yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
29566 commits 1 branch 0 tags 94 MiB
Commit graph

10668 commits

Author SHA1 Message Date
Dave Rodgman
ba8e9addd9 Fix test dependencies 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-01 13:54:46 +00:00
Paul Elliott
0b2835d1fd Fix accidental copy paste mistake 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-02-01 13:27:04 +00:00
Ronald Cron
11cc41265b
Merge pull request #8711 from ronald-cron-arm/tls13-ticket-and-early-data-unit-test 
Add TLS 1.3 ticket and early data unit tests
 2024-02-01 13:15:55 +00:00
Paul Elliott
ae942ece47 Fix style issues 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-02-01 12:44:01 +00:00
Paul Elliott
24e9a32c83 Refactor to help future other implementations 
Improve the definition of mbedtls_test_thread_t to assist adding future
threading implementations, when they happen.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-02-01 12:26:23 +00:00
Dave Rodgman
6823247376 Fix compile warning in tests 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-31 15:59:06 +00:00
Paul Elliott
9efc60298f Fix code style issues 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-01-31 15:33:23 +00:00
Ronald Cron
eb84534ee3 Use TEST_EQUAL instead of TEST_ASSERT where possible 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-01-31 15:23:38 +01:00
Ronald Cron
5de9c6f295 Fix and add comments in ticket and early data test function 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-01-31 15:23:33 +01:00
Ronald Cron
095a3a5a29 Fix PSA init and done macros in TLS unit tests 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-01-31 15:02:09 +01:00
Ronald Cron
faf026c67c Explain purpose of test specific write/parse ticket functions 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-01-31 14:32:11 +01:00
Valerio Setti
efcc555002 test_suite_psa_crypto_util: add test with 0-length s 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-31 11:15:37 +01:00
Valerio Setti
a888645bb8 test_suite_rsa: add test for key write with incremental output size 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-31 10:42:00 +01:00
Paul Elliott
fad978b232 Fix race condition with test comparison functions 
Make sure we hold the mutex whilst making several changes at the same
time, to prevent race condition on writing connected bits of data.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-01-30 18:00:26 +00:00
Valerio Setti
91372f5549 test_suite_rsa: add more test cases for RSA key parsing 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-30 17:26:38 +01:00
Valerio Setti
f988f95b9a test_suite_bignum: add test function: mpi_zero_length_buffer_is_null() 
The goal is to test all the bignum's functions that accept a buffer
and its length and verify that they do not crash if a NULL pointer
is passed in as buffer and 0 length is specified.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-30 16:28:09 +01:00
Valerio Setti
76e4c6352d test_suite_aria: remove NOT_DEFINED dependency from aria_invalid_param() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-30 16:28:06 +01:00
Valerio Setti
252311d41e test_suite_psa_crypto_util: add test with 0-length for r 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-30 15:50:28 +01:00
Valerio Setti
98e1931a0a test_suite_psa_crypto_util: alloc/free buffer inside loop in ecdsa_raw_to_der_incremental() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-30 15:46:02 +01:00
Tom Cosgrove
d4c373a597 Refactor all.sh clang version detection code 
Prevents a script failure when attempting to run build_aes_armce on a system without clang

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2024-01-30 13:56:38 +00:00
Tom Cosgrove
9e4eeff6e0 Fix comment about verison of clang required for 'build_aes_armce' 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2024-01-30 13:51:18 +00:00
Gilles Peskine
03aa9bc226 Switch pk_setup_for_type() to return MBEDTLS_ERR_xxx 
Use mbedtls return codes rather than a boolean "has test not failed?".

