Commit graph

123 commits

Author SHA1 Message Date
Dave Rodgman
730bbee226 Merge remote-tracking branch 'origin/development' into update-restricted-2023-08-30 2023-08-30 11:22:00 +01:00
Gilles Peskine
2387bdab0f
Merge pull request #1038 from Mbed-TLS/development
Merge development into development-restricted
2023-07-21 15:40:36 +02:00
Tom Cosgrove
e4e9e7da58 For tests, rename TEST_BUFFERS_EQUAL() to TEST_MEMORY_COMPARE()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-21 11:45:25 +01:00
Tom Cosgrove
05b2a87ea0 For tests, rename TEST_CALLOC_OR_FAIL() to just TEST_CALLOC()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-21 11:32:25 +01:00
Tom Cosgrove
f9ffd11e7a For tests, rename ASSERT_ALLOC() to TEST_CALLOC_OR_FAIL()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-20 16:51:21 +01:00
Tom Cosgrove
65cd8519f7 For tests, rename ASSERT_COMPARE() to TEST_BUFFERS_EQUAL()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-20 16:51:15 +01:00
Dave Rodgman
9282d4f13a Don't directly access key_bitlen
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 11:07:40 +01:00
Gilles Peskine
4f4d4b2c40 Test consistency of cipher max-size macros
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-06-14 18:00:37 +02:00
Gilles Peskine
449bd8303e Switch to the new code style
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-11 14:50:10 +01:00
Dave Rodgman
f1419dbbe8
Merge pull request #6381 from tom-cosgrove-arm/pr2164
mbedtls: fix possible false success in mbedtls_cipher_check_tag()
2022-11-25 10:55:10 +00:00
Andrzej Kurek
ed05279e4f Comment fix
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-21 10:28:55 -04:00
Andrzej Kurek
8f26c8a0cf Fix a typo in test_suite_cipher
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-21 10:28:55 -04:00
Tom Cosgrove
edca207260 MBEDTLS_CIPHER_CHACHA20_POLY1305 is an mbedtls_cipher_type_t not an mbedtls_cipher_mode_t
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-10-14 12:10:40 +01:00
Tom Cosgrove
c621a6d38f Update tests to account for CIPHER_FEATURE_UNAVAILABLE on non-authenticated alg
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-09-30 17:15:54 +01:00
Przemek Stekiel
6f29a6c4b4 test_suite_cipher.function: always include aes.h
It is done to have MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH macro available (used in tests)

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-27 15:04:14 +02:00
Tuvshinzaya Erdenekhuu
d5ebedffd0 Removed unused variable in cipher test
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
2022-08-31 10:14:57 +01:00
Tuvshinzaya Erdenekhuu
6c68927948 Enabled invalid param test for cipher
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
2022-08-31 10:14:57 +01:00
Przemek Stekiel
476d9c45b8 Use MBEDTLS_TEST_DEPRECATED only in tests
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-19 14:11:06 +02:00
Przemek Stekiel
e58ca8bb5e Add MBEDTLS_TEST_DEPRECATED dependency
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-13 15:48:41 +02:00
Przemek Stekiel
61922d1328 Fix mbedtls_cipher_setup_psa() dependencies in tests
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-12 13:51:51 +02:00
Thomas Daubney
5dcbc4d326 Changes name of iv_check to iv_len_validity
Commit changes name of check_iv to
iv_len_validity as this seems to better describe
its functionality.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-02-17 21:30:25 +00:00
Thomas Daubney
3a066ec999 Initialise iv buffer before use
Commit initialises the iv buffer before
it is passed to mbedtls_cipher_set_iv().

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-02-17 14:00:06 +00:00
Andrzej Kurek
b9fbc11e2c Dynamically allocate iv in dec_empty_buf tests
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-14 16:31:54 +01:00
Andrzej Kurek
63439eda62 Return an error for IV lengths other than 12 with ChaCha20+Poly1305
The implementation was silently overwriting the IV length to 12
even though the caller passed a different value.
Change the behavior to signal that a different length is not supported.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-14 16:31:54 +01:00
Andrzej Kurek
33ca6af8a3 Return an error for IV lengths other than 12 with ChaCha20
The implementation was silently overwriting the IV length to 12
even though the caller passed a different value.
Change the behavior to signal that a different length is not supported.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-14 16:31:54 +01:00
Gilles Peskine
dc8ecda46f Don't fail until everything is initialized
Can't call mbedtls_cipher_free(&invalid_ctx) in cleanup if
mbedtls_cipher_init(&invalid_ctx) hasn't been called.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-12-10 14:28:31 +01:00
Paul Elliott
0cf7e38606 Add checked return to cipher setup
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-12-09 18:27:01 +00:00
Max Fillinger
72abd8a9c3 Fix type for iv size and block size in tests
Signed-off-by: Max Fillinger <max@max-fillinger.net>
2021-11-28 14:13:52 +01:00
Max Fillinger
c60c3a0c77 Include new getters in test suites
Signed-off-by: Max Fillinger <max@max-fillinger.net>
2021-11-10 15:12:04 +01:00
Mateusz Starzyk
f257a6e8f8 Add CCM*-no-tag tests for the cipher module.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-10-27 16:27:44 +02:00
Gilles Peskine
6ac8f94a72 Fix cipher info key length sanity checks
Most supported ciphers have a 128-bit, 192-bit or 256-bit keys. List the
exceptions explicitly.

