Commit graph

4220 commits

Author SHA1 Message Date
Neil Armstrong
eae1dfcc46 Change to more efficient error injection in ecjpake_do_round()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
db5b960a7e Permit any psa_pake_input() step to fail when error injected in input
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
75673abef5 Only build ecjpake_do_round() is PSA_WANT_ALG_JPAKE is defined
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
8c2e8a6cda Add ecjpake_rounds_inject tests to exercise error injection
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
f983caf6c4 Move JPAKE rounds into a common function, add reordering and error injection
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
1e855601ca Fix psa_pake_get_implicit_key() state & add corresponding tests in ecjpake_rounds()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
a557cb8c8b Fixing XXX_ALG_ECJPAKE to XXX_ALG_JPAKE to match specification
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
a24278a74a Add invalid hash ecjpake_setup() test case
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
9c8b492052 Add advanced psa_pake_input/psa_pake_output test in ecjpake_setup() test
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
50de0ae0c4 Add check calling psa_pake_setup() on an already initialized operation in ecjpake_setup() test
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
98506ab677 Add checks for INVALID_ARGUMENT for psa_pake_output/psa_pake_input in ecjpake_setup() test
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
645cccd6a8 Add checks for BAD_STATE before calling psa_pake_setup() in ecjpake_setup() test
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
707d9574f8 Add checks for psa_pake_set_user/psa_pake_set_peer in test_suite_psa_crypto
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
ebd9a03743 Cleanup PSA pake test dependency
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
d597bc705f Add PSA PAKE tests
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Manuel Pégourié-Gonnard
bf22a2500b
Merge pull request #6208 from AndrzejKurek/tls-tests-no-md-structured
Remove the dependency on MD from TLS 1.2 tests
2022-08-30 12:34:37 +02:00
Werner Lewis
c4afef7f46 Use spec values as-is for test data
Spec values are now always used for test data, and conversion to
internal representation is done in the test function.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-25 10:32:30 +01:00
Andrzej Kurek
32bd063773 test_suite_ssl: Add minimal handshake requirements
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-23 05:42:44 -04:00
Andrzej Kurek
299b1d6c93 Remove unnecessary psa/crypto.h include
This is now included in `legacy_or_psa.h`.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-23 05:42:33 -04:00
Andrzej Kurek
cccb044804 Style & formatting fixes
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-23 05:26:02 -04:00
Janos Follath
645ff5b8ff
Merge pull request #6095 from gabor-mezei-arm/6016_add_new_modulus_and_residue_structures
Add the new modulus and the residue structures with low level I/O operations
2022-08-23 09:02:43 +01:00
Andrzej Kurek
21b6870301 test_suite_ssl: remove unnecessary usage of mbedtls_md_get_size
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-22 17:46:50 -04:00
Andrzej Kurek
8c95ac4500 Add missing dependencies / alternatives
A number of places lacked the necessary dependencies on one of
the used features: MD, key exchange with certificate, 
entropy, or ETM.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-22 17:46:50 -04:00
Andrzej Kurek
7bb8bab457 Update SHA and MD5 dependencies in the SSL tests
The same elements are now also used when MBEDTLS_USE_PSA_CRYPTO
is defined and respective SHA / MD5 defines are missing.
A new set of macros added in #6065 is used to reflect these dependencies.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-22 17:46:50 -04:00
Andrzej Kurek
635c2c2be5 test_suite_ssl: replace CTR_DRBG with a fake rng source
This way there are less dependencies in the SSL test suite.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-22 17:46:50 -04:00
Gilles Peskine
e5018c97f9
Merge pull request #6195 from superna9999/6149-driver-only-hashes-ec-j-pake
Driver-only hashes: EC J-PAKE
2022-08-22 17:28:15 +02:00
Gilles Peskine
194556034d
Merge pull request #6169 from tom-cosgrove-arm/fix-incorrect-use-of-mbedtls_ecp_group_id
Fix incorrect use of mbedtls_ecp_group_id in test_suite_ssl.function
2022-08-22 17:26:18 +02:00
Janos Follath
6b8e0c2884 Bignum: make tests more readable
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-22 09:54:25 +01:00
Janos Follath
494a6d22bd Bignum tests: use TEST_EQUAL
TEST_EQUAL(), has the benefit of outputting the values that don't match,
which can make debugging simpler.

