Commit graph

3815 commits

Author SHA1 Message Date
Andrzej Kurek
b3427823bd Test failing raw_key_agreement in ssl mock tests
Force a bitflip in server key to make the raw key
agreement fail, and then verify that no key slots
are left open at the end. Use a Weierstrass curve
to have a high chance of failure upon encountering
such bitflip.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-04-06 11:24:17 -04:00
Andrzej Kurek
74394a5c39 Add a group_list argument to mocked ssl tests
This will be used to force a group list in certain tests
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-04-06 11:23:34 -04:00
Gilles Peskine
1c7c5969ea
Merge pull request #5683 from paul-elliott-arm/fix_pk_test
Prevent free of uninitialised MPI  variables
2022-04-04 17:51:49 +02:00
Manuel Pégourié-Gonnard
de68e39ddf
Merge pull request #5568 from superna9999/5159-pk-rsa-verification
PK: RSA verification
2022-04-04 11:23:33 +02:00
Ronald Cron
0e980e8e84
Merge pull request #5640 from ronald-cron-arm/version-negotiation-2
TLS 1.2/1.3 version negotiation - 2
2022-04-01 12:29:06 +02:00
Manuel Pégourié-Gonnard
33a9d61885
Merge pull request #5638 from paul-elliott-arm/ssl_cid_accessors
Accessors to own CID within mbedtls_ssl_context
2022-04-01 11:36:00 +02:00
Manuel Pégourié-Gonnard
6a25159c69
Merge pull request #5648 from gabor-mezei-arm/5403_hkdf_use_internal_psa_implementations
HKDF 2: use internal implementations in TLS 1.3
2022-04-01 11:15:29 +02:00
Paul Elliott
02758a51df Add tls CID tests
Add tests to test tls coneection id functionality, including the new
'own cid' accessor.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-31 19:21:41 +01:00
Paul Elliott
ff59a34606 Prevent free of uninitialised variables
In an error case it was possible for mbedtls_mpi variables to be free'd
uninitialised.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-31 17:14:13 +01:00
Dave Rodgman
017a19997a Update references to old Github organisation
Replace references to ARMmbed organisation with the new
org, Mbed-TLS, following project migration.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-03-31 14:43:16 +01:00
Ronald Cron
a980adf4ce
Merge pull request #5637 from ronald-cron-arm/version-negotiation-1
TLS 1.2/1.3 version negotiation - 1
2022-03-31 11:47:16 +02:00
Ronald Cron
37bdaab64f tls: Simplify the logic of the config version check and test it
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-31 09:26:58 +02:00
Neil Armstrong
56d51274d8 Initialize PSA crypto in test_suite_pk for RSA verify tests
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-30 16:39:07 +02:00
Manuel Pégourié-Gonnard
3304f253d7
Merge pull request #5653 from paul-elliott-arm/handshake_over
Add mbedtls_ssl_is_handshake_over()
2022-03-30 12:16:40 +02:00
Ronald Cron
f660655b84 TLS: Allow hybrid TLS 1.2/1.3 in default configurations
This implies that when both TLS 1.2 and TLS 1.3
are included in the build all the TLS 1.2 tests
using the default configuration now go through
a version negotiation on the client side.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 18:58:31 +02:00
Paul Elliott
571f1187b6
Merge pull request #5642 from mprse/ecp_export
Add ECP keypair export function
2022-03-29 17:19:04 +01:00
Ronald Cron
086ee0be0e ssl_tls.c: Reject TLS 1.3 version configuration for server
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 14:42:17 +02:00
Ronald Cron
63d97ad0bb
Merge pull request #5559 from yuhaoth/pr/add-rsae-sha384-sha512
Add rsae sha384 sha512
2022-03-29 14:01:51 +02:00
Przemek Stekiel
6a478ef054 mbedtls_ecp_group_cmp: change names of parameters to more suitable
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-28 07:25:12 +02:00
Gabor Mezei
ed6d6589b3
Use hash algoritm for parameter instead of HMAC
To be compatible with the other functions `mbedtls_psa_hkdf_extract` and
`mbedtls_psa_hkdf_expand` use hash algorithm for parameter.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-26 17:28:06 +01:00
Gabor Mezei
07732f7015
Translate from mbedtls_md_type_t to psa_algorithm_t
Do the translation as early as possible from mbedtls_md_type_t to psa_algorithm_t.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-26 17:04:19 +01:00
Gabor Mezei
5d9a1fe9e9
PSA code depends on MBEDTLS_SSL_PROTO_TLS1_3
With TLS 1.3 support MBEDTLS_PSA_CRYPTO_C is enabled so PSA support
is always enabled.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-26 15:47:15 +01:00
Manuel Pégourié-Gonnard
cefa904759
Merge pull request #5622 from paul-elliott-arm/timing_delay_accessor
Accessor for mbedtls_timing_delay_context final delay
2022-03-25 09:14:41 +01:00
Paul Elliott
42d5e51a98 Make test function name more accurate
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-24 19:41:28 +00:00
Paul Elliott
27b0d94e25 Use mbedtls_ssl_is_handshake_over()
Switch over to using the new function both internally and in tests.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-24 14:43:52 +00:00
Jerry Yu
f8aa9a44aa fix various issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-23 20:54:38 +08:00
Jerry Yu
5fb7d176f3 Replace rsakey to 2048bits for test
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-23 11:16:53 +08:00
Jerry Yu
cef3f33012 Guard rsa sig algs with rsa_c and pkcs1_v{15,21}
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 23:16:42 +08:00
Jerry Yu
701656fb29 fix redefine error
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 21:52:05 +08:00
Jerry Yu
e2c882518c Add pk_sign_ext unit tests
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 21:24:19 +08:00
Jerry Yu
5512ad9df8 fix genkey fail
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:14:53 +08:00
Jerry Yu
92339d25b4 Add more unit test for pk_sign_ext
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:14:53 +08:00
Jerry Yu
b3bfe9f5d2 Add verify for pk_sign_ext test
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:14:53 +08:00
Jerry Yu
5a0afc8a12 fix test fail for pk_sign_ext
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:35 +08:00
Jerry Yu
1f45b67474 Add unit tests
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Gabor Mezei
1e64f7a643
Use MBEDTLS_USE_PSA_CRYPTO macro guard for testing instead of MBEDTLS_PSA_CRYPTO_C
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-21 17:00:54 +01:00
Gabor Mezei
892c4aa295
Update hkdf test cases to handle PSA code
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-21 17:00:54 +01:00
Paul Elliott
21bbb7a888 Add simple test to ensure accessor is working
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-21 15:28:05 +00:00
Paul Elliott
b9af2db4cf Add accessor for timing final delay
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-21 15:26:19 +00:00
Manuel Pégourié-Gonnard
f4042f076b
Merge pull request #5573 from superna9999/5176-5177-5178-5179-tsl-record-hmac
TLS record HMAC
2022-03-21 11:36:44 +01:00
Manuel Pégourié-Gonnard
706f6bae27
Merge pull request #5518 from superna9999/5274-ecdsa-signing
PK: ECDSA signing
2022-03-21 09:57:57 +01:00
Manuel Pégourié-Gonnard
472044f21e
Merge pull request #5525 from superna9999/5161-pk-rsa-encryption
PK: RSA encryption
2022-03-21 09:57:38 +01:00
Przemek Stekiel
a677b5f6c7 Fix minor issues
- parameter name in function description
- test_suite_ecp.data: add new line at the end of file

