Neil Armstrong
66a479f8fb
Add Cipher Decrypt Fail multi-part case
...
Make `PSA symetric decrypt: CCM*-no-tag, input too short (15 bytes)`
depend on MBEDTLS_CCM_C otherwise the multi-part test fails on
the missing CCM* instead on the input length validity for CCM*.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-22 10:56:18 +01:00
Neil Armstrong
d8dba4e0aa
Add Cipher Encrypt Fail multi-part case
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-22 10:56:18 +01:00
Neil Armstrong
3ee335dbe3
Add Cipher Encrypt multi-part case
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-22 10:56:18 +01:00
Neil Armstrong
752d811015
Add AEAD Key Policy check multi-part cases
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-22 10:56:18 +01:00
Neil Armstrong
78aeaf8ad7
Add Cipher Key Policy check one-shot cases
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-22 10:56:18 +01:00
Neil Armstrong
3af9b97a29
Add Multipart Message authentication Compute & Verify cases
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-22 10:56:18 +01:00
Neil Armstrong
ca30a00aad
Add Multipart Hash Compute & Compare tests
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-22 10:56:18 +01:00
Neil Armstrong
55a1be1f48
Add Multipart Hash Compare fail tests
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-22 10:56:18 +01:00
Neil Armstrong
161ec5c368
Add Multipart Hash Compute fail tests
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-22 10:56:18 +01:00
Neil Armstrong
edb20865c7
Add One-Shot Hash setup test
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-22 10:56:18 +01:00
Jerry Yu
ccb005e35f
fix missing feedback address
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 17:38:34 +08:00
Przemyslaw Stekiel
d9fa99917e
Extend test coverage for transparent driver decryption.
...
Encryption is not deterministic and can not be verified by a know-answer test.
Encryption is already verified via encrypt-decrypt test.
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 09:36:35 +01:00
Jerry Yu
819f29730a
fix various issues in ssl-opt
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
2124d05e06
Add sha384 and sha512 case
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
d66409ae92
Add non support sig alg check and test
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
562a0fddf0
Add client version check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
6c3d821ff1
update ssl-opt test cases
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
46b53b9920
remove duplicate test
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
4bfa22aeb3
remove useless config option
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
42ea733fdc
remove RSA not found test
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
7db5b8f68c
add rsa_pss_rsae_sha256 write support
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
37987ddd0f
Add test cases
...
Add test cases for different sig algs.
Known issue is rsa_pss_rsae_sha256 fail
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
ca133a34c5
Change state machine
...
Skip CertificateVerfiy if empty certificate or no
CertificateRequest received.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
22abd06cd0
Add rsa key check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
aa6214a571
add empty client certificate tests
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
c19884f487
change expect exit value
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
25e0ddcf47
Add client certificate file
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
200b47b8f5
Add more tests for CertificateRequest
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:58 +08:00
Jerry Yu
960bc28bcc
Add tests for no middlebox mode
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-22 10:17:57 +08:00
Ronald Cron
4579a972bf
Merge pull request #5426 from gilles-peskine-arm/ssl-get-version-3.1
...
Add accessors to mbedtls_ssl_context: user data, version
ABI-API-checking fails which was expected as this PR adds a new field in mbedtls_ssl_context and mbedtls_ssl_config.
2022-02-21 17:03:24 +01:00
Manuel Pégourié-Gonnard
e3a2dd787e
Merge pull request #5521 from AndrzejKurek/rsa-pss-use-psa
...
Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO
2022-02-21 16:58:57 +01:00
Gabor Mezei
4fded1359a
Use PSA_INIT()
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-21 15:47:24 +01:00
Gabor Mezei
c5efb8e58b
Use PSA error code
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-21 15:46:38 +01:00
Gabor Mezei
5d7d201b87
Update test
...
Testing the hash length in this context is not applicable because there is no way
to specify it when calling mbedtls_psa_hkdf_extract.
Change to test invalid `alg` parameter.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-21 15:46:33 +01:00
Gabor Mezei
ebc9368173
typo
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-21 15:44:51 +01:00
Gabor Mezei
298a2d6109
Use ASSERT_ALLOC
...
Change the calloc functions to ASSERT_ALLOC to check the
return value of calloc as well.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-21 15:43:52 +01:00
Gabor Mezei
62bf024025
Make the mbedtls_psa_hkdf_extract function more PSA compatible
...
