mbedtls

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	deef905a1c	Update is_builtin_calling_md() for PKCS#1 v2.1 Since https://github.com/Mbed-TLS/mbedtls/pull/6141 it can "fall back" to PSA when MD is not available (but will use MD if available, to preserve backwards compatibility). Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-19 11:02:15 +02:00
Manuel Pégourié-Gonnard	98b91d40d6	RSA PKCS#1 v1.5 no longer depends on MD This has been the case since https://github.com/Mbed-TLS/mbedtls/pull/6065 which forgot to update the documentation, and also is_builtin_calling_md(), so update those. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-19 10:59:30 +02:00
Gabor Mezei	4dceede71b	Fix overly replacement in the documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-18 16:44:17 +02:00
Przemek Stekiel	98b1af4e34	test_suite_debug: adapt dependenies so the test can run in the driver-only build Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-18 14:52:41 +02:00
Janos Follath	7cd1ebe0bb	Merge pull request #6296 from gilles-peskine-arm/test_data_generation-pr_6093_followup Minor fixes to test_data_generation.py	2022-10-18 13:38:28 +01:00
Manuel Pégourié-Gonnard	d92fb01419	Skip bits not needed in outcome-analysis.sh Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-18 12:10:45 +02:00
David Horstmann	3cd67584bc	Improve X509 DN test naming Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-17 17:59:10 +01:00
David Horstmann	d0e3d45e96	Add explanatory comments to raw DER test data Break down the DER-encoded ASN.1 test data into its structure in a comment and explain it, to make it easier to understand where the data came from and how it is corrupted. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-17 17:55:04 +01:00
Gilles Peskine	47da7bfac8	Merge pull request #6434 from gilles-peskine-arm/lmots_import_export_test-memory_leak LMS: Fix memory leak if unit test fails	2022-10-17 17:57:59 +02:00
Gabor Mezei	0c74e084d5	Fix condition Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-17 16:09:58 +02:00
Gilles Peskine	503d09b52d	Fix memory leak if unit test fails Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-17 12:27:43 +02:00
Manuel Pégourié-Gonnard	6c6f04b651	Merge pull request #6419 from mpg/fix-assert-alloc-usage Fix usage of ASSERT_ALLOC()	2022-10-17 12:10:48 +02:00
Gilles Peskine	8874cd570e	Merge pull request #4826 from RcColes/development Add LMS implementation	2022-10-14 18:33:01 +02:00
Gabor Mezei	ffb4aa0ddc	Rename variables to have unambiguous names Use bytes instead of len in the variable names. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-14 16:39:04 +02:00
Gabor Mezei	8bcd7cca94	Use count instead of bytes in ASSERT_ALLOC argument Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-14 16:18:10 +02:00
Manuel Pégourié-Gonnard	b3c30907d6	Merge pull request #6383 from mprse/aead_driver_test Enable testing of AEAD drivers with libtestdriver1	2022-10-14 11:11:01 +02:00
Manuel Pégourié-Gonnard	47b8de834d	Fix usage of ASSERT_ALLOC() The second argument is the number of elements of the type the first argument is pointing to, so we shouldn't be using sizeof there. This was resulting in overly large allocations. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-14 09:35:55 +02:00
Gilles Peskine	fa65237fd4	Fix which config header MBEDTLS_LMS_xxx is unset from Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-13 22:05:38 +02:00
Gilles Peskine	31c2dcb611	Fix file names in reproduction instructions in test data Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-13 20:48:15 +02:00
Gilles Peskine	2875aa7b01	Fix instructions and test data for pyhsslms interop tests The test data was invalid because it had the extra 4-byte prefix for HSS. Regenerate it (which produces completely new signatures since it is randomized). Rearrange the reproduction instructions for the second test case so that it shows more clearly how to generate a second signature with the same private key. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-13 20:45:05 +02:00
Raef Coles	8bccc999d9	Don't mention error type in LMS test comments Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:57:31 +01:00
Raef Coles	6d7d94a821	Use correct export length in LMS export tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:55:46 +01:00
Raef Coles	aa9d52bcdc	Rename LMS private key files to match library name Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:53:40 +01:00
Raef Coles	f8bfe2783b	Remove bad character from LMS test case Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:35:28 +01:00
Raef Coles	d543697092	Fix minor type in LMS test description Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:06:42 +01:00
