This patch introduces the `EcpP255Raw` test class for testing
the curve using the preestablished `ecp_mod_p_generic_raw()`
test. The test's logic has been updated accordingly.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This commit adds configuration check in check_config.h if
MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enabled.
Furthermore, MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is disabled
by default in scripts/config.py for full configuration.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
The build option MBEDTLS_PSA_INJECT_ENTROPY requires some extra platform
functions, for historical reasons. To enable us to test this option, provide
a version of these functions for testing.
(These versions would actually work in production, but providing them in the
library in a way that doesn't break existing users might be slightly tricky,
so it's out of scope of this commit.)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
(Reapplying changes as one commit on top of development post codestyle change instead of rewriting old branch)
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
This patch introduces automatic test input generation for
`mpi_core_shift_l()` function.
It also adds two utility functions in bignum_common.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This patch introduces basic unit-testing for the `ecp_mod_p256k1()`.
The method is exposed through the ecp_invasive interface, and
the standard testing data is being provided by the python framework.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
The script requires cryptography >= 35.0.0, we
need to check the version and provide meaningful
error message when the package version was too
old.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
This patch introduces basic unit-testing for the `ecp_mod_p224k1()`.
The method is exposed through the ecp_invasive interface, and
the standard testing data is being provided by the python framework.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This patch enables declaring dependencie as test-class
members. ECP curve functions have been updated
to use the new capability.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This patch replaces similiarly structured test functions
for:
* MBEDTLS_ECP_DP_SECP192R1
* MBEDTLS_ECP_DP_SECP224R1
* MBEDTLS_ECP_DP_SECP256R1
* MBEDTLS_ECP_DP_SECP384R1
* MBEDTLS_ECP_DP_BP512R1R1
with a more generic version, which adjusts the parameters, based on the `curve_id` field,
provided by the testing data.
The python test framework has been updated to provide that extra field.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
The support for the PSA crypto driver interface
is not optional anymore as the implementation of
the PSA cryptography interface has been restructured
around the PSA crypto driver interface (see
psa-crypto-implementation-structure.md). There is
thus no purpose for the configuration options
MBEDTLS_PSA_CRYPTO_DRIVERS anymore.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Move the global variable to the PSA layer, and just set that when calling PSA
level functions.
Move the internal ecp set to before each ecp call.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Adapt pake test (passing NULL buffers is not allowed).
Passing the null buffer to psa_pake_output results in a hard fault.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
In the future key attributes will be available for opaque driver via psa_crypto_driver_pake_get_password_key().
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
- Add `alg` and `computation_stage` to `psa_pake_operation_s`.
Now when logic is moved to core information about `alg` is required.
`computation_stage` is a structure that provides a union of computation stages for pake algorithms.
- Move the jpake operation logic from driver to core. This requires changing driver entry points for `psa_pake_output`/`psa_pake_input` functions and adding a `computation_stage` parameter. I'm not sure if this solution is correct. Now the driver can check the current computation stage and perform some action. For jpake drivers `step` parameter is now not used, but I think it needs to stay as it might be needed for other pake algorithms.
- Removed test that seems to be redundant as we can't be sure that operation is aborted after failure.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Move the obfuscation of the internal library only returning a delta of ops done
into the driver wrapper, thus meaning driver wrapper and API call both return
absolute values of work done. Document the differences at the internal
implementation level.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Move to accumulate ops in context rather than attempting to read straight out
of structures due to structure ops getting reset per operation, and also
issues with _abort clearing internal data. Fix usage of size_t in structures
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Pacify Clang >=15 which complained:
```
include/psa/crypto.h:91:23: error: empty paragraph passed to '\retval' command [-Werror,-Wdocumentation]
* \retval #PSA_SUCCESS
~~~~~~~~~~~~~~~~~~~^
```
This commit performs the following systematic replacement:
```
perl -i -0777 -p -e 's/([\\@])(retval +\S+)\n(?! *\*? *([^\n \\*\/]|\\[cp]\b))/$1$2 ${1}emptydescription\n/g' $(git ls-files '*.[hc]' '*.function' '*.jinja')
```
i.e. add an `\emptydescription` argument to `\retval` commands (or
`@retval`, which we don't normally used) that are followed by a single word,
unless the next line looks like it contains text which would be the
description.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit rename `--files` options to `--subset` and
it means to check a subset of the files known to git.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
If HOSTCC is set, use that to generate files, otherwise use CC. This
should make cross-compilation with generated files slightly easier.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Move compilation to a separate helper function in c_build_helper.py to
allow more generic use.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
The 'MBEDTLS_TEST_HOOKS' belongs to a test function and
not to a test case.