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-30 11:18:42 +01:00
Gilles Peskine
3da3c0a000 Always call psa_crypto_init when testing mbedtls_pk_get_psa_attributes 
mbedtls_pk_get_psa_attributes() actually works without having initialized
the PSA subsystem, because it doesn't call any non-client PSA API functions.
But the function is only useful in conjunction with the PSA API: it's
meant to be followed by importing a key with the resulting attributes. We
don't advertize it to work without an up-and-running PSA subsystem, and
there's no need to test it without an up-and-running PSA subsystem as we
were (accidentally) doing.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-30 10:22:29 +01:00
Gilles Peskine
f8c2cd1489 Update preprocessor guard comment 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-30 10:18:36 +01:00
Gilles Peskine
e0c13cffb3 Update some msg descriptions 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-30 10:17:49 +01:00
Valerio Setti
307ce2cff5 test_psa_compliance: use the last upstream release of psa-arch-tests 
Release: v23.06_API1.5_ADAC_EAC
This fixes all the issues that were previously added as exceptions.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-30 09:25:07 +01:00
Valerio Setti
7a795fd951 suite_psa_crypto_util: add more test cases for DER->RAW 
- r with MSb set
- Invalid r (only 1 zero byte)

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-29 18:08:42 +01:00
Valerio Setti
ee5238fcf4 suite_psa_crypto_util: add more testing for mbedtls_ecdsa_raw_to_der() 
A new test function is added, ecdsa_raw_to_der_incremental, that tests
incremental output DER buffer sizes checking that only the correct one
(tested at last) works correctly.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-29 17:45:18 +01:00
Valerio Setti
9b9b5a52d9 psa_util: some code improvement to convert_der_to_raw_single_int() 
This commit also fixes test_suite_psa_crypto_util.data due to the
change in one of the return values.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-29 17:25:19 +01:00
Valerio Setti
41f8f733a1 test_psa_compliance: add exception for tests using wrong RSA pub key format 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-29 11:44:40 +01:00
Valerio Setti
89d8a12e9c analyze_outcomes: fix typo 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-26 15:04:05 +01:00
Valerio Setti
f8ce457fb6 all.sh: fix comment in check_test_dependencies() 
MBEDTLS_ASN1_WRITE_C is no more required for ECDSA conversion
functions.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-26 14:55:14 +01:00
Paul Elliott
c4e911889e
Merge pull request #8751 from trofi/gcc-14-calloc-fix 
tests: fix `calloc()` argument list (`gcc-14` fix)
 2024-01-26 11:02:53 +00:00
Sergei Trofimovich
da2a33de0f tests: fix calloc() argument list (gcc-14 fix) 
`gcc-14` added a new `-Wcalloc-transposed-args` warning recently. It
detected minor infelicity in `calloc()` API usage in `mbedtls`:

    In file included from /build/mbedtls/tests/include/test/ssl_helpers.h:19,
                     from /build/mbedtls/tests/src/test_helpers/ssl_helpers.c:11:
    /build/mbedtls/tests/src/test_helpers/ssl_helpers.c: In function 'mbedtls_test_init_handshake_options':
    /build/mbedtls/tests/include/test/macros.h:128:46:
      error: 'calloc' sizes specified with 'sizeof' in the earlier argument
        and not in the later argument [-Werror=calloc-transposed-args]
      128 |             (pointer) = mbedtls_calloc(sizeof(*(pointer)),  \
          |                                              ^

Signed-off-by: Sergei Trofimovich <slyich@gmail.com>
 2024-01-25 21:29:56 +00:00
Chien Wong
ef56795fd2
Fix 1 forgotten separate input/output buffer 
Signed-off-by: Chien Wong <m@xv97.com>
 2024-01-25 19:22:50 +08:00
Chien Wong
92c17c456c
Use separate input/output buffer. Explain why error is expected 
Signed-off-by: Chien Wong <m@xv97.com>
 2024-01-25 19:11:03 +08:00
Valerio Setti
80edec5f84 all.sh: remove MBEDTLS_PEM_PARSE_C exception from check_test_dependencies() 
Since we officially disabled support for importing of PEM formatted keys
into PSA we removed dedicated tests from test_suite_psa_crypto. As a
consequence MBEDTLS_PEM_PARSE_C is no more an exception for
component_check_test_dependencies().