Raef Coles	a2514f622f	Update pyhsslms test instructions with script Due to tool name conflict hampering data reproduction Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:04:21 +01:00
Raef Coles	ce18e528ff	Rename LMS private key files And remove now-unnecessary modification to check_files.py Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 16:45:05 +01:00
Raef Coles	e4d96b804c	Update LMS and LMOTS test comments Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 16:45:05 +01:00
Raef Coles	493724e3c2	Check correct output size in LMOTS export test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 15:43:07 +01:00
Raef Coles	ed0e4591dc	Add output length test for LMS export too-big test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 15:05:47 +01:00
Ronald Cron	49e4184812	Merge pull request #6299 from xkqian/tls13_add_servername_check Add server name check when proposing pre-share key	2022-10-13 16:00:59 +02:00
Raef Coles	33f7d66304	Add output check to export too-big buffer tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:36 +01:00
Raef Coles	1d88ea870f	Remove unneeded NULL pointer checks in LMS tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:35 +01:00
Raef Coles	d1c1f7f7be	Disable LMS in all.sh tests that lack _WANT_SHA256 Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:31 +01:00
Raef Coles	a21671123a	Remove `sudo pip3` in LM(OT)S tests instructions Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:27 +01:00
Raef Coles	1b43a7448d	Clean up LMS and LMOTS feature dependencies Remove SHA256 dependencies from tests, fix incorrect boolean logic in check_config, and change depends_hashes.pl to disable LMS in one test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:26 +01:00
Raef Coles	6b2c573b3d	And export buffer too large test to LMS and LMOTS Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:24 +01:00
Raef Coles	534f66f3f0	Fix assert arguments in LMS and LMOTS export tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:23 +01:00
Raef Coles	d1c2a80319	Remove duplicated assert from LMOTS tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:21 +01:00
Raef Coles	20d2e06ca4	Add cleanup frees in LMS and LMOTS tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:20 +01:00
Raef Coles	781f7bedb0	Properly mark LMOTS leak test as failed Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:18 +01:00
Raef Coles	d137c86125	Don't skip LMS tests due to out of memory error Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:17 +01:00
Raef Coles	76563399fd	Fix LMS and LMOTS test dependencies Mark them as depending on PSA_WANT_ALG_SHA256 so that test_depends_hashes_psa doesn't fail Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:15 +01:00
Raef Coles	59eb0d0f2b	Fix LMOTS signature leak test dependencies As it requires MBEDTLS_LMS_PRIVATE Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:12 +01:00
Raef Coles	d0c701237a	Replace TEST_ASSERT with TEST_EQUAL in LMS tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:09 +01:00
Raef Coles	f9b8502865	Add LMS import/export negative tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:06 +01:00
Raef Coles	4511055511	Exclude binary LMS keys from file checking Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:05 +01:00
Raef Coles	9fc303a99a	Add extra LMOTS import negative tests And fix failures that are related to the new tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:01 +01:00
Raef Coles	71f554b48f	Use real data for negative LMOTS tests To avoid errors caused by the null public keys and signatures Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:00 +01:00
Raef Coles	66edf6a833	Use hsslms data for LMOTS import/export test Also, test that export fails when the buffer is too small. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:58 +01:00
Raef Coles	8b55ba623e	Source LMOTS data from hsslms So it can be reproduced Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:57 +01:00
Raef Coles	a6b47c0aac	Add LMS hsslms interop tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:55 +01:00
Raef Coles	d6adcb6146	Add negative LMS import/export tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:53 +01:00
Raef Coles	810612e14e	Update LMS and LMOTS to use TEST_EQUAL Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:51 +01:00
Raef Coles	90e13fc3c6	Add repro instructions for LMS test data Add more interop tests, and use real data for the negative tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:49 +01:00
Raef Coles	0dc604ed2b	Change how LMS and LMOTS negative tests work Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:48 +01:00
Raef Coles	7726678b23	Remove debugging code left in LMOTS tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:46 +01:00
Raef Coles	370cc43630	Make LMS public key export part of public key api Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:28 +01:00
