Commit graph

81 commits

Author SHA1 Message Date
Tomi Fontanilles
8174662b64 pk: implement non-PSA mbedtls_pk_sign_ext()
This makes the function always available with its
its implementation depending on MBEDTLS_USE_PSA_CRYPTO.

Related dependencies and tests are updated as well.

Fixes #7583.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
2023-12-20 12:59:57 +02:00
Valerio Setti
db6b4db7a0 Renaming all MBEDTLS_HAVE for curves to MBEDTLS_ECP_HAVE
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:41 +02:00
Valerio Setti
6d809cc969 lib/test: use new internal helpers in library's code and tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:41 +02:00
Waleed Elmelegy
d7bdbbeb0a Improve naming of mimimum RSA key size generation configurations
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 14:50:09 +00:00
Waleed Elmelegy
3d158f0c28 Adapt tests to work on all possible minimum RSA key sizes
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 11:03:35 +00:00
Waleed Elmelegy
76336c3e4d Enforce minimum key size when generating RSA key size
Add configuration to enforce minimum size when
generating a RSA key, it's default value is 1024
bits since this the minimum secure value currently
but it can be any value greater than or equal 128
bits. Tests were modifed to accommodate for this
change.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 10:58:25 +00:00
Valerio Setti
545a0d643f test: replace occurencies of ECP_LIGHT with PK_HAVE_ECC_KEYS
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-19 19:24:05 +02:00
Valerio Setti
6c496a1553 solve disparities for ECP_LIGHT between ref/accel
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-11 11:33:50 +02:00
Manuel Pégourié-Gonnard
0b8095d96a PK: use MD_CAN macros
sed -i -f md.sed tests/suites/test_suite_pk{,parse,write}.*

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-21 16:28:00 +01:00
Valerio Setti
a1e3e3a28f test: pk: keep PK_WRITE_C only in RSA tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-08 13:39:10 +01:00
Valerio Setti
4836374088 test: ECDSA driver only: fixing disparities in tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-07 08:02:23 +01:00
Manuel Pégourié-Gonnard
6ea0a8d883 Disable 'wrong salt len' PK test with USE_PSA
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-29 10:07:08 +01:00
Gilles Peskine
58e5d804ee test_suite_pk: Add missing dependencies on MBEDTLS_PEM_PARSE_C
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-10-11 20:57:38 +02:00
Tuvshinzaya Erdenekhuu
79bf51a109 Add new test for invalid param in pk.c
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
2022-08-31 10:14:25 +01:00
Manuel Pégourié-Gonnard
e741c61d54 Adjust dependencies in test_suite_pkcs1_v21
sed -i -f md_or_psa_hash.sed \
        tests/suites/test_suite_pkcs1_v21.data
        tests/suites/test_suite_pk.data

with md_or_psa_hash.sed containing:

    s/MBEDTLS_MD5_C/MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA/g
    s/MBEDTLS_RIPEMD160_C/MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA/g
    s/MBEDTLS_SHA1_C/MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA/g
    s/MBEDTLS_SHA224_C/MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA/g
    s/MBEDTLS_SHA256_C/MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA/g
    s/MBEDTLS_SHA384_C/MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA/g
    s/MBEDTLS_SHA512_C/MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA/g

(The only lines in pk.data that still had old-style dependencies where
the ones about PKCS1_V21.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-08-11 12:50:06 +02:00
Werner Lewis
3ccc116c35 Apply test data changes for conflicting cases
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:17:45 +01:00
Werner Lewis
9802d36168 Remove radix arg from bignum tests
Cases where radix was explictly declared are removed in most cases,
replaced using script. bignum arguments are represented as hexadecimal
strings. This reduces clutter in test data and makes bit patterns
clearer.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:07:14 +01:00
Manuel Pégourié-Gonnard
0aabb6d8b9 Fix dependency in test_suite_pk
When USE_PSA is disabled and ECDSA_DETERMINISTIC is enabled, generating
ECDSA signatures via PK requires use of the hash via the MD layer (in
HMAC-DRBG, used by deterministic ECDSA).

When USE_PSA is enabled, ECDSA signatures via PK go through PSA which
always uses non-deterministic ECDSA, so does not rely on HMAC-DRBG/MD.

The condition used here is slightly too strong, but expressing exactly
the optimal condition seems more effort than it's worth for just 3 test
cases.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-22 10:55:06 +02:00
Manuel Pégourié-Gonnard
db2c80402a Fix dependencies in test_suite_pk
Using VIA_MD_OR_PSA_BASED_ON_USE_PSA was justified by the fact that
until a few commits ago, the test functions here computed hashes using
either MD or PSA, depending on whether USE_PSA was defined (which itself
was justified by the loose reasoning that "PK is USE_PSA territory").

A few commits ago, test code stopped computing hashes because the hash
values became part of the test data. PK itself does not compute hashes.
As a result, VIA_MD_OR_PSA_BASED_ON_USE_PSA is no longer justified.