Scope:
- Recently added new test functions
- Checks making sure the test case/data is consistent is out of scope
- Only checks where printing the values is likely to be helpful

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-22 09:40:01 +01:00
Przemek Stekiel
07c0f12302 test_suite_pem.data: change MBEDTLS_CMAC_C->MBEDTLS_CIPHER_MODE_CBC dependency
MBEDTLS_CMAC_C dependency is ivalid.

"PEM read (unknown encryption algorithm)" needs MBEDTLS_CIPHER_MODE_CBC dependency as
otherwise this test is failing in test_when_no_ciphersuites_have_mac configuration
because mbedtls_pem_read_buffer() returns a different error (MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE).

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-20 14:24:04 +02:00
Janos Follath
deb8030e9f Improve mbedtls_mpi_core_lt_ct() unit tests
- Improve test descriptions
- Add more test cases with return value of 1
- Remove the mbedtls prefix from the test function

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-19 13:32:17 +01:00
Neil Armstrong
01a7d310d5 Make ecjpake test suite depend on MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-19 14:03:02 +02:00
Tom Cosgrove
a327b52427 Fix incorrect use of mbedtls_ecp_group_id in test_suite_ssl.function
MBEDTLS_SSL_IANA_TLS_GROUP_SECP192R1 and friends are not members of the mbedtls_ecp_group_id enum

Found by clang's -Wassign-enum

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-08-19 10:50:26 +01:00
Neil Armstrong
0d76341eac Remove md_info by md_type in ecjpake context, use mbedtls_hash_info_get_size() to get hash length
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-19 11:49:22 +02:00
Przemek Stekiel
bc0509a36b test_suite_pem, test_suite_pkparse: Adjust dependecies
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Przemek Stekiel
76b753bbb7 Change the dependencies in pem.c to xxx_BASED_ON_USE_PSA and related files
This is done to be able to bild test_psa_crypto_config_accel_hash component where MD5 is only available accelerated (PSA_WANT_ALG_MD5 is enabled and MBEDTLS_MD5_C is disabled) but MBEDTLS_USE_PSA_CRYPTO is disabled.
So the build should not attempt to enable pem_pbkdf1.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Przemek Stekiel
81799fd9d8 pem.c, test_suite_pem: fix dependency MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA->MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
*** Comparing before-default -> after-default ***
   x509parse: total 723; skipped  26 ->  26
   x509write: total  41; skipped   8 ->   8
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing before-full -> after-full ***
   x509parse: total 723; skipped  25 ->  25
   x509write: total  41; skipped   0 ->   0
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing reference -> drivers ***
   x509parse: total 723; skipped  89 ->  89
   x509write: total  41; skipped   3 ->   3
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Przemek Stekiel
2c70a0d9e0 test_suite_oid: Replace MBEDTLS_MD5_C and MBEDTLS_SHAxxx_C with the corresponding MBEDTLS_HAS_ALG_xxx_VIA_LOWLEVEL_OR_PSA
*** Comparing before-default -> after-default ***
   x509parse: total 723; skipped  26 ->  26
   x509write: total  41; skipped   8 ->   8
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing before-full -> after-full ***
   x509parse: total 723; skipped  25 ->  25
   x509write: total  41; skipped   0 ->   0
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing reference -> drivers ***
   x509parse: total 723; skipped  89 ->  89
   x509write: total  41; skipped   3 ->   3
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Przemek Stekiel
050819c19e test_suite_x509write: Move MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA dependency for x509_crt_check to .function file
mbedtls_x509write_crt_set_subject_key_identifier() requires MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Przemek Stekiel
41b742f84d test_suite_pem: Adapt dependencies for MD
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Przemek Stekiel
f8087e5ffd x509_crt_check: remove MBEDTLS_SHA1_C dependency from .function file (already handed in .data file)
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Przemek Stekiel
d34f8c36b8 x509 tests: adjust dependencies
*** Comparing before-default -> after-default ***
   x509parse: total 723; skipped  26 ->  26
   x509write: total  41; skipped   8 ->   8

