Commit graph

357 commits

Author SHA1 Message Date
Dave Rodgman
92011eef34
Merge pull request #6717 from tom-cosgrove-arm/fix-typos-2212
Fix typos prior to release
2022-12-06 15:00:34 +00:00
Tom Cosgrove
21d459d26a Add type annotations
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-06 12:36:00 +00:00
Tom Cosgrove
c240600f24 Separate out to_montgomery and from_montgomery for bignum tests
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-06 12:20:43 +00:00
Werner Lewis
93a31c9efd Re-enable pylint unused warnings
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-12-06 11:55:32 +00:00
Werner Lewis
e1b6b7c0ac Implement mbedtls_mpi_mod_add()
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-12-06 11:55:32 +00:00
Tom Cosgrove
ecda186893 Require input to mbedtls_mpi_core_exp_mod() to already be in Montgomery form
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-06 10:46:30 +00:00
Tom Cosgrove
f51f972d67 Apply review comments
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-05 15:47:40 +00:00
Tom Cosgrove
1797b05602 Fix typos prior to release
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-04 17:19:59 +00:00
Tom Cosgrove
62b20488f1 Implement mbedtls_mpi_mod_sub()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-01 14:27:37 +00:00
Werner Lewis
cff7578822 Add imports to bignum_mod
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-11-30 16:34:07 +00:00
Gilles Peskine
edaa17b350
Merge pull request #6547 from yanesca/extract_mod_exp_from_prototype
Bignum: Extract mod exp from prototype
2022-11-29 21:40:07 +01:00
Janos Follath
590ae5363d
Merge pull request #6656 from tom-cosgrove-arm/bignum_pr_6225-updated
Bignum: add mod_raw_add
2022-11-25 17:53:31 +00:00
Tom Cosgrove
50fc127a4e Change order of test arguments for bignum_mod_raw to simplify Python script
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-24 21:29:23 +00:00
Tom Cosgrove
1923009cdb Add test generation for mbedtls_mpi_mod_raw_add()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-24 16:22:43 +00:00
Gabor Mezei
6b3c0c5943
Update the test case generator
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 16:45:05 +01:00
Gabor Mezei
c426d9b6cc
Add generated test for low level subtraction with modulus
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 14:44:13 +01:00
Janos Follath
43d3de4977 Make pylint happy
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-22 21:50:22 +00:00
Janos Follath
05867cb036 mpi_core_exp_mod: add generated tests
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-22 21:37:10 +00:00
Tom Cosgrove
d66d5b2fef Add unit tests for mbedtls_mpi_core_sub_int(), MPI A - scalar b
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-22 15:07:31 +00:00
Janos Follath
f352c67bc3 Bignum tests: use default dataset in mod_raw
While at it, flatten class hierarchy as well.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:15 +00:00
Janos Follath
f45797652f Bignum tests: set unique combinations off by default
Normally we need all the combinations, unique combinations make sense
only if the operation is commutative.

No changes to generated tests.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
76c21bd242 Bignum tests: flatten class hierarchy in _core
There is no semantic changes to the generated tests, the order of the
test blocks has changed.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
be5e7aea7c Bignum tests: remove deprecated dataset
Remove old dataset that was overriding the defaults in bignum_core. This
will change the datasets for core_sub and core_add to the default
inherited from bignum_common.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
dac44e6021 Bignum tests: add default datasets
Add data for small values, 192 bit and 1024 bit values, primes,
non-primes odd, even, and some typical corner cases.

All subclasses override this for the time being so there are no changes
to the test cases.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
b2a850c746 Bignum Tests: add test data
The goal of this commit is to add some constants that can be used to
define datasets and add test data in a more readable and reusable
manner.

All platforms using ECC need to support calculations with at least 192
bits, therefore constants for this length are added. We are not using a
curve prime as those will be tested elsewhere and it is better not to
play favourites.

All platforms using RSA or FFDH need to support calculations with at
least 1024 bits, therefore numbers of this size are added too.

A safe prime is added for both sizes as it makes all elements generators
(except 0 and 1 of course), which in turn makes some tests more
effective.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
a36e430251 Bignum tests: add support for fixed width input
Only fixed width input_style uses the default value of the bits_in_limb
parameter, so set it to 32 in order to have less leading zeroes.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
8ae7a657ac Bignum tests: improve mod descriptions
There are no semantic changes to the generated tests.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
284672ccfb Bignum tests: complete support for unary operators
There are no intended changes to generated tests. (The ordering of tests
in the mod_raw module has changed.)

