4633 commits

Author	SHA1	Message	Date
Minos Galanakis	1a1b175554	test_suite_bignum: Added tests for mpi_get_montgomery_constant_unsafe() ... This patch adds the test for the method calculating the RR. The input/expected data are generated manually using the following Python3 snippet: ~~~~~ import math title="mpi_get_montgomery_constant_unsafe" tt = title + " #{}" in_data = [ "0f", ... ] def limb_no(number, bil=64): return int(math.ceil(int.bit_length(number)/(bil * 1.0))) def calc_rr(number, bil=64 ): return '{:x}'.format(pow(pow(2, limb_no(number, bil) * bil), 2, number)) def calc_rr_str(number, prefix=""): rr64 = calc_rr(number) rr32 = calc_rr(number, bil=32) return '{}:"{:x}":"{}":"{}"'.format(prefix,number, rr32, rr64) print("\n\n".join(["{}\n{}".format(tt.format(in_data.index(v)+1), calc_rr_str(int(v,base=16), title)) for v in in_data])) ~~~~~ Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-25 15:12:01 +01:00
Gilles Peskine	383b0bbea0	Merge pull request #6461 from tom-cosgrove-arm/fix-mbedtls_mpi_mod_modulus_init-calls-in-tests ... mbedtls_mpi_mod_modulus_init() must be called before any 'goto exit' in tests	2022-10-25 13:40:17 +02:00
Gilles Peskine	e5a715e8c0	Merge pull request #6449 from gilles-peskine-arm/bignum-core-shift_r ... Bignum core: shift_r	2022-10-25 10:40:39 +02:00
Gilles Peskine	af8ea3f738	Merge pull request #6468 from gilles-peskine-arm/bignum-test-suite-names ... Rename test_suite_bignum for consistency	2022-10-25 10:40:29 +02:00
Ronald Cron	2012361ae6	Merge pull request #6448 from ronald-cron-arm/tls13-kex-build-options ... TLS 1.3 Introduce and use key exchange mode config options	2022-10-24 15:21:37 +02:00
Ronald Cron	73fe8df922	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED ... Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED to guard TLS code (both 1.2 and 1.3) specific to handshakes involving PSKs. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	e68ab4f55e	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED ... Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED to guard TLS code (both TLS 1.2 and 1.3) specific to handshakes involving certificates. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	928cbd34e7	tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED ... Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED instead of MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED to guard code specific to the TLS 1.3 ephemeral key exchange mode. Use it also for the dependencies of TLS 1.3 only tests relying on ephemeral key exchange mode, but for tests in tls13-kex-modes.sh where the change is done later using all MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_.*ENABLED macros. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Andrzej Kurek	ba970be142	Fix test dependencies for cases that are PSA-based ... These should be using PSA-type macros, not MBEDTLS_XXX_C. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-21 13:39:00 -04:00
Gilles Peskine	a020d535ad	Avoid having both test_suite_XXX.data and test_suite_XXX.*.data ... Although our build scripts support that, it's annoying, because it makes "test_suite_XXX" ambiguous between "all the data for test_suite_XXX.function" and "just test_suite_XXX.data". Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-21 19:00:38 +02:00
Gilles Peskine	ce22066211	Rename test_suite_bignum for consistency with bignum.{h,c} ... Align the name of the bignum test suite with the source module (which was renamed from mpi.c to bignum.c in the PolarSSL 1.x days). This also brings it into line with the test suites for the low-level bignum interfaces. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-21 18:54:43 +02:00
Andrzej Kurek	ed05279e4f	Comment fix ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-21 10:28:55 -04:00
Andrzej Kurek	d066c79d7e	Add missing ECB requirements for PSA cipher aes tests ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-21 10:28:55 -04:00
Andrzej Kurek	8f26c8a0cf	Fix a typo in test_suite_cipher ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-21 10:28:55 -04:00
Ronald Cron	81cd7ab492	tests: ssl: Add missing dependency on MBEDTLS_X509_CRT_PARSE_C ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:47:00 +02:00
Ronald Cron	f64cc03b09	tests: ssl: Add missing dependencies on certificate based handshake ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:47:00 +02:00
Ronald Cron	457fb7a523	tests: ssl: Fix ciphersuite identifier ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:44:45 +02:00
Manuel Pégourié-Gonnard	0e7e47147c	Merge pull request #6447 from mprse/driver-only-hash-gap ... Fix test gap in driver-only-hashes build	2022-10-21 10:32:43 +02:00
Manuel Pégourié-Gonnard	45c6792faf	Merge pull request #6385 from AndrzejKurek/depends-py-reloaded ... Unified tests/scripts/depends.py - reloaded	2022-10-21 10:17:58 +02:00
Tom Cosgrove	be17655b57	mbedtls_mpi_mod_modulus_init() must be called before any 'goto exit' in tests ... Fixes Coverity issues 381527 and 381526. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-10-20 16:57:10 +01:00
Janos Follath	560805d665	Fix mbedtls_mpi_core_add_if test aliasing ... Signed-off-by: Janos Follath <janos.follath@arm.com>	2022-10-20 12:04:40 +01:00
Gilles Peskine	b0ee577287	Bignum core: test shift_r ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-20 12:00:57 +02:00
Janos Follath	ba516f7524	mpi_core_add_if test: Remove dependency on old API ... Signed-off-by: Janos Follath <janos.follath@arm.com>	2022-10-20 10:59:50 +01:00
Janos Follath	e153a715f0	mpi_core_add_if: simplify tests ... Use the new, limb size aware base class to generate tests for mpi_core_add_if(). Signed-off-by: Janos Follath <janos.follath@arm.com>	2022-10-20 10:40:03 +01:00
David Horstmann	2bb9c8a884	Change brace initialization to memset ... Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-20 10:18:37 +01:00
David Horstmann	01dd548025	Minor fixes to x509_get_name() test function ... Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-19 17:13:57 +01:00
Werner Lewis	f1c24f0fbc	Add missing include ... Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 16:43:22 +01:00