Raef Coles	be3bdd8240	Rename LMS and LMOTS init/free functions To match convention Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:18 +01:00
Raef Coles	5127e859d7	Update LMS and LMOTS dependency macros Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:11 +01:00
Raef Coles	b4568c5423	Disable LMS in PSA crypto client test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:07 +01:00
Raef Coles	47bccb7e47	Disable LMS_PRIVATE in all.sh when LMS is disabled Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:06 +01:00
Raef Coles	a7e03adef5	Disable LMS in all.sh when PSA isn't enabled Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:04 +01:00
Raef Coles	98c504373c	Update LMS test description To correct copy-paste error Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:02 +01:00
Raef Coles	40158e11fc	Add LMOTS test hook to header Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:58 +01:00
Raef Coles	9c9027b1a4	Add extra LMS and LMOTS tests NULL-message and LMOTS signature leak tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:50 +01:00
Raef Coles	f5919e2997	Update LMS/LMOTS tests Document tests and source of data, use test RNG, pass more parameters into each test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:43 +01:00
Raef Coles	e9479a0264	Update LMS API to support multiple parameter sets Parameterise macros to allow variation of sizes Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:36 +01:00
Raef Coles	ab4f87413a	Add MBEDTLS_LMS_PRIVATE define To enable private key operations Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:35 +01:00
Raef Coles	01c71a17b3	Update LMS and LMOTS api Fix function names and parameters. Move macros to be more private. Update implementation. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:25 +01:00
Raef Coles	c8f9604d7b	Use PSA hashing for LMS and LMOTS Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:23 +01:00
Raef Coles	7dce69a27a	Make LMOTS a private api Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:22 +01:00
Raef Coles	8ff6df538c	Add LMS implementation Also an LM-OTS implementation as one is required for LMS. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:15 +01:00
Gilles Peskine	0fe6631486	Merge pull request #6291 from gilles-peskine-arm/platform.h-unconditional-3.2 Include platform.h unconditionally	2022-10-13 10:19:22 +02:00
Przemek Stekiel	072fad12d9	Disable MBEDTLS_SSL_TICKET_C in aead driver test. MBEDTLS_SSL_TICKET_C depends now on: MBEDTLS_GCM_C \|\| MBEDTLS_CCM_C \|\| MBEDTLS_CHACHAPOLY_C. All features are disabled in this config. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-13 09:59:52 +02:00
Manuel Pégourié-Gonnard	2aa5af9bec	Merge pull request #6403 from mpg/print-failed-suites Print the list of failed suites in verbose mode	2022-10-13 09:59:45 +02:00
Xiaokang Qian	ed0620cb13	Refine code base on comments Move code to proper macro guards protection Fix typo issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00
Xiaokang Qian	2f9efd3038	Address comments base on review Change function name to ssl_session_set_hostname() Remove hostname_len Change hostname to c_string Update test cases to multi session tickets Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:49 +00:00
Xiaokang Qian	adf84a4a8c	Remove public api mbedtls_ssl_reset_hostname() Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:05:11 +00:00
Xiaokang Qian	281fd1bdd8	Add server name check when proposeing pre-share key Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:03:41 +00:00
Gilles Peskine	8fd3254cfc	Merge pull request #6374 from mprse/enc_types Test TLS 1.2 builds with each encryption type	2022-10-12 12:45:50 +02:00
Ronald Cron	78317c832b	Merge pull request #6327 from yuhaoth/pr/tls13-psk-after-session-tickets TLS 1.3: PSK and NewSessionTicket: Add support for sending PSK and Ticket together.	2022-10-12 12:39:51 +02:00
Przemek Stekiel	ee1bb4145f	Make sure that disabled features are not included in image and fix test config Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-12 10:15:59 +02:00
Gilles Peskine	fcee740b83	Automatically enable PK_PARSE for RSA in PSA PSA crypto currently needs MBEDTLS_PK_PARSE_C to parse RSA keys to do almost anything with them (import, get attributes, export public from private, any cryptographic operations). Force it on, for symmetry with what we're doing for MBEDTLS_PK_WRITE_C. Fixes #6409. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 21:15:24 +02:00
Gilles Peskine	aef1ba679d	Add build with a typical configuration for a PSA crypto service Disable non-crypto features that can't be called through the PSA API, as well as algorithms that have no PSA interface. This serves as a non-regression test for #6408 and #6409. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 21:09:21 +02:00
