Dave Rodgman
e3268afb11 Add PSA SHA3 tests for hash_verify and multipart
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-25 17:33:55 +01:00
Paul Elliott
f1c032adba
Merge pull request #7902 from valeriosetti/issue7772
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/RSA
2023-07-25 17:13:43 +01:00
Valerio Setti
19fec5487d test: remove GENPRIME dependency when RSA_KEY_PAIR_GENERATE
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 12:31:50 +02:00
Dave Rodgman
cad28ae77a Merge remote-tracking branch 'origin/development' into psa-sha3
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-24 15:51:13 +01:00
Waleed Elmelegy
f3fafc3645 Fix CI errors related pkcs5_pbe changes
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-24 11:45:46 +01:00
Gilles Peskine
5fd88b7f75 Simplify the logic in a test
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-21 17:50:49 +02:00
Gilles Peskine
9d5952dba8 Fix some dependencies on symmetric crypto in some TLS 1.3 tests
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-21 17:50:49 +02:00
Gilles Peskine
5647d06be8
Merge pull request #7518 from gilles-peskine-arm/psa_inject_entropy-file-stability
Fix and test MBEDTLS_PSA_INJECT_ENTROPY
2023-07-21 17:37:15 +02:00
Gilles Peskine
2387bdab0f
Merge pull request #1038 from Mbed-TLS/development
Merge development into development-restricted
2023-07-21 15:40:36 +02:00
Tom Cosgrove
e4e9e7da58 For tests, rename TEST_BUFFERS_EQUAL() to TEST_MEMORY_COMPARE()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-21 11:45:25 +01:00
Tom Cosgrove
05b2a87ea0 For tests, rename TEST_CALLOC_OR_FAIL() to just TEST_CALLOC()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-21 11:32:25 +01:00
Ronald Cron
87f62850f3
Merge pull request #7893 from ronald-cron-arm/misc-from-psa-crypto
Miscellaneous fixes resulting from the work on PSA-Crypto
2023-07-21 10:54:41 +02:00
Tom Cosgrove
412a813ad4 For tests, rename ASSERT_ALLOC_WEAK() to TEST_CALLOC_OR_SKIP()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-20 16:55:14 +01:00
Gilles Peskine
c723e86e56 Fix copypasta in function documentation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-20 17:54:19 +02:00
Tom Cosgrove
f9ffd11e7a For tests, rename ASSERT_ALLOC() to TEST_CALLOC_OR_FAIL()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-20 16:51:21 +01:00
Tom Cosgrove
65cd8519f7 For tests, rename ASSERT_COMPARE() to TEST_BUFFERS_EQUAL()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-20 16:51:15 +01:00
Manuel Pégourié-Gonnard
c844c1a771
Merge pull request #7546 from mpg/align-psa-md-identifiers
Align psa md identifiers
2023-07-20 11:34:28 +02:00
Waleed Elmelegy
708d78f80b Improve & test legacy mbedtls_pkcs5_pbe2
* Prevent pkcs5_pbe2 encryption when PKCS7 padding has been
  disabled since this not part of the specs.
* Allow decryption when PKCS7 padding is disabled for legacy
  reasons, However, invalid padding is not checked.
* Add tests to check these scenarios. Test data has been
  reused but with changing padding data in last block to
  check for valid/invalid padding.
* Document new behaviour, known limitations and possible
  security concerns.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-19 14:01:35 +01:00
Dave Rodgman
5f65acb02b
Merge pull request #7859 from gilles-peskine-arm/mbedtls_mpi-smaller
Reduce the size of mbedtls_mpi
2023-07-18 16:48:37 +01:00
Agathiyan Bragadeesh
dc28a5a105 Rename ASSERT_FALSE to TEST_FAIL
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-18 11:45:28 +01:00
Agathiyan Bragadeesh
ebb40bc336 Add ASSERT_FALSE macro for tests
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-18 11:38:04 +01:00
Manuel Pégourié-Gonnard
828b3acd6b
Merge pull request #7848 from valeriosetti/issue7749
driver-only ECC: EPCf.TLS testing
2023-07-18 10:33:21 +02:00
Tom Cosgrove
08b04b11ff
Merge pull request #7923 from gabor-mezei-arm/7598_fix_clone_of_ecp_module
[Bignum] Fixes for the ecp module cloning
2023-07-17 15:28:18 +01:00
Ronald Cron
2e3795dc3c tests: Fix header inclusion
When building tests, the path of the library
directory is part of the possible paths for
the includes thus no need to construct it
manually when including headers.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-07-17 11:52:32 +02:00
Gilles Peskine
d8c4549246