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
435b305a49 Bignum tests: add special cases to mod
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
98edf21bb4 Bignum test: remove type restrictrion
The special case list type depends on the arity and the subclass. Remove
type restriction to make defining special case lists more flexible and natural.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
c4fca5de3e Bignum tests: automate modulo test object generation
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
939621f8ed Bignum tests: add support for filtering
Sometimes we don't want all possible combinations of the input data and
sometimes not all combinations make sense. We are adding a convenient
way to decide on a case by case basis. Now child classes only need to
implement the is_valid method and the invalid cases will be filtered out
automatically.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
1921fd585c Bignum tests: use arity in bignum_mod_raw
This makes a couple of properties redundant which are cleaned up.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
a36a3d36b5 Bignum tests: add arity
Add the ability to control the number of operands, by setting the arity
class attribute.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
abfca8f938 Bignum tests: make n an attribute
Having int_ variants as an attribute has the advantage of the input
being validated when the object is instantiated. In theory otherwise if
a particular int_ attribute is not accessed, then the invalid argument
is passed to the tests as it is. (This would in all likelihood detected
by the actual test cases, still, it is more robust like this.)

There are no semantic changes to the generated test cases. (The order
of appearance of 64 and 32 bit mpi_core_add_and_add_if test cases has
changed.)

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
4c59d35e00 Bignum tests: make args use input_style
Before arg_ attributes were the arguments as they were defined in the
python script. Turning these into properties and having them take the
form respect the style set in input_style makes the class easier to use
and more consistent.

This change makes the hex_ properties redundant and therefore they are
removed.

There are no semantic changes to the generated test cases. (The order
of appearance of 64 and 32 bit mpi_core_add_and_add_if test cases has
changed.)

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
6fa3f0653a Bignum Tests: remove OperationCommonArchSplit
The ArchSplit functionality was duplicated and moved to OperationCommon
from the other copy. The remnants of the functionality is moved to the
only subclass using this.

There is no semantic change to the generated tests. The order has
changed however: core_add tests have been moved before core_mla tests
and the order of the 64 and 32 bit versions have been swapped.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
b41ab926b2 Bignum Tests: move properties to superclass
Move properties that are needed in several children to the superclass.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
155ad8c297 Bignum Tests: remove ModOperationCommonArchSplit
The functionality of ModOperationCommonArchSplit is needed in several
subclasses, therefore moving it to a superclass.

There is another, redundant ArchSplit class, which will be removed in a
later commit.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
948afcecb9 Bignum Tests: move ModOperationArchSplit to common
The class BignumModRawOperationArchSplit has functionality that are
needed in other modules, therefore moving it to bignum_common.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
5b1dbb4cbc Bignum Tests: Move ModOperation to common
The class BignumModRawOperation implements functionality that are needed
in other modules, therefore we move it to common.

No intended changes to test cases. The order of add_and_add_if and sub tests
have been switched.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
351e6885f5 Make pylint happy
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
3aeb60add6 Bignum test: move archsplit to superclass
We need arch split tests in different modules, moving it to the common
module makes it reusable.

No intended changes in the generated tests. (The position of the
core_add_if tests changed, but they are still all there.)

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:13 +00:00
Janos Follath
87df373e0e Bignum test: Move identical function to superclass
No intended change in generated test cases.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:13 +00:00
Janos Follath
0cd8967ba1 Split test generator base class
The class BaseTarget served two purposes:
- track test cases and target files for generation
- provide an abstract base class for individual test groups

Splitting these allows decoupling these two and to have further common
superclasses across targets.

No intended change in generated test cases.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:13 +00:00
Gilles Peskine
b9b9026c53 Pacify pylint
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-15 20:49:43 +01:00
Gilles Peskine
35af02171d Add negative zero as an input to automatically generated tests
Although negative zero is officially unsupported, we've had bugs related to
it in the past. So do test functions with a negative zero input.

There will likely be cases where we don't want to accept negative zero as if
it was valid, because it's too hard to handle. We'll add exceptions on a
case by case basis.

For the functions that are currently tested by the generated tests, the new
test cases pass.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-15 20:47:07 +01:00
Gilles Peskine
4cbbfd8d4e For binary operations, test both x op y and y op x
This exposes a bug in mbedtls_mpi_add_mpi() and mbedtls_mpi_sub_mpi() which
will be fixed in a subsequent commit.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-15 20:35:26 +01:00
Minos Galanakis
50de073c84 bignum_mod_raw.py: Added BignumModRawConvertfromMont
This patch adds test class for 'mpi_mod_raw_from_mont_rep()`.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-11-12 13:21:31 +00:00
Minos Galanakis
a252f6b24c bignum_mod_raw.py: Added BignumModRawConvertToMont
This patch adds test class for 'mpi_mod_raw_to_mont_rep()`.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-11-12 13:21:31 +00:00
Minos Galanakis
855c228b29 bignum_mod_raw.py: Moved Classes outside of slots
This patch moves `BignumModRawOperation` and `BignumModRawOperationArchSplit`
outside of the scaffolding merge slot.

It also renames `r_sqrt` property to `r2`.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-11-10 11:37:33 +00:00
Minos Galanakis
a461ece810 bignum_mod_raw.py: Refactoring BignumModRawOperation
This patch modifies the BignumModRawOperation class to
provide special access to key members commonly used
in tests.