Gilles Peskine	58e5d804ee	test_suite_pk: Add missing dependencies on MBEDTLS_PEM_PARSE_C Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 20:57:38 +02:00
Gilles Peskine	d23d8dee24	test_suite_dhm: Add missing dependencies on MBEDTLS_PEM_PARSE_C Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 20:57:21 +02:00
Gilles Peskine	9624a5932e	Add mbedtls_dhm_parse_dhmfile test case with DER input dh.optlen.der is the result of converting dh.optlen.pem from PEM to DER. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 20:52:34 +02:00
Jerry Yu	c2bfaf00d9	fix wrong typo Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-11 18:07:19 +08:00
Manuel Pégourié-Gonnard	ac6c67053d	Print the list of failed suites in verbose mode In verbose mode, the full output of each failing suite is printed out, which for some suites runs in the 1000s of lines. If you didn't redirect output to a file, this is a lot to scroll and can make it hard to quickly identify which test suites failed. So, let's print out that information at the end. This is useful information for starting to figure out what went wrong. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-11 10:48:32 +02:00
Gilles Peskine	b50e433b66	Test mbedtls_mpi_core_bitlen Copy the test data for mbedtls_mpi_bitlen except for 0-length and negative cases. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Gilles Peskine	e943283f2f	More mbedtls_mpi_bitlen test cases * with leading zero limb * with trailing zero limb * negative Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Gilles Peskine	24baa81043	Improve mbedtls_mpi_bitlen test descriptions Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Gilles Peskine	c5772a194e	mbedtls_test_read_mpi_core: allow odd number of hex digits Test functions must now take a char* argument rather than data_t*. This does not affect existing test data. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Janos Follath	1b5c85c75b	Merge pull request #6386 from gilles-peskine-arm/bignum-mbedtls_test_read_mpi_core Introduce mbedtls_test_read_mpi_core	2022-10-10 15:14:46 +01:00
Jerry Yu	03aa174d7c	Improve test message and title Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-10 21:48:37 +08:00
Gabor Mezei	44ba2f6db9	Add more test cases Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 15:32:12 +02:00
Gabor Mezei	a67a1a3ebc	Remove the 'is_fail' parameter from the test functions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 15:25:59 +02:00
Gabor Mezei	d71eb0c3ac	Use better test macro Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 13:09:04 +02:00
Gabor Mezei	d6441da4c5	Remove redundant memory initialization When memory is allocated it is also initialized with 0. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 13:05:16 +02:00
Gabor Mezei	251cb632f1	Remove unused macro definition Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 13:02:21 +02:00
Przemek Stekiel	52a428b824	Fix MBEDTLS_SSL_TICKET_C, MBEDTLS_SSL_SESSION_TICKETS dependencies Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-10 11:23:18 +02:00
Przemek Stekiel	42bb3ff40b	Adapt expected results in ChaCha20-Poly1305 ( invalid tag length) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-10 07:28:40 +02:00
Jerry Yu	63b06ea06e	Update test cases Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-08 14:56:38 +08:00
Jerry Yu	25ab654781	Add dummy ticket support Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-07 10:11:05 +08:00
Jerry Yu	8897c07075	Add server only guards for psk callback Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-07 10:11:05 +08:00
Przemek Stekiel	c1ceae4848	crypto_config_test_driver_extension.h: add support for ChaCha20 - Poly1305 This is done to have LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 defined in libtestdriver1. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-06 16:53:47 +02:00
David Horstmann	db73d3b149	Add mbedtls_x509_get_name memory leak unit test Introduce a unit test to test mbedtls_x509_get_name() and add a testcase with a corrupt DER-encoded name that causes mbedtls_x509_get_name() to have to cleanup things it is allocated. If it fails to do this, a memory leak is detected under Asan builds. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-05 13:09:57 +01:00
Gilles Peskine	99a82dce74	Readability improvement Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-05 11:20:56 +02:00
Gilles Peskine	80ca44f33c	Merge pull request #6325 from gabor-mezei-arm/6308_missing_initialization_in_test Add initialization for structures in test	2022-10-05 11:09:35 +02:00
Gilles Peskine	22514eb99b	Fix typo in documentation Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-04 15:09:53 +02:00
Gabor Mezei	8fcde5bb8e	Remove duplicate test case Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-04 13:53:33 +02:00