Merge pull request #7432 from oberon-microsystems/fix-test-ecjpake-to-pms-dependency
Fix derive_ecjpake_to_pms dependency in PSA crypto test
2023-07-17 11:05:40 +02:00
Gabor Mezei
f0021d495a
Update test function dependencies
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-07-14 14:43:27 +02:00
Gabor Mezei
92ce4c2cbf
Fix ecp variant check
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-07-14 14:43:22 +02:00
Paul Elliott
3c22366695
Merge pull request #7863 from valeriosetti/issue7790
PK: parse: fix disparity with private Montgomery keys
2023-07-11 18:02:12 +01:00
Dave Rodgman
84eaefa43e Use designated initializers for mbedtls_mpi
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-11 16:02:46 +01:00
Paul Elliott
88f34e3348
Merge pull request #7703 from gabor-mezei-arm/7598_clone_the_eco_module
[Bignum] Clone the ECP module
2023-07-11 15:00:01 +01:00
Valerio Setti
acab57b6b4 test: replace RSA_KEY_PAIR_LEGACY with proper symbols
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 14:06:00 +02:00
Valerio Setti
1e6063c8ee test: set MBEDTLS_ECP_DP dependency also for Montgomery curves
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
d476faa595 test: add more tests for Montgomery's invalid masks
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
aed87994da test: verify that Montgomery keys can be fixed on parsing
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
4a09dcc6f6 test: replace ECP_DP_CURVE25519_ENABLED with PSA_WANT_ECC_MONTGOMERY_255
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
ef80d11c1f test: add proper key requirements in X25519 key parsing tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
0a92121716 test: test of Montgomery keys with uncorrect bits whenever PK_HAVE_ECC_KEYS
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Gilles Peskine
6aca2c9613
Merge pull request #7716 from mpg/psa-util-internal
Split psa_util.h between internal and public
2023-07-10 18:33:23 +02:00
Gilles Peskine
d9f0c76f9e
Merge pull request #7879 from tgonzalezorlandoarm/development
tests/test_suite_pem: Augment DES test cases with AES: PEM
2023-07-10 18:28:01 +02:00
Dave Rodgman
f3e488ec40
Merge pull request #7216 from lpy4105/issue/6840/add-getters-for-some-fields
Add getters for some fields
2023-07-10 17:14:11 +01:00
Andrzej Kurek
bdb41dd46d Add missing resource deallocation in tests
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-07-10 08:09:50 -04:00
Manuel Pégourié-Gonnard
f614bde912
Merge pull request #7656 from mprse/ffdh_tls13_v2_drivers
FFDH 4: driver-only parity testing - with TLS 1.3
2023-07-10 13:08:47 +02:00
Valerio Setti
ee3a4d0d38 debug: replace occurence of ECP_LIGHT with PK_HAVE_ECC_KEYS
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-10 09:13:57 +02:00
Valerio Setti
6f0441d11e tls: replace occurencies of ECP_LIGHT with PK_HAVE_ECC_KEYS
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-10 09:13:57 +02:00
Pengyu Lv
db6143364a Add test for endpoint getter
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 11:33:23 +08:00
Pengyu Lv
30e0870937 Add test for hostname getter
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 11:33:23 +08:00
Dave Rodgman
7dbd2bf90c
Merge pull request #7441 from gilles-peskine-arm/mbedtls_x509_crt_parse_path-qemu-bug
More mbedtls_x509_crt_parse_path() tests, and note qemu-user bug when 32-bit code run on 64-bit host
2023-07-07 19:15:31 +01:00
Manuel Pégourié-Gonnard
461d59b2f8
Merge pull request #7858 from mprse/ffdh_tls13_v2_f
Make use of FFDH keys in TLS 1.3 - follow-up
2023-07-07 16:19:35 +02:00
Dave Rodgman
8abb3497ad
Merge branch 'development' into mbedtls_x509_crt_parse_path-qemu-bug
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-07 15:11:35 +01:00
Andrzej Kurek
34ccd8d0b6 Test x509 csr SAN DN and RFC822 generation
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-07-07 08:18:43 -04:00
Manuel Pégourié-Gonnard
9967f11066
Merge pull request #7810 from valeriosetti/issue7771
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/ECC
2023-07-07 10:22:47 +02:00
Agathiyan Bragadeesh
3e1e2e1f78 Add dependency MBEDTLS_ECP_NIST_OPTIM for ECP test
For tests running the ecp_fast_mod with MBEDTLS_ECP_DP_SECPXXXR1 the
dependency MBEDTLS_ECP_NIST_OPTIM has been added as this gives the
curves the optimised reduction function that ecp_fast_mod tests.