There are now two kinds of tests:
- those that only rely on hash data (ECDSA, RSA PKCS#1 v1.5) should
depend on VIA_LOWLEVEL_OR_PSA as that is the minimal dependency, hence
the one used for data
- those that were the layer below PK will internally compute a hash (RSA
PKCS#1 v2.1): currently this hash is always computed using MD (on which
MBEDTLS_PKCS1_V21 depends), so legacy dependencies like MBEDTLS_SHA256_C
should be used for now. The previous dependency was morally wrong, it
didn't show in the driver-only tests only because PKCS#1 v2.1 is
disabled in this test for now.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-21 13:34:46 +02:00
Manuel Pégourié-Gonnard
73692b7537 Rework macros expressing dependencies
Fix usage with sed:

s/MBEDTLS_OR_PSA_WANT_\([A-Z_0-9]*\)/MBEDTLS_HAS_\1_VIA_LOWLEVEL_OR_PSA/
s/MBEDTLS_USE_PSA_WANT_\([A-Z_0-9]*\)/MBEDTLS_HAS_\1_VIA_MD_OR_PSA_BASED_ON_USE_PSA/

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-21 12:11:53 +02:00
Manuel Pégourié-Gonnard
4608c48b0c Rm useless use of MD in PK test functions
Same rationale as previous "Rm useless use of MD" commits.

Here the first two test functions were already not depending on MD_C,
but the new version is much simpler, as it avoids having two versions of
the code depending on the value of USE_PSA.

Changes to the data file generated with the following Python script:

import hashlib

suite = 'pk'
functions = {
        'pk_rsa_verify_test_vec': (2, 1, True),
        'pk_rsa_verify_ext_test_vec': (2, 1, True),
        'pk_sign_verify_restart': (6, 7, False),
}

def hash_ctx(s):
    if s == 'MBEDTLS_MD_MD5':
        return hashlib.md5()
    if s == 'MBEDTLS_MD_SHA1':
        return hashlib.sha1()
    if s == 'MBEDTLS_MD_SHA224':
        return hashlib.sha224()
    if s == 'MBEDTLS_MD_SHA256':
        return hashlib.sha256()
    if s == 'MBEDTLS_MD_SHA384':
        return hashlib.sha384()
    if s == 'MBEDTLS_MD_SHA512':
        return hashlib.sha512()
    if s == 'MBEDTLS_MD_RIPEMD160':
        return hashlib.new("ripemd160")

def fix(l):
    parts = l.rstrip().split(":")

    fun = parts[0]
    if fun not in functions:
        return l

    (alg_idx, msg_idx, is_hex) = functions[fun]

    alg_str = parts[alg_idx]
    if alg_str == "MBEDTLS_MD_NONE" or alg_str == "255":
        return l
    h = hash_ctx(alg_str)

    msg_str = parts[msg_idx][1:-1]
    msg = bytes.fromhex(msg_str) if is_hex else bytes(msg_str, 'ascii')
    h.update(msg)
    msg_hash = h.hexdigest()
    msg_hash_str = '"' + msg_hash + '"'

    parts[msg_idx] = msg_hash_str
    return ":".join(parts) + '\n'

filename = 'tests/suites/test_suite_' + suite + '.data'
with open(filename) as f:
    lines = f.readlines()

lines = [fix(l) for l in lines]

with open(filename, 'w') as f:
    f.writelines(lines)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-18 10:55:56 +02:00
Manuel Pégourié-Gonnard
bbd0dc6cbd Fix hash-specific dependencies of test_suite_pk
Applied:

    sed -i -f use_psa_hash.sed tests/suites/test_suite_pk.*

with use_psa_hash.sed as follows:

    s/MBEDTLS_MD5_C/MBEDTLS_USE_PSA_WANT_ALG_MD5/g
    s/MBEDTLS_RIPEMD160_C/MBEDTLS_USE_PSA_WANT_ALG_RIPEMD160/g
    s/MBEDTLS_SHA1_C/MBEDTLS_USE_PSA_WANT_ALG_SHA_1/g
    s/MBEDTLS_SHA224_C/MBEDTLS_USE_PSA_WANT_ALG_SHA_224/g
    s/MBEDTLS_SHA256_C/MBEDTLS_USE_PSA_WANT_ALG_SHA_256/g
    s/MBEDTLS_SHA384_C/MBEDTLS_USE_PSA_WANT_ALG_SHA_384/g
    s/MBEDTLS_SHA512_C/MBEDTLS_USE_PSA_WANT_ALG_SHA_512/g

With this commit, test_suite_pk achieves parity between:

- crypto_full minus PKCS#1v2.1
- same minus MD (from all.sh's test_crypto_full_no_md)

and between:

