Commit graph

7647 commits

Author SHA1 Message Date
Jerry Yu
ad9e99bd2e fix session resumption fail when hostname is not localhost
Change-Id: Icb2f625bb11debb5c7cae36e34d7270f7baae4d5
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-28 12:30:58 +08:00
Minos Galanakis
0c61a749b7 test_suite_bignum_mod_raw: Removed parameter for mbedtls_mpi_mod_modulus_setup()
This patch updates the tests `mpi_mod_raw_cond_swap()` &
`mpi_mod_raw_cond_assign()` to use a non-zero modulus
when invoking `mbedtls_mpi_mod_modulus_setup()`

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-10-28 00:11:19 +01:00
Dave Rodgman
683850b416
Update tests/suites/test_suite_ecdsa.function
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-10-27 20:24:46 +01:00
Minos Galanakis
4d4c98b1b9 bignum_mod: mbedtls_mpi_mod_modulus_setup() refactoring.
This patch addresses more review comments, and fixes
a circular depedency in the `mbedtls_mpi_mod_modulus_setup()`.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-10-27 17:47:26 +01:00
Przemek Stekiel
a380b06c26 Add fake dependency to test CI
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-27 14:15:26 +02:00
Minos Galanakis
771c47055f bignum_mod: Style changes
This patch addresses review comments with regards to style of
`mbedtls_mpi_mod_modulus_setup/free()`.

It also removes a test check which was triggering a use-after-free.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-10-27 12:36:24 +01:00
Minos Galanakis
dd365a526f test_suite_bignum: Updated mpi_mod_setup() test
This patch updates the `mpi_mod_setup()` test suite
to check for incosistencies in the montgomery constant
data's lifecycle.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-10-27 11:43:54 +01:00
Gilles Peskine
9603daddaa
Merge pull request #6230 from tom-cosgrove-arm/issue-6223-core-add
Bignum: extract core_add from the prototype
2022-10-27 11:25:27 +02:00
Przemek Stekiel
120ed8f8fa Add comments to explan the purpose of the reference component
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-27 10:29:15 +02:00
Przemek Stekiel
5f6f32a0ad Remove hidden option to skip ssl-opt and compat tests
Also remove compat tests from reference component as results from this run are not included in outcome file.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-27 08:24:43 +02:00
Gilles Peskine
88f5fd9099
Merge pull request #6479 from AndrzejKurek/depends-py-no-psa
Enable running depends.py in a configuration without MBEDTLS_USE_PSA_CRYPTO and remove perl dependency scripts
2022-10-26 20:02:57 +02:00
Przemek Stekiel
4d13c833da analyze_outcomes.py: remove components and ignore parameters
Use a dictionary to specify optional parameters for each task.
If the task is not specified then all tasks are executed.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-26 16:12:01 +02:00
Ronald Cron
c9176a03a7
Merge pull request #6410 from gilles-peskine-arm/psa-pkparse-pkwrite-3.2
PSA with RSA requires PK_WRITE and PK_PARSE
2022-10-26 14:57:36 +02:00
Gilles Peskine
d4d080b41b
Merge pull request #6407 from minosgalanakis/minos/6017_add_montgomery_constant_squared
Bignum: Added pre-calculation of Montgomery constants
2022-10-26 14:28:16 +02:00
Ronald Cron
4f7feca0dc
Merge pull request #6391 from davidhorstmann-arm/fix-x509-get-name-cleanup
The Open CI ran successfully thus I think we can ignore the internal CI.
2022-10-26 14:27:54 +02:00
Andrzej Kurek
29c002ebdf Remove unused perl dependency scripts
curves.pl, depends-hashes.pl, key-exchanges.pl and depends-pkalgs.pl are now superseded by depends.py.
Update all references to them accordingly.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-26 08:26:58 -04:00
Andrzej Kurek
7cb0077c5d Add all.sh components running depends.py without MBEDTLS_USE_PSA_CRYPTO
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-26 08:26:58 -04:00
Manuel Pégourié-Gonnard
3e0ea98b7c
Merge pull request #6451 from mpg/fix-can-exercise
Fix can_exercise() for RSA and hashes
2022-10-26 10:18:52 +02:00
Gilles Peskine
b06f0717b3 PSA service config build: disable more modules not used by PSA
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-10-25 21:06:11 +02:00
Gilles Peskine
649e04e3d1 PSA service config build: note why we aren't disabling cipher and md
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-10-25 21:05:57 +02:00
Gilles Peskine
1f10807837 Disable pk in the PSA service config build
It's not needed as a feature. It gets reenabled automatically in
build_info.h like pk_write and pk_parse, but that's an implementation
detail.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-10-25 21:02:56 +02:00
Gilles Peskine
78bffd1ff5 Fix spelling of a disabled option
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-10-25 21:02:33 +02:00
Ronald Cron
eac00ad2a6 tls13: server: Note down client not being authenticated in SSL context
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-25 20:02:03 +02:00
Ronald Cron
a709a0f2c6 tls13: Declare PSK ephemeral key exchange mode first
In the PSK exchange modes extension declare first
PSK ephemeral if we support both PSK ephemeral
and PSK. This is aligned with our implementation
giving precedence to PSK ephemeral over pure PSK
and improve compatibility with GnuTLS.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-25 19:05:26 +02:00
Tom Cosgrove
93003d87a9 Split out testing of core_add and core_add_if per Janos' request
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-10-25 17:01:19 +01:00
Minos Galanakis
37ca3a9acd Moved tests from test_suite_bignum to test_suite_bignum_core
This patch moves the following tests to test_suite_bignum_core:
* `mbedtls_mpi_core_get_mont_r2_unsafe_neg()`
* `mbedtls_mpi_core_get_mont_r2_unsafe()`

