Gilles Peskine
e2a9f86755
Merge pull request #6971 from gabor-mezei-arm/6026_Secp192r1_fast_reduction
...
Extract Secp192r1 fast reduction from the prototype
2023-02-15 16:22:36 +01:00
Valerio Setti
5dc6867f7e
test: don't skip debug and ssl suites in test parity for driver only ECDSA
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 15:35:37 +01:00
Manuel Pégourié-Gonnard
d3d8c852a0
Merge pull request #6997 from valeriosetti/issue6858
...
driver-only ECDSA: get testing parity in X.509
2023-02-13 15:30:06 +01:00
Gabor Mezei
a9d82dd0a2
Keep the description in one place, just refer it
...
Delete the duplicated file description and refer to the original one
in generate_bignum_tests.py.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-13 14:10:23 +01:00
Gilles Peskine
b009559c8f
Merge pull request #7049 from KloolK/typos
...
Fix typos
2023-02-10 15:07:07 +01:00
Dave Rodgman
a22749e749
Merge pull request #6816 from nick-child-ibm/pkcs7_coverage
...
Pkcs7 coverage
2023-02-10 12:55:29 +00:00
Dave Rodgman
4f70b3cdb4
Fix pylint warning
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-08 16:40:40 +00:00
Nick Child
c7c94df715
pkcs7/test: Format generate test script
...
Adhere to syntax and format recommendations
from check-python-files.py
Signed-off-by: Nick Child <nick.child@ibm.com>
2023-02-08 15:38:48 +00:00
Valerio Setti
40df83509b
all.sh: fix comment for test_psa_crypto_config_accel_ecdsa_use_psa
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-08 13:52:31 +01:00
Valerio Setti
b9dc2513c1
test: add SHA1 to the supported algs in accelerated ECDSA
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-08 13:52:31 +01:00
Valerio Setti
c8801b7ef1
test: x509: remove disparities in driver only testing for ECDSA
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-08 13:52:31 +01:00
Manuel Pégourié-Gonnard
9cb1aa21c4
Merge pull request #6970 from valeriosetti/issue6857
...
driver-only ECDSA: get testing parity in PK
2023-02-08 13:33:15 +01:00
Gilles Peskine
a0c806aac1
Merge pull request #7003 from lpy4105/issue/do-not-run-x86-tests-on-arm64
...
all.sh: test_m32_xx is not supported on arm64 host
2023-02-07 10:26:10 +01:00
Valerio Setti
bf74f52920
test: add a comment specifying why restartable cannot be tested
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-07 08:02:23 +01:00
Valerio Setti
4e0278d710
test: ECDSA driver only: disable ECP_RESTARTABLE
...
This is not yet supported in driver only implementation
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-07 08:02:23 +01:00
Valerio Setti
4e26df99aa
test: ECDSA driver_only: verify disparities in PK
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-07 08:02:23 +01:00
Jan Bruckner
1aabe5c4d7
Fix typos
...
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2023-02-06 12:54:53 +01:00
Nick Child
6291cc2444
pkcs7/test: Remove f strings in generator script
...
MbedTLS CI uses python v3.5, f strings are not supported
until v3.6 . Remove f string's from generate_pkcs7_tests.py.
Signed-off-by: Nick Child <nick.child@ibm.com>
2023-02-03 20:33:12 +00:00
Gilles Peskine
753ad17a41
Merge pull request #6982 from aditya-deshpande-arm/check-files-characters
...
check_files.py: Allow specific Box Drawing characters to be used
2023-02-03 11:46:06 +01:00
Gilles Peskine
e2db23d741
Merge pull request #6902 from yanrayw/6651-enable-cipher-suite-names-consistent
...
compat.sh: report and filter cipher suite names consistently
2023-02-03 11:38:31 +01:00
Manuel Pégourié-Gonnard
d56def5c30
Merge pull request #6946 from valeriosetti/issue6856
...
driver-only ECDSA: fix testing disparities in ecp, random, se_driver_hal
2023-02-03 08:51:04 +01:00
Valerio Setti
00c1ccb08c
depends.py: fix typo and slightly reorganized code
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-02 11:33:31 +01:00
Aditya Deshpande
ebb2269f68
Allow whole Box Drawings range
...
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2023-02-01 13:30:26 +00:00
Pengyu Lv
c92df3ba59
all.sh: test_m32_xx is not supported on arm64 host
...
test_m32_xxx tests are x86 specific, but the support
function only identifies a 64-bit system. So the tests
will be run on arm64 host and cause a test failure.
This change restricts those tests to amd64/x86_64
only.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-02-01 10:50:50 +08:00
Gabor Mezei
95ecaaf56d
Add test generation support for the ecp module
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-01-31 14:40:05 +01:00
Nick Child
4983ddf747
test/pkcs7: Add more tests for better coverage
...
Add test calls to raw asn1 data with slight syntatical errors
Increases %branches covered from 70.4% to 87.7%.
Add a script which serves as documentation for how these new test
cases were generated:
./generate_pkcs7_tests.py ../data_files/pkcs7_data_cert_signed_sha256.der
./generate_pkcs7_tests.py ../data_files/pkcs7_data_multiple_signed.der
Signed-off-by: Nick Child <nick.child@ibm.com>
2023-01-30 15:55:44 +00:00
Aditya Deshpande
15b6dd0fb4
Modify comments to make them more inclusive
...