Werner Lewis	bd3ddafee2	Move tests added in #6289 ... Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 15:36:18 +01:00
Werner Lewis	6baf12b18d	Move legacy mod functions back to test_suite_mpi ... Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 15:20:01 +01:00
Werner Lewis	ffe4478936	Move mpi_core_bitlen tests to bignum_core files ... Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 15:20:01 +01:00
Werner Lewis	0c6ea12145	Move bignum_mod tests into separate files ... Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 15:20:01 +01:00
Werner Lewis	c9b6a0aef9	Move bignum_mod_raw tests into separate files ... Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 15:20:01 +01:00
Werner Lewis	c6004a2ab3	Move bignum_core tests into separate files ... Test cases for mpi_core_add_if, mpi_core_mla, mpi_core_sub, mpi_core_montmul are not copied into new files, these are generated in subsequent commits. Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-10-19 15:19:53 +01:00
Gilles Peskine	db2996357c	Merge pull request #6289 from gabor-mezei-arm/6237_Add_conditional_assign_and_swap_for_bignum ... Bignum: Add safe conditional assign and swap for the new MPI types	2022-10-19 15:51:19 +02:00
Andrzej Kurek	b50754ae86	Switch from x509_CRT_PARSE to KEY_EXCHANGE_WITH_CERT_ENABLED ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	a2a9688501	Fix the memory allocation in test_suite_ssl ... ASSERT_ALLOC calculates the size itself, and the parameter indicates number of elements. ``` mbedtls_calloc( sizeof( *( pointer ) ), ( length ) ); ``` Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	658442fe78	Remove unnecessary ECP_C dependencies ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	e5a5cc1944	Remove the dependency of tls1_3 key evolution tests on curve25519 ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	daf43fbe21	Move the location of MBEDTLS_ECP_C dependencies ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	2d637c4cbb	Fix unchecked allocation in test_suite_ssl ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	e64bd43495	Add missing ECP and ECDH dependencies in ssl test suites ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	8e44139ca0	Add missing CURVE25519 requirements to TLS 1.3 tests ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	84f30f2eb0	Add missing SHA256 dependency ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	e38b788b79	Add missing key exchange dependencies ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	90e8204476	Add missing SHA256 and ECDSA_C dependencies in test_suite_ssl ... Most of the tests (including those using endpoint_init functions) parse certificates that require MBEDTLS_SHA256_C to be present. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	0abebebe6d	Refactor ssl test suite to use pointers more ... This way it's easier to track structures that are partially set up. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	f502bcb13e	Fix missing AES dependencies ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	e40b92178d	Fix missing padding dependencies ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	252283f2aa	Fix missing cipher mode dependencies ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Przemek Stekiel	8258ea7b7d	test_suite_psa_crypto: adapt dependenies and guards so the test can run in the driver-only build ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-19 13:20:20 +02:00
Manuel Pégourié-Gonnard	deef905a1c	Update is_builtin_calling_md() for PKCS#1 v2.1 ... Since https://github.com/Mbed-TLS/mbedtls/pull/6141 it can "fall back" to PSA when MD is not available (but will use MD if available, to preserve backwards compatibility). Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-19 11:02:15 +02:00
Manuel Pégourié-Gonnard	98b91d40d6	RSA PKCS#1 v1.5 no longer depends on MD ... This has been the case since https://github.com/Mbed-TLS/mbedtls/pull/6065 which forgot to update the documentation, and also is_builtin_calling_md(), so update those. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-19 10:59:30 +02:00
Gabor Mezei	4dceede71b	Fix overly replacement in the documentation ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-18 16:44:17 +02:00
Przemek Stekiel	98b1af4e34	test_suite_debug: adapt dependenies so the test can run in the driver-only build ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-18 14:52:41 +02:00
David Horstmann	3cd67584bc	Improve X509 DN test naming ... Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-17 17:59:10 +01:00
David Horstmann	d0e3d45e96	Add explanatory comments to raw DER test data ... Break down the DER-encoded ASN.1 test data into its structure in a comment and explain it, to make it easier to understand where the data came from and how it is corrupted. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-17 17:55:04 +01:00
Gilles Peskine	47da7bfac8	Merge pull request #6434 from gilles-peskine-arm/lmots_import_export_test-memory_leak ... LMS: Fix memory leak if unit test fails	2022-10-17 17:57:59 +02:00
Gabor Mezei	0c74e084d5	Fix condition ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-17 16:09:58 +02:00
Gilles Peskine	503d09b52d	Fix memory leak if unit test fails ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-17 12:27:43 +02:00
Manuel Pégourié-Gonnard	6c6f04b651	Merge pull request #6419 from mpg/fix-assert-alloc-usage ... Fix usage of ASSERT_ALLOC()	2022-10-17 12:10:48 +02:00
Gilles Peskine	8874cd570e	Merge pull request #4826 from RcColes/development ... Add LMS implementation	2022-10-14 18:33:01 +02:00
Gabor Mezei	ffb4aa0ddc	Rename variables to have unambiguous names ... Use bytes instead of len in the variable names. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-14 16:39:04 +02:00
Gabor Mezei	8bcd7cca94	Use count instead of bytes in ASSERT_ALLOC argument ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-14 16:18:10 +02:00
Tom Cosgrove	edca207260	MBEDTLS_CIPHER_CHACHA20_POLY1305 is an mbedtls_cipher_type_t not an mbedtls_cipher_mode_t ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-10-14 12:10:40 +01:00