Change the return value to `psa_status_t`.
Add `prk_size` and `prk_len` parameters.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-21 15:42:57 +01:00
Gabor Mezei
73cb6f54de
Add tests for mbedtls_psa_hkdf_extrct
...
The tests are based on the the test of mbedtls_hkdf_extract.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-21 15:41:42 +01:00
Gilles Peskine
860429f8af
Add version number debug check to the GnuTLS interop test as well
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-21 15:14:02 +01:00
Gilles Peskine
49d7ddf7f3
Serializing a context does not save the user data
...
The user data is typically a pointer to a data structure or a handle which
may no longer be valid after the session is restored. If the user data needs
to be preserved, let the application do it. This way, it is a conscious
decision for the application to save/restore either the pointer/handle
itself or the object it refers to.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-21 15:14:01 +01:00
Gilles Peskine
80dae04f24
Make user_data fields private
...
Add accessor functions.
Add unit tests for the accessor functions.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-21 15:14:01 +01:00
Gilles Peskine
c63a1e0e15
Fix mbedtls_ssl_get_version() for TLSv1.3
...
Test it in ssl-opt.sh.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-21 15:14:01 +01:00
Gilles Peskine
1255b0de98
Positive unit testing for SSL context version functions
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-21 15:14:01 +01:00
Paul Elliott
436b72690d
Merge pull request #5362 from yuhaoth/pr/enable-tls13-only-build
...
TLS1.3:Enable tls13 only build
2022-02-21 11:22:37 +00:00
Thomas Daubney
4901978308
Modifies data files to match new test function name
...
This commit alters the relevant .data files
such that the new function name change of check_iv
to iv_len_validity is relfected there.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-02-21 09:57:51 +00:00
Tom Cosgrove
f3ebd90a1c
SECLIB-667: Accelerate SHA-256 with A64 crypto extensions
...
Provide an additional pair of #defines, MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
and MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. At most one of them may be
specified. If used, it is necessary to compile with -march=armv8-a+crypto.
The MBEDTLS_SHA256_PROCESS_ALT and MBEDTLS_SHA256_ALT mechanisms
continue to work, and are mutually exclusive with A64_CRYPTO.
There should be minimal code size impact if no A64_CRYPTO option is set.
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-02-21 08:37:26 +00:00
Manuel Pégourié-Gonnard
9b545c04f7
Merge pull request #5520 from gabor-mezei-arm/5402_implement_hkdf_expand_based_on_psa_hmac
...
HKDF 1b: Implement Expand in TLS 1.3 based on PSA HMAC
2022-02-21 09:30:31 +01:00
Jerry Yu
baa4934e7b
Add check tests
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
53d23e2c95
Guards tls_prf functions with TLS1_2
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
6331909d12
remove ifndef guard
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
81d5e1feca
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
da5af22015
tls13_only: add tls13_only test component
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
ab08290c09
tls13_only: skip tls12 tests.
...
TLS1.2 test depends on MBEDTLS_SSL_PROTO_TLS1_2. Skip
them if it is not set
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
8a497205cc
tls13_only: tls 1.3 suite pass
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Jerry Yu
c10f6b4735
tls13_only: simple test pass
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-21 09:06:00 +08:00
Thomas Daubney
5dcbc4d326
Changes name of iv_check to iv_len_validity
...
Commit changes name of check_iv to
iv_len_validity as this seems to better describe
its functionality.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-02-17 21:30:25 +00:00
Thomas Daubney
0bd08e7ac0
Initialise buffer before use
...
Commit initialises buf before it is used.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-02-17 21:30:25 +00:00
Gabor Mezei
cbe5ba500a
Add tests for mbedtls_psa_hkdf_expand
...
Add test cases which test psa_import_key and psa_mac_sign_setup
function call if they return error.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-17 17:01:49 +01:00
Thomas Daubney
3a066ec999
Initialise iv buffer before use
...
Commit initialises the iv buffer before
it is passed to mbedtls_cipher_set_iv().