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-25 09:33:48 +01:00
Gilles Peskine
77faddf93b Depend on legacy RSA key generation for test code 
In principle the RSA tests shouldn't depend on RSA key generation: they just
need to operate on RSA keys. However they do need some method of creating an
RSA key, and we're currently doing random generation. So depend on what the
test code needs.

Depend on the legacy RSA interface, since driver-only RSA isn't currently
supported in the PK module.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-24 22:14:32 +01:00
Gilles Peskine
2bd4ddc8e0 Implement pick-a-curve when ECP_LIGHT is disabled 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-24 22:10:50 +01:00
Paul Elliott
7fd162ec26 Refactor common PThreads CMake code 
Move the flags and find of Threads to root CMakeLists.txt, rather
than duplicate these everywhere. Make explicit linking of library with
PThreads use the same mechanism.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-01-24 18:05:53 +00:00
Valerio Setti
6d597f1967 test_suite_rsa: extend rsa_parse_pkcs1_key adding tests for public key 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 16:42:32 +01:00
Valerio Setti
6def24ce73 test_suite_[pkparse/rsa]: move RSA private key parsing tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 16:42:32 +01:00
Valerio Setti
1533c3f660 test_suite_rsa: improve rsa_parse_write_pkcs1_key() adding more checks 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 16:42:29 +01:00
Valerio Setti
448377bec7 all.sh: remove MBEDTLS_ASN1_PARSE_C exception from check_test_dependencies() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 16:26:35 +01:00
Valerio Setti
688f795cb3 asn1: use the new symbol to guard dependencies of ECDSA conversion functions 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 16:26:35 +01:00
Valerio Setti
f4d2dc2d77 psa_util: guard ECDSA conversion functions with proper (internal) symbol 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 16:26:35 +01:00
Valerio Setti
17105df3e7 test_suite_psa_crypto_util: add comments to 512/521 bit size test cases 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 16:26:35 +01:00
Valerio Setti
31657ed70c test_suite_psa_crypto_util: change curve type for 256bits tests 
Tests with 256 bits curve simply depends on any curve of that size,
but they don't really care about which family is enabled.

Here I replaced PSA_WANT_ECC_SECP_R1_256 with PSA_WANT_ECC_SECP_K1_256
because otherwise there were test disparities in the
"analyze_driver_vs_reference_tfm_config" component of
"analyze_outcomes.py". It looked simpler to change the curve type
in the test suite's data rather than adding proper exceptions
in "analyze_outcomes.py"

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 16:26:35 +01:00
Valerio Setti
3ccb2b5423 all.sh: add exception for ASN1_PARSE_C in check_test_dependencies 
There is no PSA equivalent to ASN1 legacy symbols.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 16:26:35 +01:00
Valerio Setti
3f0809a99d test_suite_psa_crypto_util: split ECDSA test function in two 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 16:26:35 +01:00
Valerio Setti
c22e3ce8ef psa_util: remove CRYPTO_C guard from ECDSA conversion functions 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 16:26:31 +01:00
Valerio Setti
99c0369d31 psa_util: add include asn1write.h in public header 
This is mandatory to have support for the error codes defined
in the asn1write.h header file.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 16:14:37 +01:00
Valerio Setti
bda440f82d test_suite_psa_crypto_util: increase the size of tested integers 
- Replace 192 case with 256
- Replace 256 case with 512
- Add 521 case