It binds the module's getters to conversion functions
which enable automatic conversions such as:

* hex to int.
* zero padding hex strings.
* common Montgomery constants such as R, R^2 and R^01
  are now be calculated upon access.

class `BignumModRawOperationArchSplit` is also updated to
utilise the new design.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-11-10 11:37:33 +00:00
Minos Galanakis
e9c86a100a bignum_mod_raw.py: Added BignumModRawOperation
This patch is adding a basic instantance of `BignumModRawOperation`
and creates an `BignumModRawOperationArchSplit` class, copying
over the implementation of `BignumCoreRawOperationArchSplit`.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-11-10 11:37:33 +00:00
Janos Follath
f8b3b72910 Add merge slots to bignum_common.py
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-03 14:46:18 +00:00
Janos Follath
d820ca5d07
Fix bignum test generator class names
Co-authored-by: minosgalanakis <30719586+minosgalanakis@users.noreply.github.com>
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-03 08:42:54 +00:00
Janos Follath
9cf14cd6b0 Make pylint happy
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-02 17:28:39 +00:00
Janos Follath
1be322a795 Add merge slots to raw and mod_raw test generation
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-02 17:27:36 +00:00
Janos Follath
b99b056f0a Add script for generating mod test cases
This commit only adds the boilerplate, no actual tests are added.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-02 17:27:36 +00:00
Janos Follath
df8239b846 Add script for generating mod_raw test cases
This commit only adds the boilerplate, no actual tests are added.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-02 17:27:36 +00:00
Janos Follath
5933f691a2 Add merge slots to Bignum files
Legacy Bignum is excluded as it doesn't get regular extensions like new
ones.

Each slot uses comments of their respective filetype. Since .data files
don't have a syntax for comments, dummy test cases are used. (These test
cases will never be executed and no noise will be added to tests.)

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-02 17:27:25 +00:00
Janos Follath
8904a2db29 mpi_core_ct_uint_table_lookup: style and docs
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-10-31 16:51:56 +00:00
Janos Follath
88e3177fcc Make pylint happy
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-10-31 14:32:46 +00:00
Janos Follath
032924f297 Add mbedtls_mpi_core_ct_uint_table_lookup tests
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-10-31 11:32:55 +00:00
Tom Cosgrove
eee0d6ce6b Extend the unit tests for mbedtls_mpi_core_add_if() to also test mbedtls_mpi_core_add()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-10-25 16:29:58 +01:00
Gilles Peskine
e5a715e8c0
Merge pull request #6449 from gilles-peskine-arm/bignum-core-shift_r
Bignum core: shift_r
2022-10-25 10:40:39 +02:00
Janos Follath
78e3c9b574 Fix style in bignum_core.py
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-10-20 12:09:30 +01:00
Gilles Peskine
b0ee577287 Bignum core: test shift_r
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-10-20 12:00:57 +02:00
Janos Follath
ba516f7524 mpi_core_add_if test: Remove dependency on old API
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-10-20 10:59:50 +01:00
Janos Follath
5ff03d49c0 Bignum Core test: move bound to constructor
We will need it to pad parameters in the base class, but it is useful
because every child class would need to calculate it anyway.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-10-20 10:53:14 +01:00
Janos Follath
e153a715f0 mpi_core_add_if: simplify tests
Use the new, limb size aware base class to generate tests for
mpi_core_add_if().

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-10-20 10:40:03 +01:00
Janos Follath
dd2e4683d0 Bignum Core: add limb size specific test generation
In Bignum Core the result also involves a carry and both the result and
the carry depend on the size of the limbs.

Before this change both 32 and 64 bit specific result have been passed
to the test functions.