Gabor Mezei	02e5d439db	Add more tests for cond_assign/swap functions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-03 16:45:11 +02:00
Gabor Mezei	6546a6cc03	Rewrite tests for cond_assign/swap The cond_swap and cond_assign test functions now requires the same limb size for the MPI parameters. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-03 14:56:51 +02:00
Przemek Stekiel	6a5cc74cc4	Fix typos and comments Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-03 09:04:16 +02:00
Przemek Stekiel	bd99a0221b	test_driver_aead.c: add support for LIBTESTDRIVER1 tests Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-02 21:01:23 +02:00
Przemek Stekiel	e290f2ea14	all.sh: add testing of AEAD drivers with libtestdriver1 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-02 20:58:39 +02:00
Gilles Peskine	5bbdfce44c	Streamline mbedtls_mpi_core_lt_ct unit test Use mbedtls_test_read_mpi_core() to read the test data. Among other benefits, X and Y are now allocated to their exact size, so analyzers (Asan, Valgrind, Coverity, ...) have a chance of complaining if the tested function overflows the buffer. Remove TEST_CF_PUBLIC calls which are no longer necessary. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:53:04 +02:00
Gilles Peskine	3aae4e815e	New function mbedtls_test_read_mpi_core Allocate and read an MPI from a binary test argument. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:51:41 +02:00
Gilles Peskine	571576fc5c	Move the definition of data_t to a header file This way it can be used in helper functions. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:51:41 +02:00
Gilles Peskine	bdc7b8bb6a	Allow test assertions on constant-flow scalar data When testing a function that is supposed to be constant-flow, we declare the inputs as constant-flow secrets with TEST_CF_SECRET. The result of such a function is itself a constant-flow secret, so it can't be tested with comparison operators. In TEST_EQUAL, TEST_LE_U and TEST_LE_S, declare the values to be compared as public. This way, test code doesn't need to explicitly declare results as public if they're only used by one of these macros. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:51:41 +02:00
Gilles Peskine	97483b0fd4	Remove incorrect comment This comment (which used to be attached to the implementation, and should not have been moved to the header file) is incorrect: the library function mbedtls_mpi_read_string preserves leading zeros as desired, but does not create a zero-limb object for an empty string. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:51:41 +02:00
Gabor Mezei	ec5685f1ee	Use exact-size buffers for inputs and outputs to library functions in tests Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 14:48:54 +02:00
Gabor Mezei	f5ca726ce1	Rename variables to match bettr to its purpose The length in bytes is used with the 'len' prefix and the length in limbs is used with the 'limbs' prefix. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 14:35:42 +02:00
Gabor Mezei	8b05e3b148	Add memory freeing Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:41 +02:00
Gabor Mezei	a7584888da	Use exact-size buffers for inputs and outputs to library functions in tests Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:41 +02:00
Gabor Mezei	821d15107b	Check true and false condition in the same test case Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:41 +02:00
Gabor Mezei	3eff425b1a	Use only one limb parameter for assign Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:40 +02:00
Gabor Mezei	027d696434	Remove unused code Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:40 +02:00
Gabor Mezei	b2763ef507	Do not read uninitialized memory Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:40 +02:00
Gabor Mezei	cfc0eb8d22	Remove unused parameter Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:39 +02:00
Gabor Mezei	53e455db7b	Remove return value checking from test functions of assign and swap Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:39 +02:00
Gabor Mezei	b27b1c5db0	Add tests for conditional assign and swap functions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:30 +02:00
Gilles Peskine	845de0898e	Merge pull request #6083 from tom-cosgrove-arm/issue-6015-montgomery-multiplication Montgomery multiplication from bignum prototype	2022-09-30 10:35:21 +02:00
Tom Cosgrove	4386ead662	Correct the aliasing requirements in doc for mbedtls_mpi_core_montmul(), and test them Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-29 14:40:21 +01:00
Przemek Stekiel	48a6a666a0	Add ssl-opt tls 1.2 tests for single cipher builds Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-29 15:29:33 +02:00
Przemek Stekiel	8d4b241028	Remove redundant indirect dependencies after optimizing setup for one cipher components Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-29 10:13:40 +02:00