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2023-01-30 13:46:58 +00:00
Aditya Deshpande
ea637081dd
Allow specific Box Drawing UTF characters that are used in Markdown trees in check_files.py
...
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2023-01-30 13:19:32 +00:00
Manuel Pégourié-Gonnard
aae61257d1
Merge pull request #6883 from valeriosetti/issue6843
...
Improve X.509 cert writing serial number management
2023-01-30 13:08:57 +01:00
Manuel Pégourié-Gonnard
e28397a376
Merge pull request #6938 from aditya-deshpande-arm/check-names-exclusions
...
check_names.py: Compare identifiers in excluded files against symbols parsed by nm
2023-01-30 09:21:58 +01:00
Manuel Pégourié-Gonnard
169d9e6eb4
Merge pull request #6802 from gilles-peskine-arm/test_suite_psa_crypto_metadata-20221215
...
Add metadata tests for CCM* and TLS1.2-ECJPAKE-to-PMS
2023-01-27 10:05:00 +01:00
Gilles Peskine
47aab850da
Batch cipher translations to go faster
...
Python has a high startup cost, so go back to invoking it only once per
server start, rather than once per client start. This is a measurable
performance improvement (running time ~*0.5 with PSK, less dramatic with
asymmetric crypto).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-26 21:45:45 +01:00
Valerio Setti
9cb0f7a423
test: driver-only: fix disparities in random
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-25 11:49:11 +01:00
Valerio Setti
3002c99247
test: extend analyze_outcomes.py in order to skip only some test in a suite
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-25 11:49:00 +01:00
Valerio Setti
7e57920511
test: driver-only: fix disparities in psa_crypto_se_driver_hal
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-25 11:30:46 +01:00
Valerio Setti
4682948c1e
test: driver-only: fix disparities in ECP
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-01-25 11:30:31 +01:00
David Horstmann
f0c75796be
Fix a missing type hint warning
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-24 18:53:15 +00:00
Manuel Pégourié-Gonnard
00d3e96042
Merge pull request #6855 from mpg/driver-only-ecdsa-starter
...
Driver-only ECDSA starter
2023-01-24 13:06:17 +01:00
Manuel Pégourié-Gonnard
4455fd2449
Merge pull request #6531 from AndrzejKurek/depends-py-kex-fixes
...
Depends.py - add exclusive domain tests to key exchange testing
2023-01-24 09:32:05 +01:00
Manuel Pégourié-Gonnard
d84902f4ef
Add issue numbers to TODO comments
...
In the python script I didn't use the word TODO because pylint doesn't
like that, but morally it's the same.
I removed the comment about "do we need a subset of compat.sh?" because
it turns out that `ssl-opt.sh` is already exercising all the key
exchanges:
% sed -n 's/.*force_ciphersuite=TLS-\([^ ]*\)-WITH.*/\1/p' tests/ssl-opt.sh | sort -u
DHE-PSK
DHE-RSA
ECDH-ECDSA
ECDHE-ECDSA
ECDHE-PSK
ECDHE-RSA
ECJPAKE
PSK
RSA
RSA-PSK
(the only omission is ECDH-RSA which is not of interest here and does
not actually differ from ECDH-ECDSA). So, we don't need a subset of
compat.sh because we're already getting enough testing from ssl-opt.sh
(not to mention test_suite_ssl).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-01-23 13:03:13 +01:00
Manuel Pégourié-Gonnard
bc19a0b0d8
Fix missing SHA-224 in test driver build
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-01-23 12:54:24 +01:00
Manuel Pégourié-Gonnard
5a2e02635a
Improve a few comments & documentation
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-01-23 12:51:52 +01:00
Andrzej Kurek
98682b50a4
Remove obsolete comment from depends.py
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-01-23 06:16:23 -05:00
Dave Rodgman
1a034dcc20
Add regression test
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-20 13:18:05 +00:00
Gilles Peskine
bba2630549
Add ECJPAKE secret input types to psa/crypto_config.h
...
Add PSA_WANT_KEY_TYPE_PASSWORD and PSA_WANT_KEY_TYPE_PASSWORD_HASH to
psa/crypto_config.h, since the types PSA_KEY_TYPE_PASSWORD and
PSA_KEY_TYPE_PASSWORD_HASH are used by ECJPAKE.
The two key types are always enabled, like PSA_KEY_TYPE_DERIVE.
Add the key types to the metadata test suite as well.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-19 12:11:19 +01:00
Gilles Peskine
cafda872f3
Fix documentation
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-19 12:11:18 +01:00
Gilles Peskine
0e9e4422ab
NotSupported is specifically about key types
...
Rename NotSupported to KeyTypeNotSupported, because it's only about testing
key management. For algorithms, not-supported is handled by OpFail.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-19 12:11:17 +01:00
Andrzej Kurek
1ff7336e2c
depends.py: enable key exchange tests
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-01-17 10:38:10 -05:00
Yanray Wang
ee97f05d35
Translate cipher suite names based on standard naming convention
...
With this commit, translate_ciphers.py would be based on standard
cipher suite names instead of MbedTLS naming convention.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-01-17 14:56:37 +08:00
Aditya Deshpande
0584df4131
Minor changes to account for CodeParser.parse_identifiers being used in list_internal_identifiers.py
...
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2023-01-16 16:36:31 +00:00