*** Comparing before-full -> after-full ***
   x509parse: total 723; skipped  25 ->  25
   x509write: total  41; skipped   0 ->   0

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Jerry Yu
e28d9745a1 fix coding style issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-08-18 15:44:03 +08:00
Jerry Yu
5b7c7caee6 fix wrong condition issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-08-18 11:28:41 +08:00
Dave Rodgman
96a4be990f
Merge pull request #6177 from AndrzejKurek/ecdsa-no-md
Adjust hash dependencies in `test_suite_ecdsa`
2022-08-16 09:55:02 +01:00
Dave Rodgman
a7448bf19d
Merge pull request #6141 from mpg/driver-hashes-rsa-v21
Driver hashes rsa v21
2022-08-16 09:52:39 +01:00
Werner Lewis
e54046c9c2 Add test for ECP group metadata
Test cases added to check curve parameters and information for each
curve supported. Expected parameters are taken from references: SEC 2
for NIST, RFC 5639 for Brainpool, and RFC 7748 for curve25519/curve448.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-15 14:28:20 +01:00
Janos Follath
816206439a Bignum: Improve style
- Instead of macros, use direct calculations for array sizes
- Move variable declarations closer to first use

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-15 11:35:46 +01:00
Gabor Mezei
7f0817884e
Unify mpi mod raw read/write test with the other tests
Use 32 bit limbs instead of 64 bit.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-08-12 18:00:33 +02:00
Gabor Mezei
89e31460db
Typo
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-08-12 15:36:56 +02:00
Janos Follath
6318468183 Improve bignum documentation
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-11 17:42:59 +01:00
Andrzej Kurek
1af61cb75b Introduce a new macro for hash size in ecdsa tests
Previously these tests depended on the definition from
inside the MD module, which in turn could be 32 or 64
bytes depending on whether MBEDTLS_SHA512_C was
defined. This is unnecessary, so a constant is itnroduced
instead.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-11 09:19:42 -04:00
Janos Follath
9dfb5621ff Test little endian core I/O with odd limbs
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-11 12:15:55 +01:00
Janos Follath
1cb3b976c3 Test big endian core I/O with odd limbs
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-11 12:06:14 +01:00
Manuel Pégourié-Gonnard
7d5271608b Fix undeclared dependencies on SHA-1
Previously the whole .function file had a global dependency on
MBEDTLS_SHA1_C. This hasn't been correct for a long time:
- on principle, dependency declarations in .function files are for
compile-time dependencies;
- in practice, a number of test cases do not depend on SHA-1, as they only
use SHA-256 or SHA-512 - those cases should not be skipped in builds
without SHA-1;
- this was "taken advantage of" to skip dependency declarations for
test cases that only depended on SHA-1.

The previous commit removed the global dependency on SHA1_C; as a result
the test cases that actually depend on SHA-1 were not skipped in builds
without SHA-1. This commit fixes that by adding dependency declarations
where they belong: in the .data file.

All cases compute hashes using MD is available, or PSA otherwise; so
MD_OR_PSA is appropriate here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-08-11 12:50:06 +02:00
Manuel Pégourié-Gonnard
e741c61d54 Adjust dependencies in test_suite_pkcs1_v21
sed -i -f md_or_psa_hash.sed \
        tests/suites/test_suite_pkcs1_v21.data
        tests/suites/test_suite_pk.data

with md_or_psa_hash.sed containing:

    s/MBEDTLS_MD5_C/MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA/g
    s/MBEDTLS_RIPEMD160_C/MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA/g
    s/MBEDTLS_SHA1_C/MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA/g
    s/MBEDTLS_SHA224_C/MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA/g
    s/MBEDTLS_SHA256_C/MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA/g
    s/MBEDTLS_SHA384_C/MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA/g
    s/MBEDTLS_SHA512_C/MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA/g