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-10-25 16:56:08 +01:00
Ronald Cron
dd0c8f9c26 tls13-kex-modes.sh: Remove unnecessary GnuTLS option
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-25 17:35:50 +02:00
Tom Cosgrove
eee0d6ce6b Extend the unit tests for mbedtls_mpi_core_add_if() to also test mbedtls_mpi_core_add()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-10-25 16:29:58 +01:00
Minos Galanakis
a081c51cd3 Renamed mpi_core_get_mont_R2_unsafe_neg -> mpi_core_get_mont_r2_unsafe_neg
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-10-25 15:12:38 +01:00
Minos Galanakis
ae4fb671b4 mbedtls_mpi_core_get_mont_R2_unsafe: Removed NULL input checking
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-10-25 15:12:38 +01:00
Minos Galanakis
e1913a8da8 test_suite_bignum: Updated test cases for mbedtls_mpi_core_get_mont_R2_unsafe
This patch adds tests for 192 and 2048 bits inputs.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-10-25 15:12:31 +01:00
Minos Galanakis
b9243ef231 test_suite_bignum: Fixed whitespace issues
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-10-25 15:12:23 +01:00
Minos Galanakis
4f43f61c6a Renamed mbedtls_mpi_get_montgomery_constant_unsafe to mpi_core_get_mont_R2_unsafe
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-10-25 15:12:23 +01:00
Minos Galanakis
1a1b175554 test_suite_bignum: Added tests for mpi_get_montgomery_constant_unsafe()
This patch adds the test for the method calculating the RR. The input/expected
data are generated manually using the following Python3 snippet:

~~~~~
import math

title="mpi_get_montgomery_constant_unsafe"
tt = title + " #{}"

in_data = [ "0f", ... ]

def limb_no(number, bil=64):
    return int(math.ceil(int.bit_length(number)/(bil * 1.0)))

def calc_rr(number, bil=64 ):
    return '{:x}'.format(pow(pow(2, limb_no(number, bil) * bil), 2, number))

def calc_rr_str(number, prefix=""):
    rr64 = calc_rr(number)
    rr32 = calc_rr(number, bil=32)
    return '{}:"{:x}":"{}":"{}"'.format(prefix,number, rr32, rr64)

print("\n\n".join(["{}\n{}".format(tt.format(in_data.index(v)+1), calc_rr_str(int(v,base=16), title)) for v in in_data]))
~~~~~