This commit fixes a test failure with the null cipher and an incorrect
comment that omitted several key lengths.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-01 08:31:49 +02:00
Gilles Peskine
0be02bd823 Add accessor functions for cipher_info fields
Add functions to read the type, mode, name and key_bitlen fields from
mbedtls_cipher_info_t. These are the fields that applications are most
likely to care about.

TLS code also uses iv_size and block_size, which it might make sense to
expose, but most applications shouldn't need those, so I'm not exposing them
for now.

Call the new functions in unit tests, so they're at least smoke-tested.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-08-31 22:52:41 +02:00
TRodziewicz
2d0769d149 Simplification of the tests
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:36:54 +02:00
TRodziewicz
7019955c76 Removal of the TEST_VALID_PARAM macro and its usages
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:35:04 +02:00
TRodziewicz
062f353804 Changes after code review
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:34:14 +02:00
Ronald Cron
875b5fb7fa Refactor optional parameter check tests
Remove tests related to NULL pointers,
keep tests related to invalid enum values.
Remove test code related to MBEDTLS_CHECK_PARAMS.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:27:14 +02:00
TRodziewicz
c1c479fbe9 Fllow-up of the review: ChangeLog expansion, mmigration guides added and comments fixed
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-06 00:53:22 +02:00
TRodziewicz
18efb73743 Remove deprecated functions and constants.
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-04-29 23:12:19 +02:00
Gilles Peskine
f6be590bf6 Include psa_crypto_helpers.h in helpers.function
Include psa_crypto_helpers.h automatically if MBEDTLS_PSA_CRYPTO_C is
enabled, like helpers.h is included automatically.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-01-06 18:21:18 +01:00
Gilles Peskine
8a3d234859 Fail the test case immediately if cipher_reset_key fails
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-12-07 10:02:13 +01:00
Gilles Peskine
a2971ea62c Simplify some buffer comparisons in tests
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-12-07 09:58:47 +01:00
Gilles Peskine
70edd689a8 cipher_auth_xxcrypt(): fix some null pointer handling
Make sure that if a buffer is allowed to be empty, a null pointer is
accepted if the buffer length is 0. This was already the case for most
but not all arguments to mbedtls_cipher_auth_{en,de}crypt{,_ext}.

Make sure to pass NULL for an empty buffer in the tests.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-12-07 09:58:26 +01:00
Manuel Pégourié-Gonnard
b23e31d86a Minor documentation/comment fixes
typos, overlong lines

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-12-07 09:57:35 +01:00
Manuel Pégourié-Gonnard
f215ef82af Test that auth_decrypt{,_ext}() zeroize on failure
The documentation says it does, so it should be tested.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-12-03 12:33:31 +01:00
Manuel Pégourié-Gonnard
86796bc8a5 Add check_param test for cipher_auth_xxcrypt_ext()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-12-03 12:25:10 +01:00
Manuel Pégourié-Gonnard
9b2a78966f Use exact-size buffers for testing auth_xxcrypt()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-12-03 12:25:10 +01:00
Manuel Pégourié-Gonnard
513c243317 Deprecate mbedtls_cipher_auth_xxcrypt()
This temporarily breaks all.sh '*deprecated*' (deprecated functions still used
in the library), which will be fix in the next commit.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-12-03 12:25:09 +01:00
Manuel Pégourié-Gonnard
f2ffbc4387 Stop supporting NIST_KW in cipher_auth_xxcrypt()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-12-03 12:25:09 +01:00
Manuel Pégourié-Gonnard
53f10e70fd Test cipher_auth_{en,de}crypt_ext()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-12-03 12:25:09 +01:00
Manuel Pégourié-Gonnard
89a8fe50fe Extract helper function for repeated test code
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-12-03 12:25:09 +01:00