Signed-off-by: Agathiyan Bragadeesh <agabra02@e127300.arm.com>
2023-07-06 15:40:19 +01:00
Tomás González
3719f9ec91 tests/test_suite_pem: Augment DES test cases with AES: PEM
A few negative test cases in test_suite_pem.data rely on DES
(“invalid iv”, “malformed”). DES is deprecated.
Construct similar test cases using AES.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-07-06 14:21:23 +01:00
Manuel Pégourié-Gonnard
a30c5cfc66 Use minimal include in test_suite_random
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-07-06 12:47:29 +02:00
Manuel Pégourié-Gonnard
d55d66f5ec Fix missing includes
Some files relied on psa_util.h to provide the includes they need.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-07-06 12:47:28 +02:00
Manuel Pégourié-Gonnard
2be8c63af7 Create psa_util_internal.h
Most functions in psa_util.h are going to end up there (except those
that can be static in one file), but I wanted to have separate commits
for file creation and moving code around, so for now the new file's
pretty empty but that will change in the next few commits.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-07-06 12:42:33 +02:00
Dave Rodgman
8dda131a0a Test OID lookup for every hash algorithm
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-06 09:52:20 +01:00
Gabor Mezei
2a7bcaf8af
Use only MBEDTLS_ECP_WITH_MPI_UINT to switch between the ecp variants
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-07-06 10:37:51 +02:00
Dave Rodgman
6cc1734f3e Fix test dependency
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-05 20:27:45 +01:00
Dave Rodgman
0c2d1afaf3 Fix free before pointers initialised
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-05 20:23:09 +01:00
Dave Rodgman
f324a74fab Add tests for MBEDTLS_MD_SHA3_xxx_VIA_PSA
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-05 19:55:15 +01:00
Dave Rodgman
76814b6207 fix missing include
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-05 19:38:21 +01:00
Dave Rodgman
c0a0990b6e Improve testing of md/PSA alg identifier macro conversions
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-05 19:17:50 +01:00
Dave Rodgman
7bb7602a66 Add OID tests for SHA-3
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-05 19:03:21 +01:00
Dave Rodgman
3d0c8255aa
Merge pull request #7825 from daverodgman/cipher_wrap_size
Cipher wrap size improvement
2023-07-05 15:45:48 +01:00
Przemek Stekiel
7ac93bea8c Adapt names: dh -> xxdh
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-05 09:26:26 +02:00
Przemek Stekiel
6f199859b6 Adapt handshake fields to ffdh
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-05 09:25:00 +02:00
Przemek Stekiel
84f4ff1dd3 Minor adaptations after ffdh was enabled for tls1.3
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-05 09:12:08 +02:00
Kusumit Ghoderao
7333ed3efa Add max iterations test case for cmac
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-04 15:17:03 +05:30
Kusumit Ghoderao
d80183864a Add test case for zero input cost
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-04 15:17:02 +05:30
Kusumit Ghoderao
671320633c Add test cases for key and plain inputs
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-04 15:17:02 +05:30
Kusumit Ghoderao
9d4c74f25c Add test cases for output validation of pbkdf2 cmac
PBKDF2_AES_CMAC_PRF_128 test vectors are generated using PyCryptodome library:
https://github.com/Legrandin/pycryptodome