This reverts commit 1e8c210b9d.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
This prevents a return type error in a later function that uses the
dictionaries here properly typed.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Instead of capturing the output of diff and printing it, let diff do its
own outputting and se the return code to decide what to do.
This also means that the conversion of stdout to UTF-8 is not necessary,
as the reason it was needed was for printing diffs of files with UTF-8
characters in them.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Whilst it is true that "silence is golden", no output at all could be
disconcerting and it makes searching in a CI log more difficult.
Add a simple status message that says "Checked N files, style ok".
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Rename the function to 'fix_quasi_reduction' to better suite its functionality.
Also changed the name prefix to suite for the new module.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
We provide windows and posix implementation for it.
With MBEDTLS_PLATFORM_MS_TIME_ALT, user can provide
their own implementation.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Modify generate_errors.pl such that it can now handle
opening files where the file path includes a directory
name containing spaces.
Raised in issue #6879. Fix provided by
@tom-cosgrove-arm in aforementioned issue.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
Only remove the MBEDTLS_HAVE_INTnn dependency, not any other dependency that
might be present.
No behavior change, this is just robustness.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Explain what's going on in BignumModRawConvertRep.test_case_for_values.
Simplify the logic and the interdependencies related to limb sizes:
* Montgomery is the special case, so base the decisions on it.
* As soon as we've encountered one limb size, no matter what it is,
give up.
No behavior change, other than changing the numbering of test cases (which
previously included more skipped test cases).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This patch introduces a hybrid approach to input_styles, and will remove the
dependency requirements from test cases with `ModulusRepresentation.OPT_RED`
As a result it is reducing testing input duplication.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This patch adjusts the test generating method to calculate all possible combinations for
(modulo, input, limb_sizes, representation).
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This patch adds the default representation attribute through a
setter() method in `BignumModRawConvertRep()`
It also adds standard common template properties:
symbol = ""
input_style = "arch_split"
arity = 1
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
The Montgomery representation depends on the limb size. So the
representation conversion test cases need separate 64-bit and 32-bit cases
when the representation is Montgomery.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add a class for modulus representations (mbedtls_mpi_mod_rep_selector).
Add a method to convert a number to any representation.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
With the default input style (which is "variable"), fill all bignum test
case arguments to the same width as the modulus.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Ideally the result of the generator would conform to the code style, but
this would be difficult, especially with respect to the placement of line
breaks in long logical lines. So, to avoid surprises when checking the style
of generated files (which happens in releases and in long-time support
branches), systematically skip generated files.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Tests are refactored to generate separate cases for 32-bit and 64-bit
limbs using arch_split. Duplicate arguments and branching in the test
function is removed.
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
This patch adds autogenerated inputs for the
`mpi_mod_raw_neg()` test in the bignum_mod_raw suite.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Define and report the supported Uncrustify version (and remove extra
newlines from version output).
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This is only the beginning:
- some test failures in test_suite_pk, test_suite_x509 and ssl-opt.sh
will be fixed in the next few commits;
- then the interactions between those options will be documented and
tested.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Normally we need all the combinations, unique combinations make sense
only if the operation is commutative.
No changes to generated tests.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Remove old dataset that was overriding the defaults in bignum_core. This
will change the datasets for core_sub and core_add to the default
inherited from bignum_common.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Add data for small values, 192 bit and 1024 bit values, primes,
non-primes odd, even, and some typical corner cases.
All subclasses override this for the time being so there are no changes
to the test cases.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The goal of this commit is to add some constants that can be used to
define datasets and add test data in a more readable and reusable
manner.
All platforms using ECC need to support calculations with at least 192
bits, therefore constants for this length are added. We are not using a
curve prime as those will be tested elsewhere and it is better not to
play favourites.
All platforms using RSA or FFDH need to support calculations with at
least 1024 bits, therefore numbers of this size are added too.
A safe prime is added for both sizes as it makes all elements generators
(except 0 and 1 of course), which in turn makes some tests more
effective.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Only fixed width input_style uses the default value of the bits_in_limb
parameter, so set it to 32 in order to have less leading zeroes.