Przemek Stekiel	a891a091a3	test_suite_cmac.data: fix bug: use cipher type instead cipher id Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-29 09:53:20 +02:00
Przemek Stekiel	68db0d2f67	Optimize one cipher only components and adapt nemes Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-29 08:32:25 +02:00
Ronald Cron	77c691f099	Merge pull request #6194 from xkqian/tls13_add_psk_client_cases TLS 1.3: Add PSK client cases	2022-09-28 17:08:06 +02:00
Przemek Stekiel	0cc3466c9e	Change testing strategy to default + one cypher only (psa/no psa) In full config TLS 1.2 is disabled. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 12:06:57 +02:00
Przemek Stekiel	b0de1c040b	Add components to build and test default/full config with legacy-ccm cipher only Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 11:15:16 +02:00
Przemek Stekiel	9550c05757	Add component to build and test full config with stream cipher only Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 09:51:55 +02:00
Xiaokang Qian	a70bd9108a	Fix the description of psk client cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-28 07:50:13 +00:00
Manuel Pégourié-Gonnard	e3358e14b2	Merge pull request #6051 from mprse/permissions_2b_v2 Permissions 2b: TLS 1.3 sigalg selection	2022-09-28 09:50:04 +02:00
Manuel Pégourié-Gonnard	f3f9e450b6	Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2 Ad-hoc KDF for EC J-PAKE in TLS 1.2	2022-09-28 09:47:32 +02:00
Przemek Stekiel	d582a01073	Make MBEDTLS_SSL_CONTEXT_SERIALIZATION dependent on AEAD Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 07:59:01 +02:00
Xiaokang Qian	ca343ae280	Improve message logs and test cases description in psk Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-28 02:07:54 +00:00
Gabor Mezei	0bb138241b	Add initialization for structures Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-27 18:48:44 +02:00
Przemek Stekiel	6f29a6c4b4	test_suite_cipher.function: always include aes.h It is done to have MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH macro available (used in tests) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-27 15:04:14 +02:00
Przemek Stekiel	a82290b727	Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions Both functions are calling mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions. These functions are guarded with MBEDTLS_CIPHER_MODE_AEAD \|\| MBEDTLS_NIST_KW_C flags - make it consistent. As a result ssl_server2 won't build now with MBEDTLS_SSL_SESSION_TICKETS enabled (mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions not available). Mark MBEDTLS_SSL_SESSION_TICKETS as dependent on MBEDTLS_CIPHER_MODE_AEAD \|\| MBEDTLS_NIST_KW_C and disable MBEDTLS_SSL_SESSION_TICKETS in stream cipher only build. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-27 15:04:14 +02:00
Przemek Stekiel	11c362a050	Add component to build and test default config with stream cipher only Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-27 15:04:08 +02:00
Xiaokang Qian	9c172042b6	Change cases description base on comments Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-27 11:41:50 +00:00
Xiaokang Qian	e12d30d751	Move psk related cases into tls13-kex-modes.sh Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-27 11:34:14 +00:00
Andrzej Kurek	3539f2c90b	Improve readability in ecjpake tests Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-26 10:56:02 -04:00
Xiaokang Qian	954d5769ef	PSK: change descriptions base on comments Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-26 08:40:10 +00:00
Xiaokang Qian	ac8195f4f7	Fix wrongly kex mode fallback issue in psk cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-26 06:31:58 +00:00
Gilles Peskine	12a1e85caa	Merge pull request #6138 from Zaya-dyno/validation_remove_change_key_agree Validation remove change key agree	2022-09-23 17:04:20 +02:00
Gilles Peskine	f70f4ead7f	Merge pull request #6248 from gilles-peskine-arm/all-sh-force-3.2 Fix all.sh --force	2022-09-23 17:04:00 +02:00
Gilles Peskine	87953f228f	Merge pull request #6091 from Zaya-dyno/validation_remove_change_pk Validation remove change pk	2022-09-23 17:03:30 +02:00
Paul Elliott	2c282c9bd0	Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.	2022-09-23 15:48:33 +01:00
Gabor Mezei	f29c2a5313	Add initialization for structures Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-23 15:25:27 +02:00
Xiaokang Qian	210727f3b1	Skip some psk cases cause wrong fallback to ephemeral Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 07:25:40 +00:00