Steps to generate test vectors:
1. pip install pycryptodome
2. Use the python script below to generate Derived key (see description for details):

Example usage:
pbkdf2_cmac.py <password> <salt> <number_of_iterations> <derived_key_len>
derive_ms.py 4a30314e4d45 54687265616437333563383762344f70656e54687265616444656d6f 16384 16

password         : 4a30314e4d45
salt             : 54687265616437333563383762344f70656e54687265616444656d6f
input cost       : 16384
derived key len  : 16
output           : 8b27beed7e7a4dd6c53138c879a8e33c

"""
from Crypto.Protocol.KDF import PBKDF2
from Crypto.Hash import CMAC
from Crypto.Cipher import AES
import sys

def main():
    #check args
    if len(sys.argv) != 5:
        print("Invalid number of arguments. Expected: <password> <salt> <input_cost> <derived_key_len>")
        return

    password    = bytes.fromhex(sys.argv[1])
    salt        = bytes.fromhex(sys.argv[2])
    iterations  = int(sys.argv[3])
    dklen       = int(sys.argv[4])

    # If password is not 16 bytes then we need to use CMAC to derive the password
    if len(password) != 16:
        zeros     = bytes.fromhex("00000000000000000000000000000000")
        cobj_pass = CMAC.new(zeros, msg=password, ciphermod=AES, mac_len=16)
        passwd    = bytes.fromhex(cobj_pass.hexdigest())
    else:
        passwd = password

    cmac_prf = lambda p,s: CMAC.new(p, s, ciphermod=AES, mac_len=16).digest()

    actual_output = PBKDF2(passwd, salt=salt, dkLen=dklen, count=iterations, prf=cmac_prf)

    print('password         : ' + password.hex())
    print('salt             : ' + salt.hex())
    print('input cost       : ' + str(iterations))
    print('derived key len  : ' + str(dklen))
    print('output           : ' + actual_output.hex())

if __name__ == "__main__":
    main()
"""

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-04 15:17:01 +05:30
Kusumit Ghoderao
1d3fca21b1 Add test cases for input validation of pbkdf2 cmac
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-04 15:17:01 +05:30
Andrzej Kurek
cf669b058b Add a dummy usage of a pointer in tests
This way clang with O1 doesn't optimize it.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-07-03 10:42:27 -04:00
Dave Rodgman
0d539c222c
Merge pull request #7702 from silabs-Kusumit/PBKDF2_out_of_range_input_cost
PBKDF2: Out of range input cost
2023-07-03 09:58:22 +01:00
Manuel Pégourié-Gonnard
56b159a12a
Merge pull request #7627 from mprse/ffdh_tls13_v2
Make use of FFDH keys in TLS 1.3 v.2
2023-07-03 10:12:33 +02:00
Manuel Pégourié-Gonnard
45e009aa97
Merge pull request #7814 from valeriosetti/issue7746
PK: refactor wrappers in the USE_PSA case
2023-07-03 09:32:31 +02:00
Tom Cosgrove
c4a760c538
Merge pull request #7849 from davidhorstmann-arm/fix-string-to-names-retcode
Fix false success return code in `mbedtls_x509_string_to_names()`
2023-06-30 14:28:29 +01:00
Dave Rodgman
2d07a72b35
Merge pull request #7821 from davidhorstmann-arm/simplify-test-dn-formatting
Simplify directory name comparison in AuthorityKeyIdentifier tests
2023-06-30 11:38:03 +01:00
Gabor Mezei
c810707980
Add check for the ecp module variants
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-06-30 11:39:21 +02:00
Valerio Setti
27c501a10c lib/test: replace BASIC_IMPORT_EXPORT internal symbol with BASIC,IMPORT,EXPORT
Also the python script for automatic test generation is fixed accordingly