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-10-25 15:12:01 +01:00
Gilles Peskine
383b0bbea0
Merge pull request #6461 from tom-cosgrove-arm/fix-mbedtls_mpi_mod_modulus_init-calls-in-tests
mbedtls_mpi_mod_modulus_init() must be called before any 'goto exit' in tests
2022-10-25 13:40:17 +02:00
Gilles Peskine
e5a715e8c0
Merge pull request #6449 from gilles-peskine-arm/bignum-core-shift_r
Bignum core: shift_r
2022-10-25 10:40:39 +02:00
Gilles Peskine
af8ea3f738
Merge pull request #6468 from gilles-peskine-arm/bignum-test-suite-names
Rename test_suite_bignum for consistency
2022-10-25 10:40:29 +02:00
Andrzej Kurek
2c7993c456 depends.py: add a config option to unset MBEDTLS_USE_PSA
This lets us perform any test without MBEDTLS_USE_PSA
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-24 15:56:10 -04:00
Ronald Cron
2012361ae6
Merge pull request #6448 from ronald-cron-arm/tls13-kex-build-options
TLS 1.3 Introduce and use key exchange mode config options
2022-10-24 15:21:37 +02:00
Przemek Stekiel
ab0451bc2c Fix build command in test_psa_crypto_config_reference_hash_use_psa
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-24 11:29:35 +02:00
Przemek Stekiel
c86dedfdc1 Fix code style
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-24 09:16:04 +02:00
Przemek Stekiel
58bbc23ca3 Use coverage analyze as default task
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-24 08:10:10 +02:00
Ronald Cron
454eb9172d ssl-opt.sh: Fix list of TLS 1.2 key exchanges with cert
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:42:04 +02:00
Ronald Cron
70ed41754d ssl-opt.sh: Simplify TLS 1.3 dependencies
Simplify TLS 1.3 dependencies taking into
account that
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
implies that MBEDTLS_SSL_PROTO_TLS1_3 is
defined.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:42:04 +02:00
Ronald Cron
5de538c9dd ssl-opt.sh: Remove requires_key_exchange_with_cert_in_tls12_enabled
Remove requires_key_exchange_with_cert_in_tls12_enabled
and use `requires_any_configs_enabled` directly instead.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:42:04 +02:00
Ronald Cron
c3f43b663e all.sh: Add components testing TLS 1.3 kex partial enablement
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:42:04 +02:00
Ronald Cron
8328113cad ssl-opt.sh: Fix some test checks for ephemeral only kex build
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:42:04 +02:00
Ronald Cron
59625848e6 ssl-opt.sh: TLS 1.3 kex: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_*ENABLED
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:42:04 +02:00
Ronald Cron
73fe8df922 Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED
Introduce and use
MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED to
guard TLS code (both 1.2 and 1.3) specific
to handshakes involving PSKs.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:42:04 +02:00
Ronald Cron
e68ab4f55e Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED
Introduce and use
MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED to
guard TLS code (both TLS 1.2 and 1.3) specific
to handshakes involving certificates.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:42:04 +02:00
Ronald Cron
41a443a68d tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK.*ENABLED
Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED
instead of MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED to guard
code specific to one of the TLS 1.3 key exchange mode with
PSK.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:42:04 +02:00
Ronald Cron
928cbd34e7 tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
instead of MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED to guard
code specific to the TLS 1.3 ephemeral key exchange mode.

Use it also for the dependencies of TLS 1.3 only tests
relying on ephemeral key exchange mode, but for
tests in tls13-kex-modes.sh where the change is done
later using all
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_.*ENABLED macros.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:42:04 +02:00
Ronald Cron
d8d2ea5674 Add TLS 1.3 key exchange mode config options
Add TLS 1.3 specific configuration options
to enable/disable the support for TLS 1.3
key exchange modes.

These configurations are introduced to
move away from the aforementioned
enablement/disablement based on
MBEDTLS_KEY_EXCHANGE_xxx_ENABLED options
that relate to group of TLS 1.2
ciphersuites.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:41:57 +02:00
Andrzej Kurek
ba970be142 Fix test dependencies for cases that are PSA-based
These should be using PSA-type macros, not MBEDTLS_XXX_C.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-21 13:39:00 -04:00
Gilles Peskine
fc4f11b5d0 Improve test component name
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-10-21 19:34:54 +02:00
Gilles Peskine
a020d535ad Avoid having both test_suite_XXX.data and test_suite_XXX.*.data
Although our build scripts support that, it's annoying, because it makes
"test_suite_XXX" ambiguous between "all the data for
test_suite_XXX.function" and "just test_suite_XXX.data".

