mbedtls

Author	SHA1	Message	Date
Raef Coles	781f7bedb0	Properly mark LMOTS leak test as failed Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:18 +01:00
Raef Coles	d137c86125	Don't skip LMS tests due to out of memory error Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:17 +01:00
Raef Coles	76563399fd	Fix LMS and LMOTS test dependencies Mark them as depending on PSA_WANT_ALG_SHA256 so that test_depends_hashes_psa doesn't fail Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:15 +01:00
Raef Coles	59eb0d0f2b	Fix LMOTS signature leak test dependencies As it requires MBEDTLS_LMS_PRIVATE Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:12 +01:00
Raef Coles	d0c701237a	Replace TEST_ASSERT with TEST_EQUAL in LMS tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:09 +01:00
Raef Coles	f9b8502865	Add LMS import/export negative tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:06 +01:00
Raef Coles	4511055511	Exclude binary LMS keys from file checking Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:05 +01:00
Raef Coles	9fc303a99a	Add extra LMOTS import negative tests And fix failures that are related to the new tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:01 +01:00
Raef Coles	71f554b48f	Use real data for negative LMOTS tests To avoid errors caused by the null public keys and signatures Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:00 +01:00
Raef Coles	66edf6a833	Use hsslms data for LMOTS import/export test Also, test that export fails when the buffer is too small. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:58 +01:00
Raef Coles	8b55ba623e	Source LMOTS data from hsslms So it can be reproduced Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:57 +01:00
Raef Coles	a6b47c0aac	Add LMS hsslms interop tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:55 +01:00
Raef Coles	d6adcb6146	Add negative LMS import/export tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:53 +01:00
Raef Coles	810612e14e	Update LMS and LMOTS to use TEST_EQUAL Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:51 +01:00
Raef Coles	90e13fc3c6	Add repro instructions for LMS test data Add more interop tests, and use real data for the negative tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:49 +01:00
Raef Coles	0dc604ed2b	Change how LMS and LMOTS negative tests work Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:48 +01:00
Raef Coles	7726678b23	Remove debugging code left in LMOTS tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:46 +01:00
Raef Coles	370cc43630	Make LMS public key export part of public key api Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:28 +01:00
Raef Coles	be3bdd8240	Rename LMS and LMOTS init/free functions To match convention Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:18 +01:00
Raef Coles	5127e859d7	Update LMS and LMOTS dependency macros Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:11 +01:00
Raef Coles	b4568c5423	Disable LMS in PSA crypto client test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:07 +01:00
Raef Coles	47bccb7e47	Disable LMS_PRIVATE in all.sh when LMS is disabled Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:06 +01:00
Raef Coles	a7e03adef5	Disable LMS in all.sh when PSA isn't enabled Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:04 +01:00
Raef Coles	98c504373c	Update LMS test description To correct copy-paste error Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:02 +01:00
Raef Coles	40158e11fc	Add LMOTS test hook to header Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:58 +01:00
Raef Coles	9c9027b1a4	Add extra LMS and LMOTS tests NULL-message and LMOTS signature leak tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:50 +01:00
Raef Coles	f5919e2997	Update LMS/LMOTS tests Document tests and source of data, use test RNG, pass more parameters into each test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:43 +01:00
Raef Coles	e9479a0264	Update LMS API to support multiple parameter sets Parameterise macros to allow variation of sizes Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:36 +01:00
Raef Coles	ab4f87413a	Add MBEDTLS_LMS_PRIVATE define To enable private key operations Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:35 +01:00
Raef Coles	01c71a17b3	Update LMS and LMOTS api Fix function names and parameters. Move macros to be more private. Update implementation. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:25 +01:00
Raef Coles	c8f9604d7b	Use PSA hashing for LMS and LMOTS Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:23 +01:00
Raef Coles	7dce69a27a	Make LMOTS a private api Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:22 +01:00
Raef Coles	8ff6df538c	Add LMS implementation Also an LM-OTS implementation as one is required for LMS. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:15 +01:00
Manuel Pégourié-Gonnard	f155ab9a91	Abort on errors when we should We're not strictly required to abort, but at least to leave the context is an invalid state. For "late" functions like input() and output(), calling abort() is the easiest way to do that. Do it systematically for input() and output() by using a wrapper. psa_pake_get_implicit_key() was already doing it. For "early" function, we can just leave the operation in its current state which is already invalid. Restore previous tests about that. Not adding systematic tests, though, just test the two functions that are the most important, and more likely to return errors. Since we now abort in more cases, we need to make sure we don't invalidate the operation that's going to be re-used later in the test. For that reason, use a copy of the operation for calls to input() and output() that are expected to return errors. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-13 13:20:31 +02:00