Xiaokang Qian	dea2cbe199	Fix various test issues in psk m->m cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	658204c71e	Remove negative test cases for m->O and m->G Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	8939930b82	Rebase and fix some test failures Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	cffb18cee7	Fix various issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	8f7d7c7aaf	Address comments about description of psk cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	edc35e7ffd	Refine the psk test cases for m->G Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	2efece22a0	Refine the psk test cases for m->O Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	3cbbbbcb08	Shorten the description in psk m->m test cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	d7dcc4274b	Unified the test title of psk cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	2aaf1c1d74	Re-work psk test cases against openssl and gnutls Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	8e76e1de21	Add m->m cases with client be set to psk_all or all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	ca48dddf62	Add m->m with client be set to ephemeral or ephemeral_all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	198cefd1fa	Add force_version tls13 to the psk test cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	f9b694ba8f	Add m->m cases with client be set to psk and psk_ephemeral mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	e0cc584f70	Change result strings based on actula psk test result Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	df6a3891e8	Add client psk test cases for all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	a39d0d5e2b	Add client test cases for ephemeral_all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	01173c21b1	Add client test cases for ephemeral mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	ff5705bdd7	Add client test cases for psk_ephemeral mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	73894232e8	Add client test cases for psk_all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	cf6442e2e4	Add client test cases for psk mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:30 +00:00
XiaokangQian	335cfaadf9	Finalize client side code for psk Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-09-23 01:48:26 +00:00
Gilles Peskine	07ba2be20b	Merge pull request #6304 from yuhaoth/pr/exclude-pre_shared_key-from-hrr-msg TLS 1.3: PSK: Exclude pre_shared_key for HRR	2022-09-22 10:21:06 +02:00
Manuel Pégourié-Gonnard	1475ac49a4	Merge pull request #6107 from Zaya-dyno/validation_remove_change_hash Validation remove change hash	2022-09-22 09:24:44 +02:00
Manuel Pégourié-Gonnard	d5c82fb821	Merge pull request #6085 from Zaya-dyno/validation_remove_change_cipher Validation remove and change in files related to cipher in library	2022-09-22 09:10:13 +02:00
Jerry Yu	9370612312	remove certificate setting from psk_ephemeral HRR test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-21 22:44:24 +08:00
Tom Cosgrove	119eae2e51	Update names of test cases in generate_bignum_tests.py Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-21 12:19:18 +01:00
Tom Cosgrove	c573882674	Merge remote-tracking branch 'upstream/development' into issue-6015-montgomery-multiplication	2022-09-21 12:08:43 +01:00
Manuel Pégourié-Gonnard	d433cd7d07	Merge pull request #6283 from mpg/driver-only-hashes-wrap-up Driver only hashes wrap-up	2022-09-21 08:29:46 +02:00
Jerry Yu	2db49df44b	Add psk_ephemeral HRR tests Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-21 11:03:28 +08:00
Dave Rodgman	36e1d9ef1d	Merge pull request #6203 from wernerlewis/ecp_group_test Add test for ECP group metadata	2022-09-20 17:35:53 +01:00
Ronald Cron	50969e3af5	ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 15:57:57 +02:00
Tom Cosgrove	b0b77e1b13	Document and test aliasing of the bignums given to mbedtls_mpi_core_mla() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-20 13:33:40 +01:00
Ronald Cron	277cdcbcde	ssl-opt.sh: tls13 opaque key: Enable client authentication Enable client authentication in TLS 1.3 opaque key tests to use the opaque key on client side. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00
Ronald Cron	e3196d270c	ssl-opt.sh: tls13 opaque key: Do not force version on client side Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00
Ronald Cron	6ec2123bf3	ssl-opt.sh: Align prefix of TLS 1.3 opaque key tests Align prefix of TLS 1.3 opaque key tests with the prefix of the othe TLS 1.3 tests. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00
Ronald Cron	067a1e735e	tls13: Try reasonable sig alg for CertificateVerify signature Instead of fully validating beforehand signature algorithms with regards to the private key, do minimum validation and then just try to compute the signature. If it fails try another reasonable algorithm if any. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00

... 2 3 4 5 6 ...

7546 commits