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-10-21 19:00:38 +02:00
Gilles Peskine
42832bd406 Don't use test_suite_mpi as an example
It just got renamed, and it's also not the most canonical example since it's
a somewhat deprecated interface. Make a different module the example.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-10-21 18:56:47 +02:00
Gilles Peskine
ce22066211 Rename test_suite_bignum for consistency with bignum.{h,c}
Align the name of the bignum test suite with the source module (which was
renamed from mpi.c to bignum.c in the PolarSSL 1.x days). This also brings
it into line with the test suites for the low-level bignum interfaces.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-10-21 18:54:43 +02:00
Andrzej Kurek
ed05279e4f Comment fix
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-21 10:28:55 -04:00
Andrzej Kurek
d066c79d7e Add missing ECB requirements for PSA cipher aes tests
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-21 10:28:55 -04:00
Andrzej Kurek
8f26c8a0cf Fix a typo in test_suite_cipher
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-21 10:28:55 -04:00
Ronald Cron
89ca977128 ssl-opt.sh: Improve dependencies of some TLS 1.3 test cases
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-21 14:47:00 +02:00
Ronald Cron
bc5adf4ef8 ssl-opt.sh: Add dependencies on handshake with cert
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-21 14:47:00 +02:00
Ronald Cron
2ea36af693 ssl-opt.sh: TLS 1.3 kex: Do not use sig_algs if no cert
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-21 14:47:00 +02:00
Ronald Cron
81cd7ab492 tests: ssl: Add missing dependency on MBEDTLS_X509_CRT_PARSE_C
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-21 14:47:00 +02:00
Ronald Cron
f64cc03b09 tests: ssl: Add missing dependencies on certificate based handshake
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-21 14:47:00 +02:00
Ronald Cron
457fb7a523 tests: ssl: Fix ciphersuite identifier
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-21 14:44:45 +02:00
Przemek Stekiel
4e95590ae7 analyze_outcomes.py: Add test coverage regresion analyze for driver only builds
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-21 13:43:13 +02:00
Przemek Stekiel
01df9ddda7 Add test component: component_test_psa_crypto_config_reference_hash_use_psa
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-21 13:43:13 +02:00
Manuel Pégourié-Gonnard
0e7e47147c
Merge pull request #6447 from mprse/driver-only-hash-gap
Fix test gap in driver-only-hashes build
2022-10-21 10:32:43 +02:00
Manuel Pégourié-Gonnard
45c6792faf
Merge pull request #6385 from AndrzejKurek/depends-py-reloaded
Unified tests/scripts/depends.py - reloaded
2022-10-21 10:17:58 +02:00
Tom Cosgrove
be17655b57 mbedtls_mpi_mod_modulus_init() must be called before any 'goto exit' in tests
Fixes Coverity issues 381527 and 381526.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-10-20 16:57:10 +01:00
Janos Follath
560805d665 Fix mbedtls_mpi_core_add_if test aliasing
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-10-20 12:04:40 +01:00
Przemek Stekiel
2c95a56e13 Remove KNOWN_MBEDTLS_SUPPORTED_HASH_ALG as it is now not used anywhere
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-20 12:38:44 +02:00
Gilles Peskine
b0ee577287 Bignum core: test shift_r
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-10-20 12:00:57 +02:00
Janos Follath
ba516f7524 mpi_core_add_if test: Remove dependency on old API
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-10-20 10:59:50 +01:00
Janos Follath
e153a715f0 mpi_core_add_if: simplify tests
Use the new, limb size aware base class to generate tests for
mpi_core_add_if().

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-10-20 10:40:03 +01:00
David Horstmann
2bb9c8a884 Change brace initialization to memset
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-10-20 10:18:37 +01:00
David Horstmann
01dd548025 Minor fixes to x509_get_name() test function
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-10-19 17:13:57 +01:00
Werner Lewis
f1c24f0fbc Add missing include
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 16:43:22 +01:00
Werner Lewis
bd3ddafee2 Move tests added in #6289
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:36:18 +01:00
Werner Lewis
6baf12b18d Move legacy mod functions back to test_suite_mpi
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
ffe4478936 Move mpi_core_bitlen tests to bignum_core files
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
1b20e7e645 Redefine result() method to return List
Many bignum tests have multiple calculated result values, so return
these as a list, rather than formatting as a string.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
99e8178fa7 Add module for bignum_core test generation
Separate file is added for classes used to generate cases for tests
in bignum_core.function. Common elements of the BignumOperation class
are added to classes in a new common file, for use across files.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
0c6ea12145 Move bignum_mod tests into separate files
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
c9b6a0aef9 Move bignum_mod_raw tests into separate files
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:20:01 +01:00
Werner Lewis
c6004a2ab3 Move bignum_core tests into separate files
Test cases for mpi_core_add_if, mpi_core_mla, mpi_core_sub,
mpi_core_montmul are not copied into new files, these are generated in
subsequent commits.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-10-19 15:19:53 +01:00
Gilles Peskine
149c1516e7
Merge pull request #6435 from mpg/improve-outcome-analysis
Improve outcome analysis for driver-only builds
2022-10-19 15:54:17 +02:00
Gilles Peskine
db2996357c
Merge pull request #6289 from gabor-mezei-arm/6237_Add_conditional_assign_and_swap_for_bignum
Bignum: Add safe conditional assign and swap for the new MPI types
2022-10-19 15:51:19 +02:00
Andrzej Kurek
b8a97e7520 depends.py: rename domains argument to tasks
Tasks can consist of domains and/or jobs.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
629c412e81 depends.py documentation fixes
Now that the format of exclusive groups has been changed,
update the documentation using it too.