Moving this decision out of the tests makes the test functions easier to
write and read and the test cases easier to read and debug. The change
doesn't make writing the generator script any harder and might even make
reading it easier.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-10-20 10:38:22 +01:00
Werner Lewis
f86c82e8f3 Pass bits_in_limb parameter to duplicated methods
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
63653b9b0a Remove unnecessary check
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
2295eecb12 Add missing space in string
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
1b20e7e645 Redefine result() method to return List
Many bignum tests have multiple calculated result values, so return
these as a list, rather than formatting as a string.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
7a2731463b Add function to generate random montmul cases
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
a850312e9d Add test generation for mpi_core_montmul
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
0a9c48b68e Add test generation for mpi_core_mla
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
bbf0a32d67 Add flag for unique combinations in operations
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
6351c7f5f3 Add test generation for mpi_core_sub
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
ce769d1fc9 Add test generation for mpi_core_add_if
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
99e8178fa7 Add module for bignum_core test generation
Separate file is added for classes used to generate cases for tests
in bignum_core.function. Common elements of the BignumOperation class
are added to classes in a new common file, for use across files.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Janos Follath
7cd1ebe0bb
Merge pull request #6296 from gilles-peskine-arm/test_data_generation-pr_6093_followup
Minor fixes to test_data_generation.py
2022-10-18 13:38:28 +01:00
Gilles Peskine
c217f48251 Replace the output file atomically
When writing the new .data file, first write the new content, then replace
the target. This way, there isn't a temporary state in which the file is
partially written. This temporary state can be misleading if the build is
interrupted. It's annoying if you're watching changes to the output and the
changes appear as emptying the file following by the new version appearing.
Now interrupted builds don't leave a file that appears to be up to date but
isn't, and when watching the output, there's a single transition to the new
version.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-10-04 15:10:00 +02:00
Gilles Peskine
31a8815f25 Documentation typo
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-09-29 18:48:41 +02:00
Manuel Pégourié-Gonnard
f3f9e450b6
Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2
Ad-hoc KDF for EC J-PAKE in TLS 1.2
2022-09-28 09:47:32 +02:00
Gilles Peskine
b3ea98c606 Replace the output file atomically
When writing the new .data file, first write the new content, then replace
the target. This way, there isn't a temporary state in which the file is
partially written. This temporary state can be misleading if the build is
interrupted. It's annoying if you're watching changes to the output and the
changes appear as emptying the file following by the new version appearing.
Now interrupted builds don't leave a file that appears to be up to date but
isn't, and when watching the output, there's a single transition to the new
version.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-09-21 22:00:06 +02:00
Gilles Peskine
d9071e7d96 Unify check_repo_path
We had 4 identical copies of the check_repo_path function. Replace them by a
single copy in the build_tree module where it naturally belongs.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-09-18 21:17:09 +02:00
Gilles Peskine
15997bd389 Use relative imports when importing other modules in the same directory
We were using absolute imports under the assumption that the /scripts
directory is in the path. This worked in normal use because every one of our
Python scripts either were in the /scripts directory, or added the /scripts
directory to the module search path in order to reference mbedtls_dev.
However, this broke things like
```
python3 -m unittest scripts/mbedtls_dev/psa_storage.py
```

Fix this by using relative imports.

Relative imports are only supposed to be used inside a package (Python
doesn't complain, but Pylint does). So make /scripts/mbedtls_dev a proper
package by creating __init__.py.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-09-17 10:38:58 +02:00
Gilles Peskine
7b3fa657af generate_*_tests.py --directory: fix handling of relative path
The option to --directory was intended to be relative to the current
directory when the script is invoked, which is the intuitive behavior. But
this was not implemented correctly, and it was actually interpreted relative
to the mbedtls root (which the script chdir's into). Fix this.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-09-17 10:38:58 +02:00
Gilles Peskine
049042586e Clarify the descriptions of test-case-data-related modules
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-09-17 10:38:58 +02:00
Gilles Peskine
64f2efdc40 More precise name for test data generation
We have Python code both for test code generation
(tests/scripts/generate_test_code.py) and now for test data generation.
Avoid the ambiguous expression "test generation".

This commit renames the Python module and adjusts all references to it. A
subsequent commit will adjust the documentation.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-09-17 10:38:58 +02:00
Werner Lewis
c2fb540c67 Use a script specific description in CLI help
Previous changes used the docstring of the test_generation module,
which does not inform a user about the script.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-16 17:03:54 +01:00
Werner Lewis
07c830c164 Fix setting for default test suite directory
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-15 09:02:07 +01:00
Werner Lewis
52ae326ebb Update references to file targets in docstrings
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-14 16:52:45 +01:00
Werner Lewis
00d02423a5 Remove argparser default for directory
This reverts commit f156c43702. Adds a
comment to explain reasoning for current implementation.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-14 16:52:42 +01:00
Werner Lewis
858cffde1e Add toggle for test case count in descriptions
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-14 16:52:25 +01:00
Werner Lewis
34d6d3e4e5 Update comments/docstrings in TestGenerator
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-14 16:52:18 +01:00
Andrzej Kurek
08d34b8693 Add an EC J-PAKE KDF to transform K -> SHA256(K.X) for TLS 1.2
TLS uses it to derive the session secret. The algorithm takes a serialized
point in an uncompressed form, extracts the X coordinate and computes
SHA256 of it. It is only expected to work with P-256.
Fixes #5978.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-14 08:39:26 -04:00
Werner Lewis
56013081c7 Remove unused imports
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-02 12:57:37 +01:00
Werner Lewis
a4668a6b6c Rework TestGenerator to add file targets
BaseTarget-derived targets are now added to TestGenerator.targets in
initialization. This reduces repeated code in generate_xxx_tests.py
scripts which use this framework.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-02 11:56:34 +01:00
Werner Lewis
aaf3b79bbb Use Python 3.5 style typing for dependencies
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-31 17:16:44 +01:00
Werner Lewis
466f036326 Add dependencies attribute to BaseTarget
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-31 17:01:38 +01:00
Werner Lewis
81f24443b7 Modify wording in docstrings
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-30 09:37:07 +01:00
Werner Lewis
76f45625e6 Fix trailing whitespace
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-25 13:21:45 +01:00
Werner Lewis
9df9faac5c Use argparser default for targets
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-25 12:49:41 +01:00
Werner Lewis
6ef5436f3c Clarify documentation
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-25 12:29:46 +01:00
Werner Lewis
f156c43702 Use argparser default for directory
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-25 11:31:55 +01:00
Werner Lewis
e3ad22ecf2 Fix TARGET types and code style
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-25 10:02:06 +01:00
Werner Lewis
6d654c6491 Raise NotImplementedError in abstract methods
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-25 09:56:51 +01:00
Werner Lewis
a195ce73f5 Disable pylint unused arg in __new__
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-24 18:10:55 +01:00
Werner Lewis
d03d2a3a91 Remove trailing whitespace in description
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-24 18:10:25 +01:00
Werner Lewis
cfd4768df2 Use __new__() for case counting
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-24 18:10:13 +01:00
Werner Lewis
2b527a394d Split generate_tests to reduce code complexity
Previous implementation mixed the test case generation and the
recursive generation calls together. A separate method is added to
generate test cases for the current class' test function. This reduces
the need to override generate_tests().