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 16:14:37 +01:00
Valerio Setti
aed21640bd test_suite_psa_crypto_util: add test function and data for ECDSA conversion functions 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 16:14:37 +01:00
Valerio Setti
724a2abf01 test_suite_psa_crypto: fix typo in description 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 15:57:12 +01:00
Valerio Setti
cd89b0b536 all.sh: disable legacy hash support in test_psa_crypto_config_accel_hmac() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 14:24:55 +01:00
Chien Wong
99ff1f505b
Add test cases on GCM AD, input, IV length 
Signed-off-by: Chien Wong <m@xv97.com>
 2024-01-24 20:52:27 +08:00
Valerio Setti
c6d7f53adc all.sh: update common_test_psa_crypto_config_accel_ecc_some_curves() 
Do not disable RSA_C and related modules because now it does not
automatically re-enable PK module.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 12:36:37 +01:00
Valerio Setti
dccfd3612d rsa: update return values of priv/pub parse/write functions 
The goal is to remove usage of PK return values in order to
completely eliminate that dependency.
This commit also updates pkparse and test_suite_x509parse to
align with this change in return values.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 12:36:34 +01:00
Dave Rodgman
13f2f4e7f1 Merge remote-tracking branch 'restricted/development' into mbedtls-3.5.2rc 2024-01-24 09:49:15 +00:00
Gilles Peskine
64996c3be9 Disable MBEDTLS_PSA_CRYPTO_CLIENT in no-PSA builds 
When building without PSA crypto functions, disable
MBEDTLS_PSA_CRYPTO_CLIENT as well as MBEDTLS_PSA_CRYPTO_C. With
just MBEDTLS_PSA_CRYPTO_CLIENT, PSA crypto API functions are supposed to
exist at link time but be provided by a third party.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-23 20:25:47 +01:00
Gilles Peskine
00f3085163 Missing dependency for MBEDTLS_PK_ECDSA 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-23 20:25:34 +01:00
Gilles Peskine
f3dbc98d96 mbedtls_pk_get_psa_attributes: support MBEDTLS_PK_USE_PSA_EC_DATA 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-23 20:09:38 +01:00
Gilles Peskine
758d8c7631 mbedtls_pk_get_psa_attributes: support MBEDTLS_PK_OPAQUE 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-23 20:09:38 +01:00
Gilles Peskine
94e3a873ce mbedtls_pk_get_psa_attributes: test bad usage value 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-23 20:09:38 +01:00
Gilles Peskine
ace7c7721e mbedtls_pk_get_psa_attributes: ECC support 
Add code and unit tests for MBEDTLS_PK_ECxxx in
mbedtls_pk_get_psa_attributes().

This commit only supports built-in ECC (MBEDTLS_ECP_C). A subsequent commit
will handle driver-only ECC.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-23 20:09:38 +01:00
Gilles Peskine
6ea18361df mbedtls_pk_get_psa_attributes: RSA support 
Add code and unit tests for MBEDTLS_PK_RSA in mbedtls_pk_get_psa_attributes().

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-23 20:09:38 +01:00
Gilles Peskine
0b17255da1 Introduce mbedtls_pk_get_psa_attributes 
Follow the specification in https://github.com/Mbed-TLS/mbedtls/pull/8657
as of dd77343381, i.e.
dd77343381/docs/architecture/psa-migration/psa-legacy-bridges.md (api-to-create-a-psa-key-from-a-pk-context)

This commit introduces the function declaration, its documentation, the
definition without the interesting parts and a negative unit test function.
Subsequent commits will add RSA, ECC and PK_OPAQUE support.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-23 20:09:38 +01:00
Valerio Setti
b054e449c9 test_suite_psa_crypto: remove tests for importing an RSA key in PEM format 
This feature was an unofficial extension which was never documented.
Now that we are removing the PK dependency in order to use only
functions from RSA module, PEM support is unavailable. Therefore
we explicitly remove it.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-23 16:12:27 +01:00
Valerio Setti
8e6093dd9f test_suite_rsa: add some basic testing of new parse/write priv/pub keys 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-23 15:19:07 +01:00
Dave Rodgman
e23d6479cc Bump version 
./scripts/bump_version.sh --version 3.5.1