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-30 10:16:22 +02:00
Valerio Setti
5ac2689bc2 test: reset proper guards for ECJPAKE tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-30 10:16:22 +02:00
Valerio Setti
ac6b0d1fd8 test: rename function testing EC key generation in driver_wrappers
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-30 10:16:21 +02:00
Valerio Setti
2a63460248 psa: fix guards for EC key derivation
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-30 10:16:21 +02:00
Valerio Setti
6a9d0ee373 library/test: replace LEGACY symbol with BASIC_IMPORT_EXPORT
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-30 10:16:21 +02:00
Valerio Setti
f09977023b test: replace ECC_KEY_PAIR_LEGACY with GENERATE
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-30 10:16:21 +02:00
Valerio Setti
c2a4fb7754 test: replace ECC_KEY_PAIR_LEGACY with DERIVE
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-30 10:16:21 +02:00
Manuel Pégourié-Gonnard
3f2448b75e
Merge pull request #7802 from AndrzejKurek/go-go-der-certs
Use DER format for x509 SAN tests
2023-06-30 09:36:08 +02:00
Valerio Setti
e77307738d pk_wrap: add support for ECDSA verify for opaque keys
This commit also add tests to verify the functionality

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-29 14:33:26 +02:00
Dave Rodgman
9fbb0cf08e Merge remote-tracking branch 'origin/development' into safer-ct5 2023-06-28 18:52:02 +01:00
Paul Elliott
92a55bf5ea
Merge pull request #7793 from minosgalanakis/ecp/6025_fast_reduction_dispatch
[Bignum] Fast reduction dispatch
2023-06-28 17:38:37 +01:00
Janos Follath
c439c678e3
Merge pull request #7719 from davidhorstmann-arm/second-jpake-state-machine-rework
Change J-PAKE internal state machine
2023-06-28 08:59:23 +01:00
Manuel Pégourié-Gonnard
0f5fc1ad31 Actually run MD<->PSA test, and fix it
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-28 09:42:04 +02:00
Minos Galanakis
163d346355 test_suite_ecp: Changed to BITS_TO_LIMBS(224) * 2 in ecp_mod_p_generic_raw.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-06-27 21:34:47 +01:00
Minos Galanakis
23394b17bc test_suite_ecp: Updated ecp_mod_p_generic_raw to use the BITS_TO_LIMBS macro.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-06-27 16:31:59 +01:00
David Horstmann
b50ae1fef1 Add regression testcase for string_to_names()
Test against a string with no '=' or ',' in it, which previously caused
mbedtls_x509_string_to_names() to return 0.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-27 15:32:14 +01:00
Andrzej Kurek
60de0b198a Move the overallocation test to test suites
This way the compiler does not complain about
an overly large allocation made.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-27 09:26:08 -04:00
Andrzej Kurek
9032711dc7 Move the calloc buffer initialization test to selftest.c
This way it's more in line with the 2.28 version.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-27 09:26:08 -04:00
Andrzej Kurek
c08ccd00f3 Add a test for calloc zeroization
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-27 09:26:08 -04:00
Kusumit Ghoderao
cbfe333c2b add test case for zero input cost
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-06-27 11:19:12 +05:30
Kusumit Ghoderao
42b02b9fe9 Add test and test case for input cost greater than vendor maximum
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-06-27 11:12:27 +05:30
Minos Galanakis
93baf39095 test_suite_ecp.data: Added test cases for modulo-1 in coordinate representation.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-06-26 23:19:04 +01:00
Valerio Setti
603271ce3d test: solve disparities in driver coverage analysis for no_ecp_at_all()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-26 16:02:47 +02:00
Dave Rodgman
16985d5f98 Fix test dependencies
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-26 11:28:33 +01:00
Dave Rodgman
12cd44b9b3 Fix test dependencies
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-26 11:27:37 +01:00
Minos Galanakis
e0c329b0cf test_suite_ecp.data: Limb aligned inputs
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-06-25 23:37:18 +01:00
Dave Rodgman
e43076700e Add PSA SHA-3 tests
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-25 23:27:53 +01:00
Minos Galanakis
a984d77f3a ecp_curves: Added dataset for SECP224K1 Coordinate Modulus.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-06-25 21:14:44 +01:00
Dave Rodgman
9282d4f13a Don't directly access key_bitlen
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 11:07:40 +01:00
David Horstmann
9a3a1a6ee7 Simplify directory name comparison in tests
Remove custom parsing code in AuthorityKeyIdentifier tests and use
mbedtls_x509_dn_gets() and strcmp() instead.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 17:05:52 +01:00
Minos Galanakis
fee70a5342 test_suite_ecp: Extended ecp_mul_inv tests for optimised reduction.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-06-22 16:35:30 +01:00
Paul Elliott
3048c8c906
Merge pull request #7725 from minosgalanakis/ecp/7268_add_optimised_reduction_setup_3
[Bignum] Add optimised reduction setup
2023-06-22 16:30:39 +01:00
David Horstmann
a5f7de1df2 Refactor injecting errors in the second round
Use a single function rather than 2 similar ones and pass the round that
is desired.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:32:57 +01:00
David Horstmann
25c907071f Test extra inputs and outputs at the end of J-PAKE
Add tests for supplying inputs or requesting outputs when a J-PAKE
computation has already completed