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-24 18:10:13 +01:00
Werner Lewis
699e126942 Use ABCMeta for abstract classes
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-24 17:33:21 +01:00
Werner Lewis
169034ae63 Add details to docstrings
Clarification is added to docstrings, mostly in abstract classes.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-24 17:30:30 +01:00
Werner Lewis
55e638ca57 Remove abbreviations and clarify attributes
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-24 17:29:08 +01:00
Werner Lewis
fbb75e3fc5 Separate common test generation classes/functions
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-24 15:08:56 +01:00
Gilles Peskine
76851ae3a6 Add warnings to test code and data about storage format stability
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-20 19:10:35 +02:00
Gilles Peskine
dce7d8f51e Rename and document mac_or_tag_lengths -> permitted_truncations
No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
2773f26971 Fix digits in octal constant
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
ac17ec4388 Public keys can't be used as private-key inputs to key agreement
The PSA API does not use public key objects in key agreement
operations: it imports the public key as a formatted byte string.
So a public key object with a key agreement algorithm is not
a valid combination.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
4bd90dc6b1 Don't exercise OAEP with small key and large hash
RSA-OAEP requires the key to be larger than a function of the hash size.
Ideally such combinations would be detected as a key/algorithm
incompatibility. However key/algorithm compatibility is currently tested
between the key type and the algorithm without considering the key size, and
this is inconvenient to change. So as a workaround, dispense
OAEP-with-too-small-hash from exercising, without including it in the
automatic operation-failure test generation.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
7095d47749 Reject block cipher modes that are not implemented in Mbed TLS
Mbed TLS doesn't support certain block cipher mode combinations. This
limitation should probably be lifted, but for now, test them as unsupported.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
e3a0890e4f Reject invalid MAC and AEAD truncations
Reject algorithms of the form PSA_ALG_TRUNCATED_MAC(...) or
PSA_ALG_AEAD_WITH_SHORTENED_TAG(...) when the truncation length is invalid
or not accepted by policy in Mbed TLS.

This is done in KeyType.can_do, so in generate_psa_tests.py, keys will be
tested for operation failure with this algorithm if the algorithm is
rejected, and for storage if the algorithm is accepted.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
2fa829c7dd Fix invalid argument enumeration when there are >=3 arguments
This bug had no impact since currently no macro has more than 2 arguments.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
d78c59c0de Test more truncated MAC and short AEAD tag lengths
The current macro collector only tried the minimum and maximum expressible
lengths for PSA_ALG_TRUNCATED_MAC and PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG.
This was good enough for psa_constant_names, but it's weak for exercising
keys, in particular because it doesn't include any valid AEAD tag length.
So cover more lengths.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
c47d3a4286 64-bit block ciphers are incompatible with some modes
Only allow selected modes with 64-bit block ciphers (i.e. DES).

This removes some storage tests and creates corresponding op_fail tests.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
e6b85b4d42 Storage format tests: exercise operations with keys
In key read tests, add usage flags that are suitable for the key type and
algorithm. This way, the call to exercise_key() in the test not only checks
that exporting the key is possible, but also that operations on the key are
possible.

This triggers a number of failures in edge cases where the generator
generates combinations that are not valid, which will be fixed in subsequent
commits.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
16b2506e3d Abbreviate descriptions of generated PSA storage tests
This currently makes all the descriptions unambiguous even when truncated at
66 characters, as the unit test framework does.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
e8e058c9d4 Unify the code to shorten expressions
The output of generate_psa_tests.py is almost unchanged: the differences are
only spaces after commas (now consistently omitted).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
fa70ced195 Remove ad hoc is_valid_for_signature method
Use the new generic is_public method.