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-22 15:45:49 +00:00
Jonathan Winzig
af553bf719 Add required dependency to the testcase 
Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com>
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
 2024-01-22 15:31:05 +00:00
Jonathan Winzig
acd35a55c8 Remove unneeded testcase 
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
 2024-01-22 15:31:05 +00:00
Jonathan Winzig
144bfde1cd Update test-data to use SIZE_MAX 
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
 2024-01-22 15:31:05 +00:00
Jonathan Winzig
93f5240ae5 Add missing newline at the end of test_suite_x509write.data 
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
 2024-01-22 15:31:05 +00:00
Jonathan Winzig
1c7629c1c0 Add tests for Issue #8687 
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
 2024-01-22 15:31:05 +00:00
Valerio Setti
1626cc767b test_suite_entropy: relax MD_C dependency to MD_LIGHT 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-22 16:29:46 +01:00
Valerio Setti
20cea94fd4 analyze_outcomes: add task for HMAC coverage 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-22 16:23:25 +01:00
Valerio Setti
8eb310c7e6 all.sh: add accelerated and reference components for HMAC 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-22 16:22:57 +01:00
Manuel Pégourié-Gonnard
34c6e8a770
Merge pull request #8700 from valeriosetti/issue8461 
psa_asymmetric_encrypt() doesn't work with opaque driver
 2024-01-22 08:43:08 +00:00
Ronald Cron
f8fdbb5174 tests: tls13: Run early data test only in TLS 1.3 only config 
Temporary workaround to not run the early data test
in Windows-2013 where there is an issue with
mbedtls_vsnprintf().

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-01-22 09:37:45 +01:00
Ronald Cron
a8dd81b4de tests: tls13: Add early data unit test 
This aims to provide a basis for negative
testing around TLS 1.3 early data.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-01-22 09:37:45 +01:00
Ronald Cron
ec3408d707 tests: ssl: Move setting of debug callback 
Move the setting of the debug callback to
the endpoint initialization function. That
way, no need to repeat it in various testing
scenarios.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-01-22 09:37:45 +01:00
Ronald Cron
d903a86e52 tests: tls13: Add session resume with ticket unit test 
This aims to provide a basis for negative testing
around TLS 1.3 ticket, replacing eventually the
negative tests done in ssl-opt.sh using the
dummy_ticket option.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-01-22 09:37:45 +01:00
Ronald Cron
77abfe67db ssl_helpers.c: Add ticket write/parse test functions 
Add ticket write/parse test functions as defined
by mbedtls_ssl_ticket_write/parse_t. They are
intended to be used in negative testing
involving tickets.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-01-22 09:37:45 +01:00
Paul Elliott
3d2db89d5c Access the test data mutex via accessor 
Remove the use of extern and instead use an accessor to get the address
of the test info mutex (defined only if MBEDTLS_TEST_MUTEX_USAGE is
defined, to hopefully stop more general usage)