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-02-17 14:00:06 +00:00
Gabor Mezei
8e3602569b
Typo
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-17 11:50:02 +01:00
Manuel Pégourié-Gonnard
4fa604cc3b
Merge pull request #5511 from SiliconLabs/feature/PSEC-3195-PSA-test-suites-NOT-using-UID-0
...
feat: Update test_suite_psa_its to NOT use UID=0
2022-02-17 11:49:33 +01:00
Manuel Pégourié-Gonnard
3d1f8b9c00
Merge pull request #5532 from ronald-cron-arm/tls13_and_use_psa_crypto
...
Make TLS 1.3 compatible with MBEDTLS_USE_PSA_CRYPTO
2022-02-16 17:33:47 +01:00
Andrzej Kurek
32048a6d92
pk_verify_ext: introduce more tests for signature length mismatches
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-16 06:17:00 -05:00
Gabor Mezei
d917081b8b
Typo
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-15 16:25:27 +01:00
Gabor Mezei
7381242748
Use PSA_INIT()
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-15 16:24:58 +01:00
Andrzej Kurek
8666df6f18
Add signature length mismatch handling when using PSA in pk_verify_ext
...
Introduce a regression test for that too.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-15 08:23:02 -05:00
Ronald Cron
a7a1deabf8
Merge pull request #5393 from gilles-peskine-arm/opt-testcases-outcomes-fix
...
Fix test suite name reporting of opt-testcases/tls13-compat.sh
2022-02-15 13:53:10 +01:00
Andrzej Kurek
853ad7bfcf
Use macros in tests for PSA init/deinit routines
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-15 07:13:03 -05:00
lhuang04
86cacac91a
Port ALPN support for tls13 client from tls13-prototype
...
Summary:
Port ALPN implementation of tls13 client from
[tls13-prototype](https://github.com/hannestschofenig/mbedtls/blob/tls13-prototype/library/ssl_tls13_client.c#L1124 ).
Test Plan:
Reviewers:
Subscribers:
Tasks:
Tags:
Signed-off-by: lhuang04 <lhuang04@fb.com>
2022-02-14 08:03:32 -08:00
Ronald Cron
135427cb35
Run TLS 1.3 tests when MBEDTLS_USE_PSA_CRYPTO is enabled
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-02-11 16:10:44 +01:00
Gilles Peskine
bebeae9428
Merge pull request #5504 from gstrauss/mbedtls_pem_get_der
...
Add accessor to get der from mbedtls_pem_context
2022-02-10 23:56:57 +01:00
Gabor Mezei
b35759ded8
Add tests for mbedtls_psa_hkdf_expand
...
The tests are based on the test of mbedtls_hkdf_expand.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-10 10:57:24 +01:00
Glenn Strauss
e328245618
Add test case use of mbedtls_ssl_ticket_rotate
...
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-02-09 14:33:16 -05:00
Andrzej Kurek
7db1b78fff
Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO
...
Duplicate a test case but with a different expected error
due to error translation to and from PSA.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-09 14:13:44 -05:00
Gabor Mezei
748ab4ae77
Use ASSERT_ALLOC
...
Change the calloc functions to ASSERT_ALLOC to check the
return value of calloc as well.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-09 16:31:48 +01:00
Ronald Cron
6ca6faa67e
Merge pull request #5080 from xffbai/add-tls13-read-certificate-request
...
add tls1_3 read certificate request
2022-02-09 09:51:55 +01:00
Manuel Pégourié-Gonnard
1df23b903f
Check the result of PEM decoding
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-02-08 14:53:50 -05:00
Manuel Pégourié-Gonnard
33ab075f45
Add success case for pem_read testing
...
Currently all cases were negative, so the block that exercised
mbedtls_pem_get_der() would never be reached.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-02-08 14:53:50 -05:00
Glenn Strauss
72bd4e4d6a
Add accessor to get buf from mbedtls_pem_context
...
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-02-08 14:53:46 -05:00
pespacek
443c78eb83
BUGFIX: PSA test vectors use UID 1 instead of 0.
...
Test vector to test rejection of uid = 0 was added.
Signed-off-by: pespacek <peter.spacek@silabs.com>
2022-02-08 15:19:26 +01:00
pespacek
d62e906b1c
TEST: added psa_its_set expected failure test
...
Signed-off-by: pespacek <peter.spacek@silabs.com>
2022-02-08 15:19:26 +01:00
Manuel Pégourié-Gonnard
45c5768a74
Merge pull request #5434 from mprse/tls_use_psa
...