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
b489f958b8 depends.py: remove config options that are unset anyway
Over the lifespan of this script these options have been removed
from the "full" configuration.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
a44c5bcdb7 depends.py: rename config_pl usage to config_py
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
22b959d9a5 depends.py - add SHA256 dependency of LMS
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
65b2ac1f1d Change the way exclusive groups are defined in depends.py
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
f4b18672ff depends.py: fix TLS 1.3 requirements
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
a0cb4fa302 Improve depends.py readability
Switch from SHA224 & SHA384 testing to SHA256 and SHA512.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
b50754ae86 Switch from x509_CRT_PARSE to KEY_EXCHANGE_WITH_CERT_ENABLED
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
e5535e3123 Add MBEDTLS_DES_C exclusive group dependencies
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
a2a9688501 Fix the memory allocation in test_suite_ssl
ASSERT_ALLOC calculates the size itself, and the parameter indicates number of elements.
```
mbedtls_calloc( sizeof( *( pointer ) ),  ( length ) );  
```
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
6454a90c6d Remove pre-1_2 TLS dependencies from depends.py
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
658442fe78 Remove unnecessary ECP_C dependencies
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
e5a5cc1944 Remove the dependency of tls1_3 key evolution tests on curve25519
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
daf43fbe21 Move the location of MBEDTLS_ECP_C dependencies
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
2d637c4cbb Fix unchecked allocation in test_suite_ssl
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
01af84a0ca depends.py: Add script documentation
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
2f8ac287b6 Disable MBEDTLS_TEST_HOOKS in depends.py
This option was increasing testing duration
by about 40%.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
eabeb30c65 Fix SHA512 vs SHA384 dependencies
When building SHA512 without SHA384,
there are some code paths that resulted
in unused variables or usage of undefined code.
This commit fixes that.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
228b12ce54 Rework depends.py to run more tests with hashes
The test coverage reduction introduced in
dc25cee lowered the coverage of hash tests
due to intertwining dependencies.
This commit introduces a new class for building
a domain using both the complementary
and exclusive classes.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
fe46949686 depends.py: disable part of the test jobs
Disable exclusive jobs that run with a single
config disabled. A lot more bugs should be found by running jobs with only one config
of a family enabled.
This will also lessen the burden on the CI.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
fcbd2acbc2 Split depends.py all.sh job into seven
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
202932f521 Use upper case for constants in depends.py
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
3322c22087 Improve depends.py structrue
Apply most improvements suggested by pylint.
Use config.py instead of config.pl.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
0e8b2d74f0 Fix python formatting and indentation
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
3cca0c8e68 Add an all.sh component running depends.pl
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
e05b17fb85 Update depends.py
Remove old and add new dependencies.
Introduce a way to handle non-trivial problems 
stemming from exclusive group testing.
Exclude SHA256 and SHA512, as these are tested
in SHA224 and SHA384 jobs, respectively.
Change config.h to mbedtls_config.h).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
e64bd43495 Add missing ECP and ECDH dependencies in ssl test suites
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
8e44139ca0 Add missing CURVE25519 requirements to TLS 1.3 tests
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
84f30f2eb0 Add missing SHA256 dependency
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
e38b788b79 Add missing key exchange dependencies
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
90e8204476 Add missing SHA256 and ECDSA_C dependencies in test_suite_ssl
Most of the tests (including those using endpoint_init functions) parse
certificates that require MBEDTLS_SHA256_C to be present.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
0abebebe6d Refactor ssl test suite to use pointers more
This way it's easier to track structures that are partially set up.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
f502bcb13e Fix missing AES dependencies
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Gilles Peskine
34a1557df6 Add domains for symmetric ciphers
Add a domain for cipher base algorithms (block permutations and stream
ciphers), a domain for block cipher chaining modes and a domain for
block cipher padding modes.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Gilles Peskine
c3b4deeb6c When exercising key exchanges, don't build the test suites
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Gilles Peskine
584c24ace4 Declare more reverse dependencies
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Gilles Peskine
b1284cf6bc Don't test builds with only deprecated hashes
Don't try to build with only SHA-1 or with only RIPEMD160 or with only
MD{2,4,5}.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Gilles Peskine
bf7537d0a9 Use the full config as the baseline for all jobs
Start each job from the full config minus some memory management
settings and the job-specific settings.