Manuel Pégourié-Gonnard	b3c30907d6	Merge pull request #6383 from mprse/aead_driver_test ... Enable testing of AEAD drivers with libtestdriver1	2022-10-14 11:11:01 +02:00
Manuel Pégourié-Gonnard	47b8de834d	Fix usage of ASSERT_ALLOC() ... The second argument is the number of elements of the type the first argument is pointing to, so we shouldn't be using sizeof there. This was resulting in overly large allocations. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-14 09:35:55 +02:00
Gilles Peskine	31c2dcb611	Fix file names in reproduction instructions in test data ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-13 20:48:15 +02:00
Gilles Peskine	2875aa7b01	Fix instructions and test data for pyhsslms interop tests ... The test data was invalid because it had the extra 4-byte prefix for HSS. Regenerate it (which produces completely new signatures since it is randomized). Rearrange the reproduction instructions for the second test case so that it shows more clearly how to generate a second signature with the same private key. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-13 20:45:05 +02:00
Raef Coles	8bccc999d9	Don't mention error type in LMS test comments ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:57:31 +01:00
Raef Coles	6d7d94a821	Use correct export length in LMS export tests ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:55:46 +01:00
Raef Coles	aa9d52bcdc	Rename LMS private key files to match library name ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:53:40 +01:00
Raef Coles	f8bfe2783b	Remove bad character from LMS test case ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:35:28 +01:00
Raef Coles	d543697092	Fix minor type in LMS test description ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:06:42 +01:00
Raef Coles	a2514f622f	Update pyhsslms test instructions with script ... Due to tool name conflict hampering data reproduction Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 17:04:21 +01:00
Raef Coles	ce18e528ff	Rename LMS private key files ... And remove now-unnecessary modification to check_files.py Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 16:45:05 +01:00
Raef Coles	e4d96b804c	Update LMS and LMOTS test comments ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 16:45:05 +01:00
Raef Coles	493724e3c2	Check correct output size in LMOTS export test ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 15:43:07 +01:00
Raef Coles	ed0e4591dc	Add output length test for LMS export too-big test ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 15:05:47 +01:00
Raef Coles	33f7d66304	Add output check to export too-big buffer tests ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:36 +01:00
Raef Coles	1d88ea870f	Remove unneeded NULL pointer checks in LMS tests ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:35 +01:00
Raef Coles	a21671123a	Remove sudo pip3 in LM(OT)S tests instructions ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:27 +01:00
Raef Coles	1b43a7448d	Clean up LMS and LMOTS feature dependencies ... Remove SHA256 dependencies from tests, fix incorrect boolean logic in check_config, and change depends_hashes.pl to disable LMS in one test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:26 +01:00
Raef Coles	6b2c573b3d	And export buffer too large test to LMS and LMOTS ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:24 +01:00
Raef Coles	534f66f3f0	Fix assert arguments in LMS and LMOTS export tests ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:23 +01:00
Raef Coles	d1c2a80319	Remove duplicated assert from LMOTS tests ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:21 +01:00
Raef Coles	20d2e06ca4	Add cleanup frees in LMS and LMOTS tests ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:20 +01:00
Raef Coles	781f7bedb0	Properly mark LMOTS leak test as failed ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:18 +01:00
Raef Coles	d137c86125	Don't skip LMS tests due to out of memory error ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:17 +01:00
Raef Coles	76563399fd	Fix LMS and LMOTS test dependencies ... Mark them as depending on PSA_WANT_ALG_SHA256 so that test_depends_hashes_psa doesn't fail Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:15 +01:00
Raef Coles	59eb0d0f2b	Fix LMOTS signature leak test dependencies ... As it requires MBEDTLS_LMS_PRIVATE Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:12 +01:00
Raef Coles	d0c701237a	Replace TEST_ASSERT with TEST_EQUAL in LMS tests ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:09 +01:00
Raef Coles	f9b8502865	Add LMS import/export negative tests ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:06 +01:00
Raef Coles	9fc303a99a	Add extra LMOTS import negative tests ... And fix failures that are related to the new tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:01 +01:00
Raef Coles	71f554b48f	Use real data for negative LMOTS tests ... To avoid errors caused by the null public keys and signatures Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:00 +01:00
Raef Coles	66edf6a833	Use hsslms data for LMOTS import/export test ... Also, test that export fails when the buffer is too small. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:58 +01:00
Raef Coles	8b55ba623e	Source LMOTS data from hsslms ... So it can be reproduced Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:57 +01:00
Raef Coles	a6b47c0aac	Add LMS hsslms interop tests ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:55 +01:00
Raef Coles	d6adcb6146	Add negative LMS import/export tests ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:53 +01:00
Raef Coles	810612e14e	Update LMS and LMOTS to use TEST_EQUAL ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:51 +01:00
Raef Coles	90e13fc3c6	Add repro instructions for LMS test data ... Add more interop tests, and use real data for the negative tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:49 +01:00
Raef Coles	0dc604ed2b	Change how LMS and LMOTS negative tests work ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:48 +01:00