(The only lines in pk.data that still had old-style dependencies where
the ones about PKCS1_V21.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-08-11 12:50:06 +02:00
Janos Follath
d0895708e2 Bignum: move internal constants to headers
Now that the check_names script allows it, we can do so.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-10 13:32:16 +01:00
Werner Lewis
3b09739c1b Add test case for mbedtls_ecp_set_zero
Tests function with various ECP point conditions, covering freshly
initialized, zeroed, non-zero, and freed points.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-08 17:22:55 +01:00
Janos Follath
1694969a0a Bignum: Add tests for modulus setup and free
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-08 13:37:20 +01:00
Neil Armstrong
a97f1ac5f9 Initialize mbedtls_x509write_csr struct before USE_PSA_INIT(), mbedtls_x509write_csr_free() will crash if uninitialized
When USE_PSA_INIT() failed because lack of seedfile, mbedtls_x509write_csr_free()
crashed when called on an unitialized mbedtls_x509write_csr struct.

This moves mbedtls_x509write_csr_init before calling USE_PSA_INIT(),
which could probably fail, and uses the same flow in x509_csr_check()
and x509_csr_check_opaque().

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-08 13:54:47 +02:00
Andrzej Kurek
9f42c0683c Adjust hash dependencies in test_suite_ecdsa
Only deterministic tests require SHA256 now.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-08 07:31:48 -04:00
Gabor Mezei
a200f6f855 Add macro definitions to the tests
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-08-05 17:10:51 +01:00
Gabor Mezei
23a1ce90ec Add tests for mbedtls_mpi_mod_raw read/write functions
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-08-05 17:10:47 +01:00
Janos Follath
23bdeca64d Add core constant time comparison
Unfortunately reusing the new function from the signed constant time
comparison is not trivial.

One option would be to do temporary conditional swaps which would prevent
qualifying input to const. Another way would be to add an additional
flag for the sign and make it an integral part of the computation, which
would defeat the purpose of having an unsigned core comparison.

Going with two separate function for now and the signed version can be
retired/compiled out with the legacy API eventually.

The new function in theory could be placed into either
`library/constant_time.c` or `library/bignum_new.c`. Going with the
first as the other functions in the second are not constant time yet and
this distinction seems more valuable for new (as opposed to belonging to
the `_core` functions.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-05 17:08:52 +01:00
Janos Follath
91dc67d31c Allow (NULL, 0) as a representation of 0
- We don't check for NULL pointers this deep in the library
- Accessing a NULL pointer when the limb number is 0 as a mistake is the
  very similar to any other out of bounds access
- We could potentially mandate at least 1 limb representation for 0 but
  we either would need to enforce it or the implementation would be less
  robust.
- Allowing zero limb representation - (NULL, 0) in particular - for zero
  is present in the legacy interface, if we disallow it, the
  compatibility code will need to deal with this (more code size and
  opportunities for mistakes)

In summary, interpreting (NULL, 0) as the number zero in the core
interface is the least of the two evils.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-05 17:08:52 +01:00
Janos Follath
6ff3536de5 Add tests for little endian core I/O
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-05 17:08:49 +01:00
Janos Follath
f1d617deb8 Add tests for big endian core I/O
The test case where there were extra limbs in the MPI failed and this
commit contains the corresponding fix as well. (We used to use the
minimum required limbs instead of the actual limbs present.)

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-05 17:06:31 +01:00
Gilles Peskine
b4983d4556
Merge pull request #6164 from mprse/md_ssl_test
Avoid use of MD in SSL test suite
2022-08-05 11:02:44 +02:00
Gilles Peskine
f860f3742b
Merge pull request #6070 from wernerlewis/bignum_test_radix
Remove radix argument from bignum test functions
2022-08-05 11:01:07 +02:00
Gilles Peskine
57d4c11c44
Merge pull request #6165 from mprse/md_x509_test
Avoid use of MD in X.509 write test suite
2022-08-04 10:11:03 +02:00
Gilles Peskine
07e7fe516b
Merge pull request #6088 from tuvshinzayaArm/validation_remove_change_curve
Validation remove and change in files related to curve in library
2022-08-03 13:05:16 +02:00
Werner Lewis
dc47fe71df Use upper case for bignum string comparison
Test data which is compared as a hex string now uses upper case to
match output of mbedtls_mpi_write_string() output. This removes usage
of strcasecmp().