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-01-19 20:44:32 +00:00
Paul Elliott
e2f6662021 Make test data static now it has accessors 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-01-19 20:22:24 +00:00
Paul Elliott
ed3ba3cc8e Fix documentation typos. 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-01-19 16:44:23 +00:00
Paul Elliott
85ea3e623b Set preferences before finding Threads in CMake 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-01-19 15:57:22 +00:00
Valerio Setti
639d5678b5 pk: move mbedtls_pk_load_file to pk_internal 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-19 09:07:39 +01:00
Valerio Setti
25b282ebfe x509: move internal functions declarations to a private header 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-19 09:07:35 +01:00
Valerio Setti
b4f5076270 debug: move internal functions declarations to an internal header file 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-18 15:30:46 +01:00
Gilles Peskine
4d4891e18a
Merge pull request #8666 from valeriosetti/issue8340 
Export the mbedtls_md_psa_alg_from_type function
 2024-01-18 13:58:55 +00:00
Gilles Peskine
b1f96c0354
Merge pull request #7815 from gilles-peskine-arm/ecp-export-partial 
ECP keypair utility functions
 2024-01-18 10:29:05 +00:00
Gilles Peskine
c9077cccd3
Merge pull request #8664 from valeriosetti/issue7764 
Conversion function from ecp group to PSA curve
 2024-01-18 10:28:55 +00:00
Valerio Setti
18371ee08f generate_tls13_compat_tests: add DH group dependency when FFDH is used 
"tls13-compat.sh" is also updated in this commit using the python
script.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-18 10:44:57 +01:00
Valerio Setti
05754d8e85 ssl-opt: add DH groups requirements in test cases using FFDH 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-18 09:47:00 +01:00
Valerio Setti
4f34b155f5 test_driver_key_management: keep mbedtls_test_opaque_wrap_key() private 
Only mbedtls_test_opaque_unwrap_key() is actually needed by other
test drivers to deal with opaque keys. mbedtls_test_opaque_wrap_key()
can be kept private to test_driver_key_management.c.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-18 08:44:13 +01:00
Valerio Setti
78aa0bc1d9 all.sh: fix tests with accelerated FFDH 
Explicitly accelerate also DH groups in those tests.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:57:06 +01:00
Valerio Setti
1161b44981 crypto_config_test_driver_extension: support accelaration of DH groups 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:57:06 +01:00
Valerio Setti
48a847afb7 tests: add guards for DH groups 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:57:06 +01:00
Valerio Setti
6bed64ec75 all.sh: add new component with only DH 2048 bits. 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:57:06 +01:00
Dave Rodgman
9039ba572b Fix test dependencies 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-16 18:38:55 +00:00
Dave Rodgman
b7778b2388 Fix ASAN error in test 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-16 16:27:34 +00:00
Dave Rodgman
24ad1b59e8 Add NIST AES-CTR test vectors 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-16 13:24:45 +00:00
Dave Rodgman
4cc6fb9039 add test for multipart AES-CTR 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-16 13:24:45 +00:00
Valerio Setti
4860a6c7ac test_suite_psa_crypto: revert known failing checks for [en|de]cryption with opaque keys 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-15 16:30:12 +01:00
Valerio Setti
62b6f10f64 test_driver_asymmetric_encryption: implement opaque [en/de]cryption functions 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-15 16:30:07 +01:00
Valerio Setti
66a827fc83 test_driver_key_management: make opaque [un]wrapping functions public 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-15 15:00:52 +01:00
Dave Rodgman
ae730348e9 Add tests for mbedtls_ctr_increment_counter 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-15 11:45:01 +00:00
Valerio Setti
f202c2968b test_suite_psa_crypto: test asymmetric encryption/decryption also with opaque keys 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-15 10:42:37 +01:00
Tom Cosgrove
f1ba1933cf
Merge pull request #8526 from yanrayw/issue/7011/send_record_size_limit_ext 
TLS1.3: SRV/CLI: add support for sending Record Size Limit extension
 2024-01-12 13:39:15 +00:00
Waleed Elmelegy
4b09dcd19c Change renegotiation test to use G_NEXT_SRV 
Change renegotiation test to use G_NEXT_SRV
to avoid problems when sending TLS 1.3
extensions since we exceed the extension
limit in G_SRV.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-12 10:50:25 +00:00
Ryan Everett
a90378c425 Restore previous version of rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-12 10:24:00 +00:00
Kusumit Ghoderao
153586a3d5 change values to ULL 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-12 11:19:16 +05:30
Ryan Everett
d00a138075 Change test data for pkparse aes 
Test data generated using openSSL with:
openssl pkcs8 -topk8 -v2 $ENC -v2prf hmacWithSHA384 -inform PEM
-in $IN -outform PEM -out $OUT -passout "pass:PolarSSLTest"

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-11 17:23:15 +00:00
Paul Elliott
3519cfb3d8
Merge pull request #8639 from bensze01/release_components 
Set OpenSSL/GnuTLS variables when running release components
 2024-01-11 15:38:35 +00:00
Ronald Cron
7c14afcaaa
Merge pull request #8595 from yanrayw/issue/8593/srv-CH-fix-version-check 
TLS1.3: SRV: check `min_tls_version` when parsing ClientHello
 2024-01-11 13:34:09 +00:00
Waleed Elmelegy
e83be5f639 Change renegotiation tests to work with TLS 1.2 only 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 23:39:54 +00:00
Ryan Everett
1f935f5027 Add AES tests to test_suite_pkparse 
Test data generated using openssl:
openssl genpkey -algorithm rsa -out $OUT -$ALG

