This is in preparation for running it multiple times with different
alignments.
This commit also fixes the fact that we weren't calling mbedtls_aes_free()
on the context (we still aren't if the test fails). It's not an issue except
possibly in some ALT implementations.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Don't use all-bytes zero as a string, it's harder to debug.
This commit uses the test vectors from FIPS 197 appendix C.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
All tests that call md_setup() or compute a hash of a HMAC may now need
it in some builds.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This will be used in the next commit.
While at it, move driver initialization before RNG init - this will be
handy when the entropy module wants to use drivers for hashes.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
When passed an empty OID, mbedtls_oid_get_numeric_string would read one
byte from the zero-sized buffer and return an error code that depends on
its value. This is demonstrated by the test suite changes, which
check that an OID with length zero and an invalid buffer pointer does
not cause Mbed TLS to segfault.
Also check that second and subsequent subidentifiers are terminated, and
add a test case for that. Furthermore, stop relying on integer division
by 40, use the same loop for both the first and subsequent
subidentifiers, and add additional tests.
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
During test of component build_arm_linux_gnueabi_gcc_arm5vte and
build_arm_none_eabi_gcc_m0plus. It fails with
- error: implicit declaration of function
‘test_fail_if_psa_leaking’
It happens because test_fail_if_psa_leaking is defined in
helpers.function. This block of code is not converted into C code
while compiling ssl_helpers.c. The function has been moved to
psa_crypto_helpers.c in order to fix this build error.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Since we move many functions from test_suite_ssl.function to
ssl_helpers.c in commit 8e2bbdd. This causes various of
build errors. This commit fixes all the build errors by
- including header files
- providing function definition
- adding guards for typedef statements and functions
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Some functions are renamed in commit d51d285. This change moves all
those functions which are used to set up a TLS connection from
test_suite_ssl.function into ssl_helpers.c.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
As the typedef statements and functions are renamed in commit
de3caee and commit d51d285 respectively. This commit aims
to align code lines to fit code standard and improve code
readability.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
With this change, the renamed typedef statements (commit de3caee)
are moved from test_suite_ssl.function into ssl_helpers.h
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
test_suite_ssl.function contains many functions that are used to set
up a TLS connection. To reduce its file size, those functions would
be moved to ssl_helpers.c under tests/src. As the start of this
implementation, some necessary header files are moved in advance.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Add test which uses an expired cert but is otherwise OK, which
passes if and only if MBEDTLS_HAVE_TIME_DATE is not set.
Add similar test which verifies against a different data file,
which must fail regardless of MBEDTLS_HAVE_TIME_DATE.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
Ensure that verification of an expired cert still fails, but
update the test to handle the different error code.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
The test file was created by manually modifying
tests/data_files/pkcs7_data_without_cert_signed.der, using
ASN.1 JavaScript decoder https://lapo.it/asn1js/
Changes made:
The SignerInfos set was truncated to zero length.
All the parent sequences, sets, etc were then adjusted
for their new reduced length.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
Add public key verification tests, and alter test intent comments to make it
obvious that verify_hash_interruptible can do public keys as well as private
and keypairs.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Move all error translation utilities to psa_util.c.
Introduce macros and functions to avoid having
a local copy of the error translating function in
each place.
Identify overlapping errors and introduce a
generic function.
Provide a single macro for all error translations
(unless one file needs a couple of different ones).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Due to a misunderstanding about the purpose of the test, I had limited this to
ECC keys only, however this defeats the purpose of the test, and left gaps in
test coverage.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This is the only test usable for non-deterministic ECDSA, thus needs this
code path testing as well.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Make sure that not calling get_num_ops() inbetweeen calls to complete() does
not mean that ops get lost (Regression test for previous fix).
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Zero is the minimum value defined by the spec, just because the internal
implementation treats zero and one as the same thing does not mean that other
implementations will also do so.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit adds well-formed reproducers for the memory management
issues fixed in the following commits:
290f01b3f5e7f8c616d0f7641544ea
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Adapt pake test (passing NULL buffers is not allowed).
Passing the null buffer to psa_pake_output results in a hard fault.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
- Add `alg` and `computation_stage` to `psa_pake_operation_s`.
Now when logic is moved to core information about `alg` is required.
`computation_stage` is a structure that provides a union of computation stages for pake algorithms.
- Move the jpake operation logic from driver to core. This requires changing driver entry points for `psa_pake_output`/`psa_pake_input` functions and adding a `computation_stage` parameter. I'm not sure if this solution is correct. Now the driver can check the current computation stage and perform some action. For jpake drivers `step` parameter is now not used, but I think it needs to stay as it might be needed for other pake algorithms.
- Removed test that seems to be redundant as we can't be sure that operation is aborted after failure.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This patch introduces the following changes:
* Documentation for `mbedtls_ecp_modulus_setup()`
moved to `ecp_invasive.h`.
* Added invalid modulus selector `MBEDTLS_ECP_MOD_NONE`.
* Adjusted negative tests to use invalid selectors.
* Reworded documentation.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Previously calling get_num_ops more than once would have ended up with ops
getting double counted, and not calling inbetween completes would have ended up
with ops getting missed. Fix this by moving this to where the work is actually
done, and add tests for double calls to get_num_ops().
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
See docs/architecture/psa-migration/md-cipher-dispatch.md
Regarding testing, the no_md component was never very useful, as that's
not something people are likely to want to do: it was mostly useful as
executable documentation of what depends on MD. It's going to be even
less useful when more and more modules auto-enable MD_LIGHT or even
MD_C. So, recycle it to test the build with only MD_LIGHT, which is
something that might happen in practice, and is necessary to ensure that
the division is consistent.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
It was already marked as internal use only, and no longer used
internally. Also, it won't work when we dispatch to PSA.
Remove it before the MD_LIGHT split to avoid a corner case: it's
technically a hashing function, no HMAC or extra metadata, but we still
don't want it in MD_LIGHT really.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Comment originated from original version of this code, and the newer comment
which was added when it was pulled into a seperate function covers all cases.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
We do not need to expect to fail, running another complete in either sign or
verify after successful completion should also return BAD_STATE.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
If an error occurs, calling any function on the same operation should return
PSA_ERROR_BAD_STATE, and we were not honouring that for all errors. Add extra
failure tests to try and ratify this.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
For sign and verify, the pointer passed in to the hash is not guaranteed to
remain valid inbetween calls, thus we need to store the hash in the
operation. Added a test to ensure this is the case.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Test for not having determnistic ECDSA was also being run when no ECDSA, and
this fails earlier. Fixed this and added a specific test for no ECDSA. Also
fixed (swapped) incorrect test descriptions.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Test for unsupported deterministic ECDSA was originally passing due to
incorrect code, fixing the code unfortunately broke the test.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Only 2 options were really possible anyway - complete in 1 op, or somewhere
between 2 and max ops. Anything else we cannot test due to implementation
specifics.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Make sure the number of ops is tested in the interruptible failure tests,
should they get through the interruptible loop part.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Ensure that num_ops is cleared when manual abort is called, but obviously not
when an operation just completes, and test this.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>