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:17:45 +01:00
Werner Lewis
3ccc116c35 Apply test data changes for conflicting cases
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:17:45 +01:00
Werner Lewis
a453c14a12 Remove radix arguments from tests added in 3.2
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:07:14 +01:00
Werner Lewis
efda01fb8c Fix formatting in bignum test functions
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:07:14 +01:00
Werner Lewis
f65a327111 Remove remaining bignum radix args
Functions which are not covered by script, changes made to use radix
16.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:07:14 +01:00
Werner Lewis
9802d36168 Remove radix arg from bignum tests
Cases where radix was explictly declared are removed in most cases,
replaced using script. bignum arguments are represented as hexadecimal
strings. This reduces clutter in test data and makes bit patterns
clearer.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:07:14 +01:00
Werner Lewis
19b4cd893c Remove radix arg from mbedtls_test_read_mpi
All uses have radix argument removed, using script.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:05:24 +01:00
Przemek Stekiel
54a544600f test_suite_x509write: use psa_hash_compute() instead mbedtls_md()
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-01 16:03:17 +02:00
Przemek Stekiel
cc59c998d8 test_suite_ssl: make PSA build independent on MD module
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-01 14:29:56 +02:00
Manuel Pégourié-Gonnard
1e48445aa0
Merge pull request #6104 from superna9999/6097-remove-useless-md-in-test
Remove useless use of MD in test functions
2022-07-28 11:35:56 +02:00
Dave Rodgman
aba26d0099
Merge pull request #5963 from tom-daubney-arm/remove_ssl_compression_new
Remove use of SSL session compression
2022-07-28 10:28:23 +01:00
Manuel Pégourié-Gonnard
f6b8c3297a
Merge pull request #6065 from mpg/explore2
Driver-only hashes: RSA 1.5 and PK + strategy doc
2022-07-28 10:43:38 +02:00
Tuvshinzaya Erdenekhuu
fb389dde58 Enable invalid param test for ecp
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
2022-07-27 15:23:02 +01:00
Tuvshinzaya Erdenekhuu
8df9603e73 Enable invalid param test for ecjpake
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
2022-07-27 15:20:22 +01:00
Tuvshinzaya Erdenekhuu
2392419c9d Enable invalid param test in ecdh.c
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
2022-07-27 15:19:46 +01:00
Thomas Daubney
20f89a9605 Remove uses of SSL compression
Remove or modify current uses of session compression.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-07-26 16:13:03 +01:00
Jerry Yu
6ac7c0349a TLS 1.3: Add session test checks
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:09:40 +08:00
Jerry Yu
bc7c1a4260 fix typo/format/name issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:09:40 +08:00
Jerry Yu
f092629997 Add save load test for tls13
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
a180f99a55 Add load-save tests for tls13
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
1ac476cc1e Add save buf size test for tls13
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
6e8fec2908 add session serialization load buf
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
534ff400d4 Add serialize_version_check for tls13
Add population session also

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Manuel Pégourié-Gonnard
0aabb6d8b9 Fix dependency in test_suite_pk
When USE_PSA is disabled and ECDSA_DETERMINISTIC is enabled, generating
ECDSA signatures via PK requires use of the hash via the MD layer (in
HMAC-DRBG, used by deterministic ECDSA).

When USE_PSA is enabled, ECDSA signatures via PK go through PSA which
always uses non-deterministic ECDSA, so does not rely on HMAC-DRBG/MD.

The condition used here is slightly too strong, but expressing exactly
the optimal condition seems more effort than it's worth for just 3 test
cases.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-22 10:55:06 +02:00
Dave Rodgman
87276a326f
Merge pull request #5952 from tuvshinzayaArm/add-missing-break
Add missing break
2022-07-21 15:25:40 +01:00
Manuel Pégourié-Gonnard
db2c80402a Fix dependencies in test_suite_pk
Using VIA_MD_OR_PSA_BASED_ON_USE_PSA was justified by the fact that
until a few commits ago, the test functions here computed hashes using
either MD or PSA, depending on whether USE_PSA was defined (which itself
was justified by the loose reasoning that "PK is USE_PSA territory").