Impact on generated cases: there are new HMAC test cases for SIGN_HASH. It
was a bug that these test cases were previously not generated.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
e6300959df Test attempts to use a public key for a private-key operation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:02:44 +02:00
Gilles Peskine
a401386f82 A key agreement algorithm can contain a key derivation
PSA_ALG_KEY_AGREEMENT(..., kdf) is a valid key derivation algorithm
when kdf is one.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 14:57:10 +02:00
Gilles Peskine
8345d63695 Add knowledge of the compatibility of key types and algorithms
Determine key types that are compatible with an algorithm based on
their names.

Key derivation and PAKE are not yet supported.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-03-16 13:54:25 +01:00
Gilles Peskine
ee7554e606 Add knowledge of algorithms
Determine the category of operations supported by an algorithm based
on its name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-03-16 13:54:25 +01:00
Gilles Peskine
b9dbb7fe62 Add missing type annotation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-03-15 18:32:10 +01:00
Gilles Peskine
dcf2ff53c8 Ensure files get closed when they go out of scope
This is automatic in CPython but not guaranteed by the language. Be friendly
to other Python implementations.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-03-04 20:02:00 +01:00
Jerry Yu
0cb2cf6cb4 fix build fail
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 14:23:37 +08:00
Jerry Yu
e6369b0061 fix test_cmake_as_package fail
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 12:47:03 +08:00
Gilles Peskine
f1a7ea88d1
Merge pull request #5092 from mprse/generate_key2
Generate test cases for PSA key generation
2021-11-10 20:55:35 +01:00
Przemyslaw Stekiel
729c244819 test_case.py: add new line between test cases
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-11-09 14:45:40 +01:00
Przemyslaw Stekiel
7bc26b8c2a generate_psa_tests.py: add key generation result to test case argument list, add comments
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-11-02 10:51:49 +01:00
Przemyslaw Stekiel
1b0978b803 Add test class for key generation
Genertae test_suite_psa_crypto_generate_key.generated.data.
Use test_suite_psa_crypto_generate_key.function as a test function.

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-10-20 09:05:33 +02:00
Gilles Peskine
acd2d0e923 New algorithm PSA_ALG_RSA_PSS_ANY_SALT
This is a variant of PSA_ALG_RSA_PSS which currently has exactly the same
behavior, but is intended to have a different behavior when verifying
signatures.

In a subsequent commit, PSA_ALG_RSA_PSS will change to requiring the salt
length to be what it would produce when signing, as is currently documented,
whereas PSA_ALG_RSA_PSS_ANY_SALT will retain the current behavior of
allowing any salt length (including 0).

Changes in this commit:

* New algorithm constructor PSA_ALG_RSA_PSS_ANY_SALT.
* New predicates PSA_ALG_IS_RSA_PSS_STANDARD_SALT (corresponding to
  PSA_ALG_RSA_PSS) and PSA_ALG_IS_RSA_PSS_ANY_SALT (corresponding to
  PSA_ALG_RSA_PSS_ANY_SALT).
* Support for the new predicates in macro_collector.py (needed for
  generate_psa_constant_names).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-05 14:26:25 +02:00
Gilles Peskine
8135cb9e07 Break out algorithm_tester() as a separate method
No intended behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-05 14:26:25 +02:00
Ronald Cron
3c62693c99
Merge pull request #4701 from gilles-peskine-arm/make_generated_files-non_english-3.0
psa_generate_test: tweak MSVC detection to work with non-English Visual Studio
2021-07-23 14:05:08 +02:00
gabor-mezei-arm
2a499c0cc5
Refactor handlibg of the key usage flags
Move implicit usage flags handling to the StorageKey class.
Create a subclass for test case data.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 17:07:00 +02:00
gabor-mezei-arm
f73f896bdf
Use regexp pattern instaed of string
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 17:07:00 +02:00
gabor-mezei-arm
6f7282b09a
Keep the imported classes sorted
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 17:07:00 +02:00
gabor-mezei-arm
2784bfe226
Move key type validation to crypto_knowledge
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 17:06:59 +02:00
gabor-mezei-arm
5df1dee0c6
Rename variables and funcions
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 17:06:47 +02:00
gabor-mezei-arm
2710bb1d82
Use string in dict instead of Expr object
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 17:06:47 +02:00
gabor-mezei-arm
8f40510a92
Add better name for variables
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 17:06:34 +02:00
gabor-mezei-arm
672e376ba5 Add test case generation for usage extensions when loading keys
Add test cases validating that if a stored key only had the hash policy,
then after loading it psa_get_key_attributes reports that it also has the
message policy, and the key can be used with message functions.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 17:06:20 +02:00
gabor-mezei-arm
7748b6f24b Add key usage policy extension support for key generation
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 17:06:08 +02:00
Gilles Peskine
eb7bdaa177 Add storage tests for lifetimes
Test keys with various persistence levels, enumerated from the
metadata tests.