Raef Coles	7726678b23	Remove debugging code left in LMOTS tests ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:46 +01:00
Raef Coles	370cc43630	Make LMS public key export part of public key api ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:28 +01:00
Raef Coles	be3bdd8240	Rename LMS and LMOTS init/free functions ... To match convention Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:18 +01:00
Raef Coles	5127e859d7	Update LMS and LMOTS dependency macros ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:11 +01:00
Raef Coles	98c504373c	Update LMS test description ... To correct copy-paste error Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:02 +01:00
Raef Coles	40158e11fc	Add LMOTS test hook to header ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:58 +01:00
Raef Coles	9c9027b1a4	Add extra LMS and LMOTS tests ... NULL-message and LMOTS signature leak tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:50 +01:00
Raef Coles	f5919e2997	Update LMS/LMOTS tests ... Document tests and source of data, use test RNG, pass more parameters into each test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:43 +01:00
Raef Coles	e9479a0264	Update LMS API to support multiple parameter sets ... Parameterise macros to allow variation of sizes Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:36 +01:00
Raef Coles	ab4f87413a	Add MBEDTLS_LMS_PRIVATE define ... To enable private key operations Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:35 +01:00
Raef Coles	01c71a17b3	Update LMS and LMOTS api ... Fix function names and parameters. Move macros to be more private. Update implementation. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:25 +01:00
Raef Coles	c8f9604d7b	Use PSA hashing for LMS and LMOTS ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:23 +01:00
Raef Coles	7dce69a27a	Make LMOTS a private api ... Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:22 +01:00
Raef Coles	8ff6df538c	Add LMS implementation ... Also an LM-OTS implementation as one is required for LMS. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:15 +01:00
Manuel Pégourié-Gonnard	f155ab9a91	Abort on errors when we should ... We're not strictly required to abort, but at least to leave the context is an invalid state. For "late" functions like input() and output(), calling abort() is the easiest way to do that. Do it systematically for input() and output() by using a wrapper. psa_pake_get_implicit_key() was already doing it. For "early" function, we can just leave the operation in its current state which is already invalid. Restore previous tests about that. Not adding systematic tests, though, just test the two functions that are the most important, and more likely to return errors. Since we now abort in more cases, we need to make sure we don't invalidate the operation that's going to be re-used later in the test. For that reason, use a copy of the operation for calls to input() and output() that are expected to return errors. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-13 13:20:31 +02:00
Manuel Pégourié-Gonnard	b63a9ef09f	Fix buffer sizes in ecjpake_setup test function ... Also, the error code changed from INSUFFICIENT_MEMORY to INVALID_DATA. Temporarily remove a test about aborting the operation on error. Auto-abort will be re-introduced in the next commit in a more systematic way. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-13 13:17:20 +02:00
Gilles Peskine	0fe6631486	Merge pull request #6291 from gilles-peskine-arm/platform.h-unconditional-3.2 ... Include platform.h unconditionally	2022-10-13 10:19:22 +02:00
Gilles Peskine	8fd3254cfc	Merge pull request #6374 from mprse/enc_types ... Test TLS 1.2 builds with each encryption type	2022-10-12 12:45:50 +02:00
Ronald Cron	78317c832b	Merge pull request #6327 from yuhaoth/pr/tls13-psk-after-session-tickets ... TLS 1.3: PSK and NewSessionTicket: Add support for sending PSK and Ticket together.	2022-10-12 12:39:51 +02:00
Gilles Peskine	58e5d804ee	test_suite_pk: Add missing dependencies on MBEDTLS_PEM_PARSE_C ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 20:57:38 +02:00
Gilles Peskine	d23d8dee24	test_suite_dhm: Add missing dependencies on MBEDTLS_PEM_PARSE_C ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 20:57:21 +02:00
Gilles Peskine	9624a5932e	Add mbedtls_dhm_parse_dhmfile test case with DER input ... dh.optlen.der is the result of converting dh.optlen.pem from PEM to DER. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 20:52:34 +02:00
Gilles Peskine	b50e433b66	Test mbedtls_mpi_core_bitlen ... Copy the test data for mbedtls_mpi_bitlen except for 0-length and negative cases. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Gilles Peskine	e943283f2f	More mbedtls_mpi_bitlen test cases ... * with leading zero limb * with trailing zero limb * negative Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Gilles Peskine	24baa81043	Improve mbedtls_mpi_bitlen test descriptions ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Gilles Peskine	c5772a194e	mbedtls_test_read_mpi_core: allow odd number of hex digits ... Test functions must now take a char* argument rather than data_t*. This does not affect existing test data. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Janos Follath	1b5c85c75b	Merge pull request #6386 from gilles-peskine-arm/bignum-mbedtls_test_read_mpi_core ... Introduce mbedtls_test_read_mpi_core	2022-10-10 15:14:46 +01:00
Gabor Mezei	44ba2f6db9	Add more test cases ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 15:32:12 +02:00
Gabor Mezei	a67a1a3ebc	Remove the 'is_fail' parameter from the test functions ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 15:25:59 +02:00
Gabor Mezei	d71eb0c3ac	Use better test macro ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 13:09:04 +02:00
Gabor Mezei	d6441da4c5	Remove redundant memory initialization ... When memory is allocated it is also initialized with 0. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 13:05:16 +02:00
Gabor Mezei	251cb632f1	Remove unused macro definition ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 13:02:21 +02:00