Signed-off-by: Janos Follath <janos.follath@arm.com>
There are no intended changes to generated tests. (The ordering of tests
in the mod_raw module has changed.)
Signed-off-by: Janos Follath <janos.follath@arm.com>
The special case list type depends on the arity and the subclass. Remove
type restriction to make defining special case lists more flexible and natural.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Sometimes we don't want all possible combinations of the input data and
sometimes not all combinations make sense. We are adding a convenient
way to decide on a case by case basis. Now child classes only need to
implement the is_valid method and the invalid cases will be filtered out
automatically.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Having int_ variants as an attribute has the advantage of the input
being validated when the object is instantiated. In theory otherwise if
a particular int_ attribute is not accessed, then the invalid argument
is passed to the tests as it is. (This would in all likelihood detected
by the actual test cases, still, it is more robust like this.)
There are no semantic changes to the generated test cases. (The order
of appearance of 64 and 32 bit mpi_core_add_and_add_if test cases has
changed.)
Signed-off-by: Janos Follath <janos.follath@arm.com>
Before arg_ attributes were the arguments as they were defined in the
python script. Turning these into properties and having them take the
form respect the style set in input_style makes the class easier to use
and more consistent.
This change makes the hex_ properties redundant and therefore they are
removed.
There are no semantic changes to the generated test cases. (The order
of appearance of 64 and 32 bit mpi_core_add_and_add_if test cases has
changed.)
Signed-off-by: Janos Follath <janos.follath@arm.com>
The ArchSplit functionality was duplicated and moved to OperationCommon
from the other copy. The remnants of the functionality is moved to the
only subclass using this.
There is no semantic change to the generated tests. The order has
changed however: core_add tests have been moved before core_mla tests
and the order of the 64 and 32 bit versions have been swapped.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The functionality of ModOperationCommonArchSplit is needed in several
subclasses, therefore moving it to a superclass.
There is another, redundant ArchSplit class, which will be removed in a
later commit.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The class BignumModRawOperationArchSplit has functionality that are
needed in other modules, therefore moving it to bignum_common.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The class BignumModRawOperation implements functionality that are needed
in other modules, therefore we move it to common.
No intended changes to test cases. The order of add_and_add_if and sub tests
have been switched.
Signed-off-by: Janos Follath <janos.follath@arm.com>
We need arch split tests in different modules, moving it to the common
module makes it reusable.
No intended changes in the generated tests. (The position of the
core_add_if tests changed, but they are still all there.)
Signed-off-by: Janos Follath <janos.follath@arm.com>
The class BaseTarget served two purposes:
- track test cases and target files for generation
- provide an abstract base class for individual test groups
Splitting these allows decoupling these two and to have further common
superclasses across targets.
No intended change in generated test cases.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Although negative zero is officially unsupported, we've had bugs related to
it in the past. So do test functions with a negative zero input.
There will likely be cases where we don't want to accept negative zero as if
it was valid, because it's too hard to handle. We'll add exceptions on a
case by case basis.
For the functions that are currently tested by the generated tests, the new
test cases pass.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This exposes a bug in mbedtls_mpi_add_mpi() and mbedtls_mpi_sub_mpi() which
will be fixed in a subsequent commit.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This patch moves `BignumModRawOperation` and `BignumModRawOperationArchSplit`
outside of the scaffolding merge slot.
It also renames `r_sqrt` property to `r2`.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This patch modifies the BignumModRawOperation class to
provide special access to key members commonly used
in tests.
It binds the module's getters to conversion functions
which enable automatic conversions such as:
* hex to int.
* zero padding hex strings.
* common Montgomery constants such as R, R^2 and R^01
are now be calculated upon access.
class `BignumModRawOperationArchSplit` is also updated to
utilise the new design.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This patch is adding a basic instantance of `BignumModRawOperation`
and creates an `BignumModRawOperationArchSplit` class, copying
over the implementation of `BignumCoreRawOperationArchSplit`.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Fix the PSA_XXX typos detected by check_names.py.
PSA_WANT is actually not typo, but would cause a false negative
result. So PSA_WANT is reworded to PSA_WANT_xxx.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Legacy Bignum is excluded as it doesn't get regular extensions like new
ones.
Each slot uses comments of their respective filetype. Since .data files
don't have a syntax for comments, dummy test cases are used. (These test
cases will never be executed and no noise will be added to tests.)
Signed-off-by: Janos Follath <janos.follath@arm.com>