For read-only keys, do not attempt to create or destroy the key
through the API, only to read a key that has been injected into
storage directly through filesystem access.

Do not test keys with a non-default location, since they require a
driver and we do not yet have a dependency mechanism to require the
presence of a driver for a specific location value.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-23 13:44:35 +02:00
Gilles Peskine
45a4391897 Collect lifetime constructors
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-23 13:43:08 +02:00
Gilles Peskine
607eb7e411 Add lifetime metadata tests
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-23 13:43:08 +02:00
Gilles Peskine
18d1e66fcf Tweak MSVC detection to work with non-English Visual Studio
Fix #4699

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-22 11:26:19 +02:00
TRodziewicz
10e8cf5fef Remove MD2, MD4, RC4, Blowfish and XTEA
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-06-16 10:34:25 +02:00
Janos Follath
8603fb09fe PSA PAKE: add to PSA constant name test
Signed-off-by: Janos Follath <janos.follath@arm.com>
2021-06-03 12:37:22 +01:00
Gilles Peskine
2157e86389 Document include_intermediate in PSAMacroEnumerator
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 20:12:00 +02:00
Gilles Peskine
38ebfec0f1 Remove duplicates from enumerated test inputs
When generating expressions to construct test case data, there can be
duplicate values, for example if a value of the form C(A) is present
as such in test_suite_psa_crypto_metadata.data and also constructed by
enumerating the argument A for the constructor C. Eliminate such
duplicates in generate_expressions.

This commit removes many test cases that were exact duplicates (and
were near-duplicates differing only in whitespace before the
whitespace normalization).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 19:40:27 +02:00
Gilles Peskine
cccd1ac373 Normalize whitespace in test arguments
Avoid ending up with test cases that only differ in whitespace in an
argument.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 19:40:17 +02:00
Gilles Peskine
537d5fa48a Expand psa_generate_tests to support constructor arguments
In macro_collector.py, base InputsForTest on PSAMacroEnumerator rather
than PSAMacroCollector. It didn't make much sense to use
PSAMacroCollector anymore since InputsForTest didn't use anything
other than the constructor.

psa_generate_tests now generates arguments for more macros.
In particular, it now collects macro arguments from
test_suite_psa_crypto_metadata. Algorithms with parameters are now
supported.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 19:39:53 +02:00
Gilles Peskine
4d0b089d2a Fix KeyType with parameters passed in the name argument
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 19:39:02 +02:00
Gilles Peskine
3d404b8a10 Use InputsForTest in generate_psa_tests
In generate_psa_tests, use InputsForTest rather than PSAMacroCollector
to gather values. This way, the enumeration of values to test includes
values used in metadata tests in addition to constructors parsed from
header files. This allows greater coverage of values built from
constructors with arguments. This doesn't make a difference yet, but
it will once algorithm constructors with arguments are supported in
generate_psa_tests.

Make the injection of numerical values optional. They are useful for
test_psa_constant_names, so keep them there. Don't use them for
not-supported tests: they might make sense, but the current code
wouldn't work since it doesn't know how to make up fake key material
or what dependencies to generate. Don't use them for storage tests:
they only make sense for supported values.

Don't inject 'PSA_SUCCESS': that's superfluous.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 19:39:02 +02:00
Gilles Peskine
b4edff9cd8 Move InputsForTest to macro_collector.py
This is useful to generate PSA tests for more than constant names.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 19:39:02 +02:00
Bence Szépkúti
539f1432cd Remove caching of cc_is_msvc
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
7c18550383 Remove object file in finally
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
46d894925d Move object file handling out of create_c_file()
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
0671dd3107 Add notice of caching whether the compiler is MSVC
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
24c29fe7c3 Clean up object files produced by MSVC
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
fa6bf1e588 Detect MSVC without relying on compiler filename
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
3bd51b0bb1 Improve MSVC detection
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
cabae3d29e Specify output name for MSVC as well
The output file was being created in the working directory, instead of
the temp directory.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
9d1edb6224 If $CC looks like MSVC, use a compatible command line syntax
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
c86f20af98 Allow running source file generators from a subdirectory
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-17 22:46:27 +02:00
Manuel Pégourié-Gonnard
b12de9ffc1 Add new key types to crypto_knowledge.py
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-05-03 11:02:56 +02:00
Gilles Peskine
77e47c05f3 Add key material for twisted Edwards curves
Add the test keys from RFC 8032 (§7.1 Ed25519 "TEST 1", §7.4 Ed448 "Blank").
This replaces the generic byte-sized data used for unknown key types
which no longer works now that Ed25519 is considered to have 255 bits.