Przemek Stekiel	42bb3ff40b	Adapt expected results in ChaCha20-Poly1305 ( invalid tag length) ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-10 07:28:40 +02:00
Jerry Yu	8897c07075	Add server only guards for psk callback ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-07 10:11:05 +08:00
David Horstmann	db73d3b149	Add mbedtls_x509_get_name memory leak unit test ... Introduce a unit test to test mbedtls_x509_get_name() and add a testcase with a corrupt DER-encoded name that causes mbedtls_x509_get_name() to have to cleanup things it is allocated. If it fails to do this, a memory leak is detected under Asan builds. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-05 13:09:57 +01:00
Manuel Pégourié-Gonnard	ec7012dbc7	Fix I/O format of PSA EC J-PAKE for compliance ... The format used by the mbedtls_ecjpake_xxx() APIs and that defined by the PSA Crypto PAKE extension are quite different; the former is tailored to the needs of TLS while the later is quite generic and plain. Previously we only addressed some part of this impedance mismatch: the different number of I/O rounds, but failed to address the part where the legacy API adds some extras (length bytes, ECParameters) that shouldn't be present in the PSA Crypto version. See comments in the code. Add some length testing as well; would have caught the issue. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-05 12:52:48 +02:00
Gilles Peskine	80ca44f33c	Merge pull request #6325 from gabor-mezei-arm/6308_missing_initialization_in_test ... Add initialization for structures in test	2022-10-05 11:09:35 +02:00
Gabor Mezei	8fcde5bb8e	Remove duplicate test case ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-04 13:53:33 +02:00
Gabor Mezei	02e5d439db	Add more tests for cond_assign/swap functions ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-03 16:45:11 +02:00
Gabor Mezei	6546a6cc03	Rewrite tests for cond_assign/swap ... The cond_swap and cond_assign test functions now requires the same limb size for the MPI parameters. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-03 14:56:51 +02:00
Gilles Peskine	5bbdfce44c	Streamline mbedtls_mpi_core_lt_ct unit test ... Use mbedtls_test_read_mpi_core() to read the test data. Among other benefits, X and Y are now allocated to their exact size, so analyzers (Asan, Valgrind, Coverity, ...) have a chance of complaining if the tested function overflows the buffer. Remove TEST_CF_PUBLIC calls which are no longer necessary. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:53:04 +02:00
Gilles Peskine	571576fc5c	Move the definition of data_t to a header file ... This way it can be used in helper functions. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:51:41 +02:00
Tom Cosgrove	c621a6d38f	Update tests to account for CIPHER_FEATURE_UNAVAILABLE on non-authenticated alg ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-30 17:15:54 +01:00
Gabor Mezei	ec5685f1ee	Use exact-size buffers for inputs and outputs to library functions in tests ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 14:48:54 +02:00
Gabor Mezei	f5ca726ce1	Rename variables to match bettr to its purpose ... The length in bytes is used with the 'len' prefix and the length in limbs is used with the 'limbs' prefix. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 14:35:42 +02:00
Gabor Mezei	8b05e3b148	Add memory freeing ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:41 +02:00
Gabor Mezei	a7584888da	Use exact-size buffers for inputs and outputs to library functions in tests ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:41 +02:00
Gabor Mezei	821d15107b	Check true and false condition in the same test case ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:41 +02:00
Gabor Mezei	3eff425b1a	Use only one limb parameter for assign ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:40 +02:00
Gabor Mezei	027d696434	Remove unused code ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:40 +02:00
Gabor Mezei	b2763ef507	Do not read uninitialized memory ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:40 +02:00
Gabor Mezei	cfc0eb8d22	Remove unused parameter ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:39 +02:00
Gabor Mezei	53e455db7b	Remove return value checking from test functions of assign and swap ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:39 +02:00
Gabor Mezei	b27b1c5db0	Add tests for conditional assign and swap functions ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:30 +02:00
Gilles Peskine	845de0898e	Merge pull request #6083 from tom-cosgrove-arm/issue-6015-montgomery-multiplication ... Montgomery multiplication from bignum prototype	2022-09-30 10:35:21 +02:00
Victor Barpp Gomes	d0225afcb6	Add a new test with a binary hwSerialNum ... Signed-off-by: Victor Barpp Gomes <17840319+Kabbah@users.noreply.github.com>	2022-09-29 13:52:55 -03:00
Victor Barpp Gomes	47c7a732d2	Print RFC 4108 hwSerialNum in hex format ... Signed-off-by: Victor Barpp Gomes <17840319+Kabbah@users.noreply.github.com>	2022-09-29 11:34:23 -03:00
Tom Cosgrove	4386ead662	Correct the aliasing requirements in doc for mbedtls_mpi_core_montmul(), and test them ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-29 14:40:21 +01:00
Przemek Stekiel	a891a091a3	test_suite_cmac.data: fix bug: use cipher type instead cipher id ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-29 09:53:20 +02:00
Manuel Pégourié-Gonnard	f3f9e450b6	Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2 ... Ad-hoc KDF for EC J-PAKE in TLS 1.2	2022-09-28 09:47:32 +02:00
Gabor Mezei	0bb138241b	Add initialization for structures ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-27 18:48:44 +02:00
Przemek Stekiel	6f29a6c4b4	test_suite_cipher.function: always include aes.h ... It is done to have MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH macro available (used in tests) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-27 15:04:14 +02:00
Andrzej Kurek	3539f2c90b	Improve readability in ecjpake tests ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-26 10:56:02 -04:00
Gilles Peskine	12a1e85caa	Merge pull request #6138 from Zaya-dyno/validation_remove_change_key_agree ... Validation remove change key agree	2022-09-23 17:04:20 +02:00