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-10 19:34:18 +00:00
Ryan Everett
ae0b4bd04c Add more details to comments 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-10 19:19:10 +00:00
Ryan Everett
4cfd6a6bc6 Fix dependencies in pkcs5 aes-128-cbc tests 
These tests do not specify a hash function. This is an optional parameter
with default value hmacWithSHA1, so these test cases are dependant on SHA-1
and not SHA-256

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-10 19:15:45 +00:00
Kusumit Ghoderao
a7c55d5a14 fix depends on condition 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-11 00:43:48 +05:30
Paul Elliott
f149cd1a3a
Merge pull request #8688 from jwinzig-at-hilscher/development 
Fix bug in mbedtls_x509_set_extension
 2024-01-10 16:57:16 +00:00
Kusumit Ghoderao
179f33a1ea add test cases with different hash algs 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:10 +05:30
Kusumit Ghoderao
7d4db631cf add depends on for capacity tests and fix code style 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
f4351c1a61 correct test data 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
83455ebcc0 disable pbkdf2_hmac set max capacity test 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
d3ae165adb Add tests for derive_full for hkdf_extract, hkdf_expand and ecjpake_to_pms 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
1da06da398 Add tests for derive_set_capacity for pbkdf and ecjpake_to_pms 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
604e1cbbe7 Change error status for invalid HKDF alg 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
2c4264bd41 Add hkdf_extract, hkdf_expand and ecjpake_to_pms cases 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
9ffd397e4c Increase input parameter type and buffer size 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
4aa6b36a35 add tests for derive_full and derive_set_capacity 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-01-10 21:49:09 +05:30
Waleed Elmelegy
1487760b55 Change order of checking of record size limit client tests 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
a3bfdea82b Revert "Make sure record size limit is not configured without TLS 1.3" 
This reverts commit 52cac7a3e6782bbf46a76158c9034afad53981a7.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
7ae74b74cc Make sure record size limit is not configured without TLS 1.3 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
e840263f76 Move record size limit testing to tls13 component 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
2fa99b2ddd Add tests for client complying with record size limit 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
f501790ff2 Improve comments across record size limit changes 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
9457e67afd update record size limit tests to be more consistent 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
3a37756496 Improve record size limit tests 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
598ea09dd5 TLS1.3: SRV/CLI: add support for sending Record Size Limit extension 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:27 +00:00
Waleed Elmelegy
47d2946943 tls13: server: write Record Size Limit ext in EncryptedExtensions 
- add the support in library
- update corresponding test cases.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:27 +00:00
Yanray Wang
42017cd4c9 tls13: cli: write Record Size Limit ext in ClientHello 
- add the support in library
- update corresponding test case

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2024-01-10 16:17:27 +00:00
Manuel Pégourié-Gonnard
3eb9025275
Merge pull request #8680 from mpg/ciphers-wrapup 
Driver-only ciphers wrapup
 2024-01-10 12:04:50 +00:00
Paul Elliott
0710ac4ec8 Add ability to exclude mutex from tests 
We need to be able to exclude mbedtls_test_info_mutex() from the normal
tests, as this mutex has to be locked to report mutex errors, and also
reports as leaked, due to where it is initialised / free'd.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-01-09 18:01:58 +00:00
Paul Elliott
65064265c2 Protect test info access with mutex 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-01-09 18:01:58 +00:00
Paul Elliott
c7a1e9936a Move bignum flag for negative zero into test_info 
Add accessors ready for protection with test_info mutex.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-01-09 18:01:58 +00:00
Jonathan Winzig
315c3ca9e5
Add required dependency to the testcase 
Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com>
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
 2024-01-09 18:31:11 +01:00