Re-generate the automatically generated test data accordingly.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-29 15:08:10 +02:00
Gilles Peskine
a00abc6b65 Consistently describe Ed25519 as a 255-bit curve
The coordinates are over $F_{2^{255}-19}$, so by the general
definition of the bit size associated with the curve in the
specification, the value for size attribute of keys is 255.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-29 14:55:44 +02:00
Gilles Peskine
67546802fe New elliptic curve family: twisted Edwards
Add an elliptic curve family for the twisted Edwards curves
Edwards25519 and Edwards448 ("Goldilocks"). As with Montgomery curves,
since these are the only two curves in common use, the family has a
generic name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-29 14:55:44 +02:00
Gilles Peskine
f8223abb16 Cover all key types
Generate test cases for all key types. These test cases cover the key
representation (checked with export) and the encoding of the key type and
the bit-size.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-10 23:22:35 +01:00
Gilles Peskine
2352396808 Obtain the values of expressions by running C code
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-10 23:22:35 +01:00
Gilles Peskine
e00944807c New python module to encode a PSA key for storage
Construct an object given the attributes and material for a PSA crypto key
and get the Mbed TLS storage representation.

The code to generate the storage representation was written based on the
specification in docs/architecture/mbed-crypto-storage-specification.md,
without looking at the code.

The data in the unit tests is from the AES-128 format_storage_data_check
test case in test_suite_psa_crypto_persistent_key.data, tweaked manually.

This commit creates a basic framework for using symbolic values for
attributes, but does not yet implement obtaining the corresponding numerical
values from an external source.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-10 23:22:35 +01:00
Gilles Peskine
33c601cb73 Hook up PSAMacroCollector to PSAMacroEnumerator
Make it possible to enumerate the key types, algorithms, etc.
collected by PSAMacroCollector.

This commit ensures that all fields of PSAMacroEnumerator are filled
by code inspection. Testing of the result may reveal more work to be
done in later commits.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-10 23:22:35 +01:00
Gilles Peskine
22fcf1b5f5 Move PSAMacroEnumerator to macro_collector
It's useful for more than test_psa_constant_names.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-10 23:22:35 +01:00
Gilles Peskine
10ab267afb Add some type annotations
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-10 23:22:35 +01:00
Gilles Peskine
d75adfcb3b KeyType: do a sanity check on the key type expression
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 18:05:27 +01:00
Gilles Peskine
4fbffcd144 Do not require typing_extensions at runtime
There are type annotations that indirectly depend on the
typing_extensions module (on Python 3.5-3.7: Protocol was added to the
core typing module in 3.8). The typing_extensions module is not
installed by default, so the code didn't run on a pristine Python
installation.

To avoid depending on a non-default module, make the dependency on
typing_extensions optional. (It's still required to run mypy, but
installing mypy takes care of providing typing_extensions.) If it
isn't available, provide a substitute definition that's just good
enough to get the scripts to run.

Move this ugly code to its own module to avoid the temptation of
spreading such ugliness all over the place. It's likely to be used in
other modules anyway.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:58:29 +01:00
Gilles Peskine
fa3c69a60f Improve documentation of crypto_knowledge.KeyType
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:58:29 +01:00
Gilles Peskine
505cc641de Use the base name of the generating script, not the full path
Otherwise the generation is sensitive to trivial differences such as
running `tests/scripts/generate_psa_tests.py` vs
`./tests/scripts/generate_psa_tests.py` vs an absolute path.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine
0ac258ed0b Don't consider secp192r1
SECP192R1 is declared in the PSA API specification, but it's an old
one that Mbed TLS doesn't support and even OpenSSL doesn't support.
We don't have test vectors for it. Just skip it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine
0cbaf056fa Add some randomly generated keys
RSA-1536:
```
openssl genrsa 1536 2>/dev/null | openssl rsa -outform DER -pubout |hexlify
```
then formatted manually.

ECC except Montgomery:
```
function e { openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:$1 -text |perl -0777 -pe 's/.*\npriv:([\n 0-9a-f:]*)pub:([\n 0-9a-f:]*).*/"$1","$2"/s or die; y/\n ://d; s/,/,\n              /;' |xsel -b; }
```

Curve448:
```
openssl genpkey -algorithm x448
```
then formatted manually.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine
6f6483f2d2 New module for key material for asymmetric key types
Asymmetric keys can't just be arbitrary byte strings: the public key
has to match the private key and the private key usually has
nontrivial constraints.

In order to have deterministic test data and not to rely on
cryptographic dependencies in the Python script, hard-code some test
keys.

In this commit, copy some test keys from test_suite_psa_crypto.data.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine
8ffb585659 New function to write a whole .data file
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Gilles Peskine
db2f575c9d New Python module for generating Mbed TLS test cases
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Gilles Peskine
397b0287b1 Create sample key material for symmetric keys
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Gilles Peskine
df63968c0c Enumerate sizes to test for each key type
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00