Gilles Peskine	87953f228f	Merge pull request #6091 from Zaya-dyno/validation_remove_change_pk ... Validation remove change pk	2022-09-23 17:03:30 +02:00
Gabor Mezei	f29c2a5313	Add initialization for structures ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-23 15:25:27 +02:00
Manuel Pégourié-Gonnard	1475ac49a4	Merge pull request #6107 from Zaya-dyno/validation_remove_change_hash ... Validation remove change hash	2022-09-22 09:24:44 +02:00
Manuel Pégourié-Gonnard	d5c82fb821	Merge pull request #6085 from Zaya-dyno/validation_remove_change_cipher ... Validation remove and change in files related to cipher in library	2022-09-22 09:10:13 +02:00
Tom Cosgrove	c573882674	Merge remote-tracking branch 'upstream/development' into issue-6015-montgomery-multiplication	2022-09-21 12:08:43 +01:00
Manuel Pégourié-Gonnard	d433cd7d07	Merge pull request #6283 from mpg/driver-only-hashes-wrap-up ... Driver only hashes wrap-up	2022-09-21 08:29:46 +02:00
Dave Rodgman	36e1d9ef1d	Merge pull request #6203 from wernerlewis/ecp_group_test ... Add test for ECP group metadata	2022-09-20 17:35:53 +01:00
Tom Cosgrove	b0b77e1b13	Document and test aliasing of the bignums given to mbedtls_mpi_core_mla() ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-20 13:33:40 +01:00
Tom Cosgrove	ea45c1d2d4	Document and test aliasing of output for mbedtls_mpi_core_montmul() ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-20 13:17:51 +01:00
Werner Lewis	05feee1841	Restore vbuf value after modification ... Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 12:05:58 +01:00
Werner Lewis	ccae25b4bf	Add explicit mbedtls_ecp_tls_read_group_id call ... Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 10:00:07 +01:00
Werner Lewis	7403d93f8a	Add leading zeros to group metadata ... Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 09:41:05 +01:00
Werner Lewis	57807308d5	Fix typo in MBEDTLS_ECP_DP_BP512R1 ... Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 09:16:11 +01:00
Tom Cosgrove	f2b3818a69	Test when all three inputs to mbedtls_mpi_core_sub() are aliased ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-20 09:08:31 +01:00
Manuel Pégourié-Gonnard	1367f40d38	Fix memory corruption in an SSL test function ... Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-19 11:00:23 +02:00
Andrzej Kurek	2be1689504	Add capacity testing to EC J-PAKE to PMS tests ... Let the caller restrict the capacity but limit it to 32 bytes. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-16 07:14:04 -04:00
Andrzej Kurek	d37850404a	Add derivation step testing to EC J-PAKE to PMS tests ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-16 06:45:44 -04:00
Manuel Pégourié-Gonnard	07018f97d2	Make legacy_or_psa.h public. ... As a public header, it should no longer include common.h, just use build_info.h which is what we actually need anyway. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-16 12:02:48 +02:00
Gilles Peskine	a844b4b370	No need to use MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED in tests ... Initializing return status variables to CORRUPTION_DETECTED is a second line of defense in library code in case there's a code path where we forget to assign to the variable. This isn't useful in test code. In any case, here, we might as well define the variable at the point of use. This fixes a build error in configurations with MBEDTLS_ERROR_C and MBEDTLS_PSA_CRYPTO_C both disabled, because then mbedtls/error.h isn't included so MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED isn't defined. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-15 21:05:04 +02:00
Gilles Peskine	945b23c46f	Include platform.h unconditionally: automatic part ... We used to include platform.h only when MBEDTLS_PLATFORM_C was enabled, and to define ad hoc replacements for mbedtls_xxx functions on a case-by-case basis when MBEDTLS_PLATFORM_C was disabled. The only reason for this complication was to allow building individual source modules without copying platform.h. This is not something we support or recommend anymore, so get rid of the complication: include platform.h unconditionally. There should be no change in behavior since just including the header should not change the behavior of a program. This commit replaces most occurrences of conditional inclusion of platform.h, using the following code: ``` perl -i -0777 -pe 's!#if.*\n#include "mbedtls/platform.h"\n(#else.*\n(#define (mbedtls|MBEDTLS)_.*\n|#include <(stdarg|stddef|stdio|stdlib|string|time)\.h>\n)*)?#endif.*!#include "mbedtls/platform.h"!mg' $(git grep -l '#include "mbedtls/platform.h"') ``` Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-15 20:33:07 +02:00
Tom Cosgrove	c71ca0cb3c	Remove some unnecessary whitespace (two spaces after commas) ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 15:38:17 +01:00
Tom Cosgrove	dbc156172c	Don't bother to test b + a after testing a + b if a == b ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 15:36:23 +01:00
Tom Cosgrove	17f1fdca0f	Update comments in mpi_core_add_if() test ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 15:23:56 +01:00
Tom Cosgrove	b7438d1f62	Update name of mbedtls_mpi_montg_init() ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 15:05:59 +01:00
Tom Cosgrove	359feb0d2f	Better wording for the reason why we use an input MPI for a scalar value ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:52:34 +01:00
Tom Cosgrove	e2159f2083	Use the MAX() macro ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:40:10 +01:00
Tom Cosgrove	be7209db1f	Remove unnecessary casts ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:32:38 +01:00
Tom Cosgrove	50c477bd6b	Use S and sum (rather than X/expected) in mpi_core_add_if() ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:28:30 +01:00
Tom Cosgrove	1feb5ac1b7	Switch to using TEST_LE_S() and TEST_LE_U() in tests ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:22:35 +01:00
Tom Cosgrove	2b177926ad	Use ASSERT_ALLOC() in tests ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:07:18 +01:00