A few commits ago, test code stopped computing hashes because the hash
values became part of the test data. PK itself does not compute hashes.
As a result, VIA_MD_OR_PSA_BASED_ON_USE_PSA is no longer justified.

There are now two kinds of tests:
- those that only rely on hash data (ECDSA, RSA PKCS#1 v1.5) should
depend on VIA_LOWLEVEL_OR_PSA as that is the minimal dependency, hence
the one used for data
- those that were the layer below PK will internally compute a hash (RSA
PKCS#1 v2.1): currently this hash is always computed using MD (on which
MBEDTLS_PKCS1_V21 depends), so legacy dependencies like MBEDTLS_SHA256_C
should be used for now. The previous dependency was morally wrong, it
didn't show in the driver-only tests only because PKCS#1 v2.1 is
disabled in this test for now.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-21 13:34:46 +02:00
Manuel Pégourié-Gonnard
73692b7537 Rework macros expressing dependencies
Fix usage with sed:

s/MBEDTLS_OR_PSA_WANT_\([A-Z_0-9]*\)/MBEDTLS_HAS_\1_VIA_LOWLEVEL_OR_PSA/
s/MBEDTLS_USE_PSA_WANT_\([A-Z_0-9]*\)/MBEDTLS_HAS_\1_VIA_MD_OR_PSA_BASED_ON_USE_PSA/

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-21 12:11:53 +02:00
Dave Rodgman
7085aa42ee
Merge pull request #5896 from wernerlewis/aes_shallow_copy
Refactor AES context to be shallow-copyable
2022-07-20 15:16:37 +01:00
Neil Armstrong
0270b9f5a4 Rm useless use of MD in PKCS#1v2.1 test functions
We had a message in the data file, and were computing its hash in the
test function. It is more efficient (and simpler when it comes to
dependencies) to directly have the message hash in the data file.

It was probably this way because some test vectors provide the message
for the sake of all-in-one implementation that hash-and-sign at once.
But our API gets a hash as the input and signs it. In unit tests, this
should be reflected in the signature of the test function, which should
take a hash as input.

The changes to the .data file were done using the following python
script:

import hashlib

suite = 'pkcs1_v21'

functions = {
        'pkcs1_rsassa_pss_sign': (6, 8),
        'pkcs1_rsassa_pss_verify': (4, 6),
        'pkcs1_rsassa_pss_verify_ext': (4, 8),
}

def hash_ctx(s):
    if s == 'MBEDTLS_MD_MD5':
        return hashlib.md5()
    if s == 'MBEDTLS_MD_SHA1':
        return hashlib.sha1()
    if s == 'MBEDTLS_MD_SHA224':
        return hashlib.sha224()
    if s == 'MBEDTLS_MD_SHA256':
        return hashlib.sha256()
    if s == 'MBEDTLS_MD_SHA384':
        return hashlib.sha384()
    if s == 'MBEDTLS_MD_SHA512':
        return hashlib.sha512()

def fix(l):
    parts = l.rstrip().split(":")

    fun = parts[0]
    if fun not in functions:
        return l

    (digest_idx, msg_idx) = functions[fun]

    alg_str = parts[digest_idx]
    if alg_str == "MBEDTLS_MD_NONE":
        return l
    h = hash_ctx(alg_str)

    msg_str = parts[msg_idx]
    msg_hex = msg_str[1:-1]
    msg = bytes.fromhex(msg_hex)
    h.update(msg)
    msg_hash = h.hexdigest()
    msg_hash_str = '"' + msg_hash + '"'

    parts[msg_idx] = msg_hash_str
    return ":".join(parts) + '\n'

filename = 'tests/suites/test_suite_' + suite + '.data'
with open(filename) as f:
    lines = f.readlines()

lines = [fix(l) for l in lines]

with open(filename, 'w') as f:
    f.writelines(lines)

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-07-20 09:34:20 +02:00