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
a62d712cf8 Add testing for extra calls during a round
Test that extra calls to psa_pake_input() and psa_pake_output() during a
round return the correct error.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
e7f21e65b6 Change J-PAKE internal state machine
Keep track of the J-PAKE internal state in a more intuitive way.
Specifically, replace the current state with a struct of 5 fields:

* The round of J-PAKE we are currently in, FIRST or SECOND
* The 'mode' we are currently working in, INPUT or OUTPUT
* The number of inputs so far this round
* The number of outputs so far this round
* The PAKE step we are expecting, KEY_SHARE, ZK_PUBLIC or ZK_PROOF

This should improve the readability of the state-transformation code.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
Manuel Pégourié-Gonnard
2fb9d00f6d
Merge pull request #7682 from valeriosetti/issue7453
driver-only ECC: ECPf.PK testing
2023-06-22 09:45:57 +02:00
Valerio Setti
4b3c02b626 test: remove duplicate PK_HAVE_ECC_KEYS dependency in pkparse suite
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-21 11:23:06 +02:00
Manuel Pégourié-Gonnard
edf059747a
Merge pull request #7691 from DemiMarie/test-equal
x509parse tests: Replace TEST_ASSERT with TEST_EQUAL
2023-06-21 11:02:21 +02:00
Paul Elliott
458b96b1a7
Merge pull request #7638 from AndrzejKurek/cert-apps-use-ips
Use better IP parsing in x509 apps
2023-06-20 17:21:04 +01:00
Dave Rodgman
b70ea9fb64 Merge remote-tracking branch 'origin/development' into safer-ct5 2023-06-20 16:12:00 +01:00
Andrzej Kurek
2016fa35cb Use DER format for x509 SAN tests
This way there's no dependency on PEM parsing.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-20 06:14:49 -04:00
Valerio Setti
30fdc03819 pk: remove useless internal function
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-19 19:24:05 +02:00
Valerio Setti
545a0d643f test: replace occurencies of ECP_LIGHT with PK_HAVE_ECC_KEYS
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-19 19:24:05 +02:00
Demi Marie Obenour
16442cc929 x509parse tests: Replace TEST_ASSERT with TEST_EQUAL
The latter gives much more informative errors.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2023-06-19 11:10:27 -04:00
Marek Jansta
8bde649c0b Fixed AlgorithmIdentifier parameters when used with ECDSA signature algorithm in x509 certificate
Signed-off-by: Marek Jansta <jansta@2n.cz>
2023-06-19 12:49:27 +02:00
Valerio Setti
addeee4531 mbedtls_config: add new MBEDTLS_PK_PARSE_EC_COMPRESSED symbol
This includes also:
- auto enabling ECP_LIGHT when MBEDTLS_PK_PARSE_EC_COMPRESSED is
  defined
- replacing ECP_LIGHT guards with PK_PARSE_EC_COMPRESSED in pkparse
- disabling PK_PARSE_EC_COMPRESSED in tests with accelarated EC curves
  (it get disabled also in the reference components because we want
  to achieve test parity)
- remove skipped checks in analyze_outcomes.py