Manuel Pégourié-Gonnard	18dff1f226	Merge pull request #5871 from superna9999/4153-psa-expose-ec-j-pake ... Expose ECJPAKE through the PSA Crypto API	2022-09-15 09:25:55 +02:00
Nick Child	8ce1b1afc8	pkcs7: Correct various syntatical mistakes ... Resond to feedback from the following comments: - use correct spacing [1-7] - remove unnecessary parenthesis [8] - fixup comments [9-11] - remove unnecessary init work [12] - use var instead of type for sizeof [13] [1] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953655691 [2] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953661514 [3] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953689929 [4] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953696384 [5] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953697558 [6] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953697793 [7] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953697951 [8] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953699102 [9] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r971223775 [10] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967133905 [11] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967135932 [12] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967151430 [13] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967154159 Signed-off-by: Nick Child <nick.child@ibm.com>	2022-09-14 15:13:52 -05:00
Nick Child	34d5e931cf	pkcs7: Use better return code for unimplemented specifications ... In response to feedback [1] [2], use MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE instead of MBEDTLS_ERR_PKCS7_INVALID_FORMAT for errors due to the pkcs7 implemntation being incomplete. [1] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953649079 [2] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953658276 Signed-off-by: Nick Child <nick.child@ibm.com>	2022-09-14 14:44:03 -05:00
Nick Child	8a94de40c7	test/pkcs7: Reduce number of test functions ... In response to feedback[1], we can reuse much of the functions in similar test cases by specifying some additional parameters. Specifically, test cases which probe the functionality of `mbedtls_pkcs7_parse_der` have all been merged into one test function. Additionally, all test cases which examine the `mbedtls_pkcs7_signed_data_verify` and `mbedtls_pkcs7_signed_hash_verify` functions have been merged into two test functions (one for single and one for multiple signers). [1] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953686780 Signed-off-by: Nick Child <nick.child@ibm.com>	2022-09-14 11:27:29 -05:00
Andrzej Kurek	d8705bc7b7	Add tests for the newly created ad-hoc EC J-PAKE KDF ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-14 08:39:41 -04:00
Przemek Stekiel	40afdd2791	Make use of MBEDTLS_MAX_HASH_SIZE macro ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-06 14:18:45 +02:00
Neil Armstrong	2a73f21878	Fixup expected status handling in ecjpake_setup() and add more coverage for psa_pake_set_password_key() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-09-06 11:34:54 +02:00
Neil Armstrong	78c4e8e9cb	Make ecjpake_do_round() return void and use TEST_ASSERT with a descriptive text instead of returning a value ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-09-05 18:08:13 +02:00
Neil Armstrong	51009d7297	Add comment in ecjpake_do_round() explaining input errors can be detected any time in the input sequence ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-09-05 17:59:54 +02:00
Andrzej Kurek	c502210291	Adjust pkparse test dependencies ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-02 15:33:20 -04:00
Tom Cosgrove	1135b20064	Add mbedtls_mpi_core_add_if() tests for when inputs are aliased ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-02 11:46:18 +01:00
Tom Cosgrove	42dfac6ae8	Rename variables and update comments in mpi_core_mla test ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-02 11:27:39 +01:00
Tom Cosgrove	a043aeb95c	Rename variables and update comments in mpi_core_sub test ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-02 11:27:39 +01:00
Tom Cosgrove	eceb4ccfc3	Rename variables and update comments in mpi_core_add_if test ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-02 11:27:31 +01:00
Tom Cosgrove	1b2947a614	Remove mbedtls_ prefix from bignum test cases ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-02 10:24:55 +01:00
Andrzej Kurek	7a32072038	Setup / deinitialize PSA in pk tests only if no MD is used ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-02 04:07:15 -04:00
Andrzej Kurek	26909f348f	Add PSA initialization and teardown to tests using pkcs5 ... If PSA is defined and there is no MD - an initialization is required. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-02 04:05:37 -04:00
Andrzej Kurek	ed98e95c81	Adjust pkcs5 test dependencies ... Hashing via PSA is now supported Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-02 04:03:25 -04:00
Andrzej Kurek	dd36c76f09	Provide a version of pkcs5_pbkdf2_hmac without MD usage ... Use the new implementation locally Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-02 04:03:25 -04:00
Manuel Pégourié-Gonnard	97fc247d6a	Merge pull request #6232 from AndrzejKurek/pkcs12-no-md ... Remove MD dependency from pkcs12 module	2022-09-02 09:43:13 +02:00
Nick Child	62b2d7e7d4	pkcs7: Support verification of hash with multiple signers ... Make `mbedtls_pkcs7_signed_hash_verify` loop over all signatures in the PKCS7 structure and return success if any of them verify successfully. Signed-off-by: Nick Child <nick.child@ibm.com>	2022-09-01 19:45:41 -05:00
Daniel Axtens	3538479faa	pkcs7: support multiple signers ... Rather than only parsing/verifying one SignerInfo in the SignerInfos field of the PKCS7 stucture, allow the ability to parse and verify more than one signature. Verification will return success if any of the signatures produce a match. Signed-off-by: Daniel Axtens <dja@axtens.net> Signed-off-by: Nick Child <nick.child@ibm.com>	2022-09-01 19:45:41 -05:00
Nick Child	8a10f66692	test/pkcs7: Add init for PSA tests ... Initialize the PSA subsystem in the test functions. Signed-off-by: Nick Child <nick.child@ibm.com>	2022-09-01 19:45:41 -05:00