TLS Cipher: use PSA crypto
2022-02-08 10:27:25 +01:00
Ronald Cron
6a0b1ef27e
Merge pull request #5282 from AndrzejKurek/import-opaque-driver-wrappers
...
Add tests for an opaque import in the driver wrappers
2022-02-07 11:14:43 +01:00
Manuel Pégourié-Gonnard
d81e774083
Merge pull request #5463 from gilles-peskine-arm/cmake-test-suite-enumeration
...
CMake: generate the list of test suites automatically
2022-02-07 09:48:23 +01:00
Gilles Peskine
827dbd9d35
Remove obsolete calls to if_build_succeeded
...
This is now a no-op.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-04 00:32:58 +01:00
Gilles Peskine
c1247c0cbb
Remove obsolete variable restoration or unset at the end of a component
...
This is no longer useful now that components run in a subshell.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-04 00:32:58 +01:00
Gilles Peskine
3bc3409edf
Remove obsolete cd at the end of a component
...
This is no longer useful now that components run in a subshell.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-04 00:32:58 +01:00
Gilles Peskine
a300099246
Stop CMake out of source tests running on 16.04 (continued)
...
The race condition mentioned in the previous commit
"Stop CMake out of source tests running on 16.04"
has also been observed with test_cmake_as_subdirectory and can presumably
happen with test_cmake_as_package and test_cmake_as_package_install as well.
So skip all of these components on Ubuntu 16.04.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-04 00:32:58 +01:00
Andrzej Kurek
59469d7c64
Test driver: keep variable declarations first
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-03 10:30:30 -05:00
Andrzej Kurek
ba4cadef14
Test drivers: rename import call source to driver location
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-03 10:27:01 -05:00
Andrzej Kurek
333e0fac1d
Formatting and documentation fixes
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-03 09:42:47 -05:00
Przemyslaw Stekiel
5648d577a4
Optimize psa_cipher_encrypt_helper()
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-03 14:55:24 +01:00
Przemyslaw Stekiel
8c010eb467
Fix comments, code style, remove debug code
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-03 14:55:24 +01:00
Manuel Pégourié-Gonnard
6f20595b6e
Merge pull request #5462 from gilles-peskine-arm/ssl-test-pkey-message-clarity
...
Clarify key types message from ssl_client2 and ssl_server2
2022-02-03 11:33:03 +01:00
Przemyslaw Stekiel
d66387f8fa
Init psa status to PSA_ERROR_CORRUPTION_DETECTED
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-03 09:16:41 +01:00
Przemyslaw Stekiel
f4facef9ba
Adapt ssl_decrypt_non_etm_cbc() test for psa crypto and remove redundant test cases
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-03 09:16:41 +01:00
Przemyslaw Stekiel
dbd4882cd5
test_driver_rsa.c: Fix comment
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-02 11:42:18 +01:00
Przemyslaw Stekiel
4576b91148
Compact the argument lists
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-02 11:10:46 +01:00
Manuel Pégourié-Gonnard
1ab2d6966c
Merge pull request #5385 from AndrzejKurek/use-psa-crypto-reduced-configs
...
Resolve problems with reduced configs using USE_PSA_CRYPTO
2022-02-02 10:20:26 +01:00
Przemyslaw Stekiel
77aec8d181
Rename ssl_psa_status_to_mbedtls->psa_ssl_status_to_mbedtls
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 20:22:53 +01:00
Przemyslaw Stekiel
89dad93a78
Rename psa_status_to_mbedtls->ssl_psa_status_to_mbedtls and add conversion for PSA_ERROR_INVALID_SIGNATURE
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel
2cb59df939
ssl-opt.sh: remove cipher context assertions (redundant when psa crypto is enabled)
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel
4a36dd3da6
ssl test ssl_decrypt_non_etm_cbc(): add missing ret check
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
f4ca3f0e52
ssl test build_transforms(): in psa mode distinguish encrypt/decrypt keys
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
f57b45660d
Rename tls_mbedtls_cipher_to_psa() to be consistent with function naming convention.
...
New function name: mbedtls_ssl_cipher_to_psa().