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-16 16:03:46 +02:00
Valerio Setti
aecd32c90a pk: let PK_PARSE_EC_EXTENDED auto-enable ECP_LIGHT
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-16 16:03:46 +02:00
Gilles Peskine
5760bf77c7
Merge pull request #7641 from valeriosetti/issue7614
Define PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy (step 1)
2023-06-16 16:00:17 +02:00
Minos Galanakis
450abfd922 test_suite_ecp: Added MBEDTLS_ECP_NIST_OPTIM define guards.
This patch updates `ecp_mod_p_generic_raw` and corresponding
curve test methods, that depend on the NIST optimisation
parameter to not run when it is not included.

The following curves are affected:
* SECP192R1
* SECP224R1
* SECP256R1
* SECP384R1
* SECP521R1

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-06-16 13:48:47 +01:00
Minos Galanakis
effff764e1 test_suite_ecp: Updated ecp_mod_p_generic_raw for optimised reduction.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-06-16 13:48:47 +01:00
Minos Galanakis
0f718c9ed0 bignum_mod: Fixed code-style
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-06-16 13:48:47 +01:00
Minos Galanakis
88e16dfa2a bignum_mod: Refactored mbedtls_mpi_mod_modulus_setup()
This patch removes the `int_rep` input parameter for modular
setup, aiming to align it with the optred variant.

Test and test-suite helper functions have been updated
accordingly.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-06-16 13:48:47 +01:00
Minos Galanakis
67ebaaf8a0 test_suite_bignum: Removed test_read_modulus().
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-06-16 13:48:47 +01:00
Paul Elliott
680233dc3f
Merge pull request #7680 from paul-elliott-arm/raw_ecp_mod_p448
[Bignum] Split out raw ECP mod p448
2023-06-16 13:46:25 +01:00
Valerio Setti
ff7f861761 tests: replace deprecated symbols with temporary _LEGACY ones
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-16 12:26:26 +02:00
Gilles Peskine
f45a5a0ddd
Merge pull request #7700 from silabs-Kusumit/PBKDF2_output_bytes
PBKDF2: Output bytes
2023-06-16 10:08:02 +02:00
Paul Elliott
a2e48f751b Split out mbedtls_ecp_mod_p448_raw()
Switch testing over to using the generic raw functions.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-06-15 17:16:38 +01:00
Dave Rodgman
2e7d57270e
Merge pull request #7624 from daverodgman/aes-perf
AES perf improvements
2023-06-15 12:10:06 +01:00
Tom Cosgrove
6edf8b8c7b
Merge pull request #7451 from yanrayw/7376_aes_128bit_only
Introduce config option of 128-bit key only in AES calculation
2023-06-15 10:35:32 +01:00
Gilles Peskine
f22983bd1c
Merge pull request #7411 from mprse/extract-key-ids-test
Improve tests for parsing x509 SubjectKeyId and AuthorityKeyId
2023-06-14 19:16:29 +02:00
Gilles Peskine
c453e2e7e8 Officially deprecate MBEDTLS_CIPHER_BLKSIZE_MAX
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-06-14 18:00:37 +02:00