Nick Child	45525d3768	pkcs7: Fix dependencies for pkcs7 tests ... Fixes include removing PEM dependency for greater coverage when PEM config is not set and defining test dependencies at the appropriate level. Signed-off-by: Nick Child <nick.child@ibm.com>	2022-09-01 19:45:41 -05:00
Nick Child	6671841d91	pkcs7.c: Do not ignore return value of mbedlts_md ... CI was failing due to the return value of mbedtls_md being ignored. If this function does fail, return early and propogate the md error. Signed-off-by: Nick Child <nick.child@ibm.com>	2022-09-01 19:45:41 -05:00
Manuel Pégourié-Gonnard	600bd30427	Avoid unwanted eol conversion of test data ... Also, text files don't need to be generated by the Makefile. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-01 19:45:41 -05:00
Nayna Jain	673a226698	pkcs7: add support for signed data ... OpenSSL provides APIs to generate only the signted data format PKCS7 i.e. without content type OID. This patch adds support to parse the data correctly even if formatted only as signed data Signed-off-by: Nayna Jain <nayna@linux.ibm.com>	2022-09-01 19:45:41 -05:00
Nayna Jain	c9deb184b0	mbedtls: add support for pkcs7 ... PKCS7 signing format is used by OpenPOWER Key Management, which is using mbedtls as its crypto library. This patch adds the limited support of pkcs7 parser and verification to the mbedtls. The limitations are: * Only signed data is supported. * CRLs are not currently handled. * Single signer is supported. Signed-off-by: Daniel Axtens <dja@axtens.net> Signed-off-by: Eric Richter <erichte@linux.ibm.com> Signed-off-by: Nayna Jain <nayna@linux.ibm.com>	2022-09-01 19:45:33 -05:00
Tuvshinzaya Erdenekhuu	7714368667	Remove unused variable ... Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-09-01 17:11:14 +01:00
Tuvshinzaya Erdenekhuu	08b223443f	Add new tests ... Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-09-01 16:18:00 +01:00
Tuvshinzaya Erdenekhuu	fe7524de03	Make minor style change ... Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-09-01 16:07:18 +01:00
Tom Cosgrove	b0fb17a829	Use ASSERT_COMPARE() instead of memcmp() in new tests ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-01 15:04:43 +01:00
Andrzej Kurek	7bd12c5d5e	Remove MD dependency from pkcs12 module ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-01 08:57:41 -04:00
Tom Cosgrove	9339f05a81	Swap arguments of TEST_EQUAL() where it improves readability ... Especially for a sequence of similar lines of test code, or where the result of an expression is being compared to a short integer (especially 0 or 1). Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-01 13:02:53 +01:00
Manuel Pégourié-Gonnard	0777ec1625	Merge pull request #6109 from superna9999/6100-crash-in-test-suite-x509write ... Crash in test suite x509write config full no seedfile	2022-09-01 11:18:30 +02:00
Tuvshinzaya Erdenekhuu	7e2e2a9762	Add new checks in rsa_invalid_param test ... This new checks covers previous commits Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-08-31 10:15:59 +01:00
Tuvshinzaya Erdenekhuu	61f1372b8c	Remove unused variables from shax.function ... Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-08-31 10:15:25 +01:00
Tuvshinzaya Erdenekhuu	ca6fde2e1f	Enable invalid param test in sha512 ... Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-08-31 10:15:25 +01:00
Tuvshinzaya Erdenekhuu	1db192bc5a	Enable invalid param test in sha256 ... Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-08-31 10:15:25 +01:00
Tuvshinzaya Erdenekhuu	d5ebedffd0	Removed unused variable in cipher test ... Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-08-31 10:14:57 +01:00
Tuvshinzaya Erdenekhuu	104eb7f4a8	Enabled invalid param test for gcm ... Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-08-31 10:14:57 +01:00
Tuvshinzaya Erdenekhuu	6c68927948	Enabled invalid param test for cipher ... Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-08-31 10:14:57 +01:00
Tuvshinzaya Erdenekhuu	c7d7220814	Enabled invalid param test in camellia ... Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-08-31 10:14:57 +01:00
Tuvshinzaya Erdenekhuu	c855bf5285	Enabled invalid param test for aes ... Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-08-31 10:14:57 +01:00
Tuvshinzaya Erdenekhuu	0050b918f0	Added new tests in pk_invalid_param ... Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-08-31 10:14:25 +01:00
Tuvshinzaya Erdenekhuu	ed99ed34f3	Add spaces to comply with coding style ... Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-08-31 10:14:25 +01:00
Tuvshinzaya Erdenekhuu	c388af63e4	Remove extra spacings ... Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-08-31 10:14:25 +01:00
Tuvshinzaya Erdenekhuu	79bf51a109	Add new test for invalid param in pk.c ... Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-08-31 10:14:25 +01:00
Neil Armstrong	e5fdf20a79	Make ecjpake_rounds test depends on PSA_WANT_ALG_TLS12_PSK_TO_MS ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-08-31 10:49:18 +02:00
Neil Armstrong	eae1dfcc46	Change to more efficient error injection in ecjpake_do_round() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-08-31 10:49:18 +02:00
Neil Armstrong	db5b960a7e	Permit any psa_pake_input() step to fail when error injected in input ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-08-31 10:49:18 +02:00
Neil Armstrong	75673abef5	Only build ecjpake_do_round() is PSA_WANT_ALG_JPAKE is defined ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-08-31 10:49:18 +02:00
Neil Armstrong	8c2e8a6cda	Add ecjpake_rounds_inject tests to exercise error injection ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-08-31 10:49:18 +02:00
Neil Armstrong	f983caf6c4	Move JPAKE rounds into a common function, add reordering and error injection ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-08-31 10:49:18 +02:00
Neil Armstrong	1e855601ca	Fix psa_pake_get_implicit_key() state & add corresponding tests in ecjpake_rounds() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-08-31 10:49:18 +02:00