- default config plus use_psa minus PKCS#1v2.1
- same with accelerators (test_psa_crypto_config_accel_hash_use_psa)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-12 11:11:20 +02:00
Manuel Pégourié-Gonnard
69e348db85
Merge pull request #5833 from superna9999/5826-create-mbedtls-pk-can-do-psa
Permissions 1: create `mbedtls_pk_can_do_ext()`
2022-05-23 10:58:32 +02:00
Neil Armstrong
c661ff51c9 Fix pk_can_do_ext tests with non-opaque keys
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 09:49:04 +02:00
Neil Armstrong
5c5b116a49 Add pk_can_do_ext test for non-opaque keys
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-19 18:07:53 +02:00
Neil Armstrong
8eb0afb726 Remove duplicate pk_can_do_ext test
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-17 14:58:11 +02:00
Neil Armstrong
408f6a60a3 Add usage parameter to mbedtls_pk_can_do_ext()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-17 14:23:20 +02:00
Neil Armstrong
ce1d2397d2 Add tests for mbedtls_pk_can_do_ext() in test_suite_pktest_suite_pk
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-12 11:53:02 +02:00
Neil Armstrong
b32ae72e27 Add PK Opaque RSA decrypt tests
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-02 09:14:58 +02:00
Manuel Pégourié-Gonnard
ad47487e25
Merge pull request #5742 from superna9999/5669-review-test-incompatible-psa
Fixup or re-enable tests with Use PSA
2022-04-28 09:57:13 +02:00
Neil Armstrong
655725a624 Unify PSA & non-PSA Verify ext RSA #5 test, and handle different return in pk_rsa_verify_ext_test_vec()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-15 12:00:16 +02:00
Neil Armstrong
999930e447 Add RSA PK Wrapped Sign ext tests
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-13 14:55:17 +02:00
Neil Armstrong
cb87403560 Use 1024 bits RSA key size for RSA PK Opaque tests
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-08 15:14:40 +02:00
Neil Armstrong
67fc036976 Add support for RSA wrap in pk_psa_sign() test
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-07 14:51:47 +02:00
Neil Armstrong
5b87ebb601 Prepare pk_psa_sign() test to accept RSA parameters
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-07 14:51:47 +02:00
Neil Armstrong
0cd78ddd71 Update test for Opaque PK key
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-07 14:51:47 +02:00
Jerry Yu
5fb7d176f3 Replace rsakey to 2048bits for test
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-23 11:16:53 +08:00
Jerry Yu
cef3f33012 Guard rsa sig algs with rsa_c and pkcs1_v{15,21}
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 23:16:42 +08:00
Jerry Yu
e2c882518c Add pk_sign_ext unit tests
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 21:24:19 +08:00
Jerry Yu
92339d25b4 Add more unit test for pk_sign_ext
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:14:53 +08:00
Jerry Yu
b3bfe9f5d2 Add verify for pk_sign_ext test
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:14:53 +08:00
Jerry Yu
1f45b67474 Add unit tests
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Neil Armstrong
7f1055223d Remove pk_rsa_encrypt_test_vec() test in favor to pk_rsa_encrypt_decrypt_test()
Not checking the encrypt result with PSA makes the test useless.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-03 16:33:39 +01:00
Neil Armstrong
e0df42cbb7 Introduce pk_rsa_encrypt_decrypt_test
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-03 16:33:39 +01:00
Andrzej Kurek
32048a6d92 pk_verify_ext: introduce more tests for signature length mismatches
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-16 06:17:00 -05:00
Andrzej Kurek
8666df6f18 Add signature length mismatch handling when using PSA in pk_verify_ext
Introduce a regression test for that too.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-15 08:23:02 -05:00
Andrzej Kurek
7db1b78fff Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO
Duplicate a test case but with a different expected error
due to error translation to and from PSA.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-02-09 14:13:44 -05:00
Ronald Cron
875b5fb7fa Refactor optional parameter check tests
Remove tests related to NULL pointers,
keep tests related to invalid enum values.
Remove test code related to MBEDTLS_CHECK_PARAMS.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:27:14 +02:00
Paul Elliott
8ff510ac26 Rename ECC Family Macros According to PSA Spec
Rename PSA_ECC_CURVE_xxx to PSA_ECC_FAMILY_xxx, also rename
PSA_KEY_TYPE_GET_CURVE to PSA_KEY_TYPE_ECC_GET_FAMILY and rename
psa_ecc_curve_t to psa_ecc_family_t. Old defines are provided in
include/crypto_compat.h for backward compatibility.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2020-07-02 16:59:30 +01:00
Gilles Peskine
b87b719467 Remove old values of curve encodings
Remove the values of curve encodings that are based on the TLS registry
and include the curve size, keeping only the new encoding that merely
encodes a curve family in 8 bits.

Keep the old constant names as aliases for the new values and
deprecate the old names.
2020-01-31 10:24:21 +01:00