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-21 09:49:40 +01:00
Neil Armstrong
c23d2e3ef1 Wrap unused declaration in #if/#endif when USE_PSA is set in x509_csr_check()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 15:31:59 +01:00
Przemek Stekiel
4b30feb32e Add test for ECP export
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-18 13:58:26 +01:00
Neil Armstrong
8f92bf3a26 Only make PSA HMAC key exportable when NULL or CBC & not EtM in build_transforms()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 11:10:09 +01:00
Manuel Pégourié-Gonnard
8d4bc5eeb9
Merge pull request #5481 from gabor-mezei-arm/5401_implement_hkdf_extract_based_on_psa_hmac
HKDF 1a: Implement Extract in TLS 1.3 based on PSA HMAC
2022-03-17 11:55:48 +01:00
Manuel Pégourié-Gonnard
15c0e39fff
Merge pull request #5519 from superna9999/5150-pk-rsa-decryption
PK: RSA decryption
2022-03-17 11:02:13 +01:00
Gabor Mezei
88f3b2e502
Update old style test function parameter handling
Use data_t type for hex string parameters.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-16 16:53:23 +01:00
Dave Rodgman
2cecd8aaad
Merge pull request #3624 from daxtens/timeless
RFC: Fix builds with MBEDTLS_HAVE_TIME disabled and test
2022-03-15 16:43:19 +00:00