The original content of config.h no longer influences the
configurations used for the jobs (but it still influences what jobs
may run, in that the set of jobs is partly built by parsing #define
and //#define lines in config.h).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Gilles Peskine
e85163bb5c Simplify final passed/failed reporting
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Gilles Peskine
0fa7cbeeb9 Add basic support for colored output
Show "pass" lines in green and "fail" lines in red.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Gilles Peskine
54aa5c6957 Factor running config.pl into its own function
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Gilles Peskine
46c8256547 Flush log output after each line
Otherwise the output can be out of order when redirected.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Gilles Peskine
b39e3ecee6 New script to exercise compilation options
Unify curves.pl, key-exchanges.pl, depends-pkalgs.pl and
depends-hashes.pl into a single, newly-written script.

For curves, key exchanges and hashes, in addition to testing
all-but-one settings in the group like the old scripts, also run the
tests with a single option in the group.

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
e40b92178d Fix missing padding dependencies
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
252283f2aa Fix missing cipher mode dependencies
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Przemek Stekiel
8258ea7b7d test_suite_psa_crypto: adapt dependenies and guards so the test can run in the driver-only build
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-19 13:20:20 +02:00
Manuel Pégourié-Gonnard
0dc40773d6 Improve comments & messages
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-10-19 12:12:21 +02:00
Manuel Pégourié-Gonnard
deef905a1c Update is_builtin_calling_md() for PKCS#1 v2.1
Since https://github.com/Mbed-TLS/mbedtls/pull/6141 it can "fall back"
to PSA when MD is not available (but will use MD if available, to
preserve backwards compatibility).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-10-19 11:02:15 +02:00
Manuel Pégourié-Gonnard
98b91d40d6 RSA PKCS#1 v1.5 no longer depends on MD
This has been the case since
https://github.com/Mbed-TLS/mbedtls/pull/6065 which forgot to update the
documentation, and also is_builtin_calling_md(), so update those.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-10-19 10:59:30 +02:00
Gabor Mezei
4dceede71b
Fix overly replacement in the documentation
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-10-18 16:44:17 +02:00
Przemek Stekiel
98b1af4e34 test_suite_debug: adapt dependenies so the test can run in the driver-only build
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-18 14:52:41 +02:00
Janos Follath
7cd1ebe0bb
Merge pull request #6296 from gilles-peskine-arm/test_data_generation-pr_6093_followup
Minor fixes to test_data_generation.py
2022-10-18 13:38:28 +01:00
Manuel Pégourié-Gonnard
d92fb01419 Skip bits not needed in outcome-analysis.sh
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-10-18 12:10:45 +02:00
David Horstmann
3cd67584bc Improve X509 DN test naming
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-10-17 17:59:10 +01:00
David Horstmann
d0e3d45e96 Add explanatory comments to raw DER test data
Break down the DER-encoded ASN.1 test data into its structure in a
comment and explain it, to make it easier to understand where the data
came from and how it is corrupted.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-10-17 17:55:04 +01:00
Gilles Peskine
47da7bfac8
Merge pull request #6434 from gilles-peskine-arm/lmots_import_export_test-memory_leak
LMS: Fix memory leak if unit test fails
2022-10-17 17:57:59 +02:00
Gabor Mezei
0c74e084d5
Fix condition
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-10-17 16:09:58 +02:00
Gilles Peskine
503d09b52d Fix memory leak if unit test fails
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-10-17 12:27:43 +02:00
Manuel Pégourié-Gonnard
6c6f04b651
Merge pull request #6419 from mpg/fix-assert-alloc-usage
Fix usage of ASSERT_ALLOC()
2022-10-17 12:10:48 +02:00