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
f4b3f087ae
test_suite_ssl.data: remove redundant test cases(short tag + GCM)
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
5b2de0c35c
test_suite_ssl.data: remove redundant test cases
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
93cf4eea67
Adapt test_suite_ssl for psa crypto
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Mircea Udrea
657ff4fd09
Fix AEAD multipart incorrect offset in test_suite_psa_crypto.function
...
When working with block cipher modes like GCM(PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER),
aead_multipart_internal_func() should calculate the offset in output buffer
based on output_length, not using the offset of the input buffer(part_offset).
Signed-off-by: Mircea Udrea <mircea.udrea@silexinsight.com>
2022-01-31 13:51:56 +01:00
XiaokangQian
a909061c2a
Refine HRR parse successfully message in test cases
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-01-27 03:48:27 +00:00
XiaokangQian
7bae3b616c
Add more ciphersuites into test cases for hrr
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-01-26 10:53:15 +00:00
XiaokangQian
355e09ae9d
Change code base on comments
...
Change functions name
Change some comments
Improve hrr test case for gnutls
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-01-26 10:53:15 +00:00
XiaokangQian
78b1fa7e81
Update code base on comments
...
Move reset transcript for hrr to generic
Reset SHA256 or SHA384 other than both
Rename message layer reset
Add check log for hrr parse successfully
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-01-26 10:53:15 +00:00
XiaokangQian
6db08dd2cb
Change ssl-opt.sh to make hrr tests pass
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-01-26 10:51:13 +00:00
XiaokangQian
0b56a8f85c
Replace curve_list with group_list and add update test scripts
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-01-26 10:51:13 +00:00
Xiaofei Bai
69fcd39774
Update CertificateRequest tests and the parsing function
...
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
2022-01-26 09:32:29 +00:00
Xiaofei Bai
5d8598e090
update certificate request tests
...
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
2022-01-26 09:31:54 +00:00
Gilles Peskine
a18fb9d9ac
Fix string/regexp backslash escapes
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-01-25 23:24:34 +01:00
Gilles Peskine
cd55fe02ef
Remove accidental use of a feature that doesn't exist in CMake 3.5
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-01-25 23:13:49 +01:00
Gilles Peskine
29080e8e6a
CMake: generate the list of test suites automatically
...
We keep forgetting to register new test suites in tests/CMakeLists.txt. To
fix this problem once and for all, remove the need for manual registration.
The following test suites were missing:
test_suite_cipher.aria
test_suite_psa_crypto_driver_wrappers
test_suite_psa_crypto_generate_key.generated
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-01-25 22:36:12 +01:00
Gilles Peskine
05bf89da34
Clarify key types message from ssl_client2 and ssl_server2
...
If no key is loaded in a slot, say "none", not "invalid PK".
When listing two key types, use punctuation that's visibly a sequence
separator (",").
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-01-25 17:50:25 +01:00
Gilles Peskine
c6753a6c90
Merge pull request #5363 from AndrzejKurek/clarify-testing-set-nonce-set-lengths
...
PSA AEAD: extend testing of set_nonce + set_lengths
2022-01-25 17:02:26 +01:00
Manuel Pégourié-Gonnard
24479b3185
Merge pull request #5395 from gilles-peskine-arm/ssl-opt-self-signed-positive
...
Add positive test case with self-signed certificates
2022-01-25 12:53:56 +01:00
Manuel Pégourié-Gonnard
fcca7cfa97
Merge pull request #5428 from gstrauss/mbedtls_ssl_ciphersuite
...
Add accessors for ciphersuite info
2022-01-24 11:13:31 +01:00
Manuel Pégourié-Gonnard
ff743a7f38
Merge pull request #5425 from gabor-mezei-arm/5181_tls_cipher_extend_testing_of_tickets
...
TLS Cipher 1a: extend testing of tickets
2022-01-24 10:25:29 +01:00
Glenn Strauss
6eef56392a
Add tests for accessors for ciphersuite info
...
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-01-23 08:37:02 -05:00
Gilles Peskine
6d6d93ea4a
Merge pull request #5350 from AndrzejKurek/psa-aead-invalid-tag-lengths-setup
...
Detect invalid tag lengths in psa_aead_setup
2022-01-21 21:46:37 +01:00
Gilles Peskine
c191addc8b
Merge pull request #5267 from mprse/mac_multipart
...
Extend driver dispatch tests for MAC multipart
2022-01-21 21:46:25 +01:00
Gilles Peskine
fe271b9c92
Merge pull request #5253 from AndrzejKurek/chacha-iv-len-16-fixes
...
Return an error from `mbedtls_cipher_set_iv` for an invalid IV length with ChaCha20 and ChaCha20+Poly
2022-01-21 21:46:08 +01:00
Przemyslaw Stekiel
daaf38b178
Remove multipart part from mac_verify test case
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-21 09:37:49 +01:00
Przemyslaw Stekiel
6ec59f817f
Add mac_verify_multipart test case + test data
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-21 09:37:49 +01:00
Przemyslaw Stekiel
1af1983352
Remove multipart part from mac_sign test case
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-21 09:37:49 +01:00
Przemyslaw Stekiel
f47b8d39a4
Add mac_sign_multipart test case + test data
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-21 09:37:49 +01:00
Andrzej Kurek
f881601c91
Detect invalid tag lengths in psa_aead_setup
...
Read tag lengths from the driver and validate against preset values.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-20 07:40:12 -05:00
Andrzej Kurek
031df4a93a
Clarify test descriptions
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-19 12:44:49 -05:00
Andrzej Kurek
e5f94fb556
PSA AEAD: test long plaintext lengths for psa_set_lengths
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-19 12:36:50 -05:00
Andrzej Kurek
1e8e1745a8
PSA AEAD: test more combinations of set_nonce and set_lengths
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-19 12:36:50 -05:00
Andrzej Kurek
a2ce72e5bf
Test calling psa_aead_set_lengths and set_nonce in various order
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-19 12:36:50 -05:00
Andrzej Kurek
01005b90b5
Restructure test-ref-configs to test with USE_PSA_CRYPTO turned on
...
Run some of the test configs twice, enabling MBEDTLS_USE_PSA_CRYPTO
and MBEDTLS_PSA_CRYPTO_C in one of the runs.
Add relevant comments in these configs.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-19 12:34:41 -05:00
Andrzej Kurek
77b8e098f9
Add missing MBEDTLS_ASN1_WRITE_C dependency in test_suite_psa_crypto
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-19 12:34:23 -05:00
Andrzej Kurek
ad2b8b5c3c
Fix a dependence in chacha cipher test suite
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-19 07:35:27 -05:00
Andrzej Kurek
ee8b57ffa6
Add missing dependency on MBEDTLS_GCM_C in cipher tests
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-19 07:08:27 -05:00
Andrzej Kurek
57d2f13ebc
Mark unused variable in tests for cases with reduced configs
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-19 07:08:27 -05:00
Manuel Pégourié-Gonnard
d2da19b8eb
Merge pull request #5380 from AndrzejKurek/key-id-encodes-owner-psa-fixes
...
Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO
2022-01-18 09:16:25 +01:00
Manuel Pégourié-Gonnard
a15503fcdd
Merge pull request #5344 from AndrzejKurek/psa-aead-more-generate-nonce-combinations
...
PSA AEAD: test more combinations of generate_nonce and set_lengths
2022-01-17 13:12:04 +01:00
Ronald Cron
188ed19456
Merge pull request #5351 from yuhaoth/pr/remove-duplicate-supported_group_ext
...
Remove duplicate function for writing supported_groups extension
2022-01-17 09:13:14 +01:00
Andrzej Kurek
b9fbc11e2c
Dynamically allocate iv in dec_empty_buf tests
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-14 16:31:54 +01:00
Andrzej Kurek
8be8e4a524
Add a missing test case to ChaCha20 tests - decrypt empty buffer
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-14 16:31:54 +01:00
Andrzej Kurek
63439eda62
Return an error for IV lengths other than 12 with ChaCha20+Poly1305
...
The implementation was silently overwriting the IV length to 12
even though the caller passed a different value.
Change the behavior to signal that a different length is not supported.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-14 16:31:54 +01:00
Andrzej Kurek
33ca6af8a3
Return an error for IV lengths other than 12 with ChaCha20
...
The implementation was silently overwriting the IV length to 12
even though the caller passed a different value.
Change the behavior to signal that a different length is not supported.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-14 16:31:54 +01:00