Manuel Pégourié-Gonnard	b63a9ef09f	Fix buffer sizes in ecjpake_setup test function Also, the error code changed from INSUFFICIENT_MEMORY to INVALID_DATA. Temporarily remove a test about aborting the operation on error. Auto-abort will be re-introduced in the next commit in a more systematic way. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-13 13:17:20 +02:00
Gilles Peskine	0fe6631486	Merge pull request #6291 from gilles-peskine-arm/platform.h-unconditional-3.2 Include platform.h unconditionally	2022-10-13 10:19:22 +02:00
Przemek Stekiel	072fad12d9	Disable MBEDTLS_SSL_TICKET_C in aead driver test. MBEDTLS_SSL_TICKET_C depends now on: MBEDTLS_GCM_C \|\| MBEDTLS_CCM_C \|\| MBEDTLS_CHACHAPOLY_C. All features are disabled in this config. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-13 09:59:52 +02:00
Manuel Pégourié-Gonnard	2aa5af9bec	Merge pull request #6403 from mpg/print-failed-suites Print the list of failed suites in verbose mode	2022-10-13 09:59:45 +02:00
Xiaokang Qian	ed0620cb13	Refine code base on comments Move code to proper macro guards protection Fix typo issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00
Xiaokang Qian	2f9efd3038	Address comments base on review Change function name to ssl_session_set_hostname() Remove hostname_len Change hostname to c_string Update test cases to multi session tickets Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:49 +00:00
Xiaokang Qian	adf84a4a8c	Remove public api mbedtls_ssl_reset_hostname() Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:05:11 +00:00
Xiaokang Qian	281fd1bdd8	Add server name check when proposeing pre-share key Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:03:41 +00:00
Gilles Peskine	8fd3254cfc	Merge pull request #6374 from mprse/enc_types Test TLS 1.2 builds with each encryption type	2022-10-12 12:45:50 +02:00
Ronald Cron	78317c832b	Merge pull request #6327 from yuhaoth/pr/tls13-psk-after-session-tickets TLS 1.3: PSK and NewSessionTicket: Add support for sending PSK and Ticket together.	2022-10-12 12:39:51 +02:00
Przemek Stekiel	ee1bb4145f	Make sure that disabled features are not included in image and fix test config Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-12 10:15:59 +02:00
Gilles Peskine	fcee740b83	Automatically enable PK_PARSE for RSA in PSA PSA crypto currently needs MBEDTLS_PK_PARSE_C to parse RSA keys to do almost anything with them (import, get attributes, export public from private, any cryptographic operations). Force it on, for symmetry with what we're doing for MBEDTLS_PK_WRITE_C. Fixes #6409. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 21:15:24 +02:00
Gilles Peskine	aef1ba679d	Add build with a typical configuration for a PSA crypto service Disable non-crypto features that can't be called through the PSA API, as well as algorithms that have no PSA interface. This serves as a non-regression test for #6408 and #6409. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 21:09:21 +02:00
Gilles Peskine	58e5d804ee	test_suite_pk: Add missing dependencies on MBEDTLS_PEM_PARSE_C Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 20:57:38 +02:00
Gilles Peskine	d23d8dee24	test_suite_dhm: Add missing dependencies on MBEDTLS_PEM_PARSE_C Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 20:57:21 +02:00
Gilles Peskine	9624a5932e	Add mbedtls_dhm_parse_dhmfile test case with DER input dh.optlen.der is the result of converting dh.optlen.pem from PEM to DER. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 20:52:34 +02:00
Jerry Yu	c2bfaf00d9	fix wrong typo Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-11 18:07:19 +08:00
Manuel Pégourié-Gonnard	ac6c67053d	Print the list of failed suites in verbose mode In verbose mode, the full output of each failing suite is printed out, which for some suites runs in the 1000s of lines. If you didn't redirect output to a file, this is a lot to scroll and can make it hard to quickly identify which test suites failed. So, let's print out that information at the end. This is useful information for starting to figure out what went wrong. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-11 10:48:32 +02:00
Gilles Peskine	b50e433b66	Test mbedtls_mpi_core_bitlen Copy the test data for mbedtls_mpi_bitlen except for 0-length and negative cases. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Gilles Peskine	e943283f2f	More mbedtls_mpi_bitlen test cases * with leading zero limb * with trailing zero limb * negative Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Gilles Peskine	24baa81043	Improve mbedtls_mpi_bitlen test descriptions Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Gilles Peskine	c5772a194e	mbedtls_test_read_mpi_core: allow odd number of hex digits Test functions must now take a char* argument rather than data_t*. This does not affect existing test data. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-10 23:03:47 +02:00
Janos Follath	1b5c85c75b	Merge pull request #6386 from gilles-peskine-arm/bignum-mbedtls_test_read_mpi_core Introduce mbedtls_test_read_mpi_core	2022-10-10 15:14:46 +01:00
Jerry Yu	03aa174d7c	Improve test message and title Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-10 21:48:37 +08:00
Gabor Mezei	44ba2f6db9	Add more test cases Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 15:32:12 +02:00
Gabor Mezei	a67a1a3ebc	Remove the 'is_fail' parameter from the test functions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 15:25:59 +02:00
Gabor Mezei	d71eb0c3ac	Use better test macro Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 13:09:04 +02:00
Gabor Mezei	d6441da4c5	Remove redundant memory initialization When memory is allocated it is also initialized with 0. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 13:05:16 +02:00
Gabor Mezei	251cb632f1	Remove unused macro definition Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 13:02:21 +02:00
Przemek Stekiel	52a428b824	Fix MBEDTLS_SSL_TICKET_C, MBEDTLS_SSL_SESSION_TICKETS dependencies Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-10 11:23:18 +02:00
Przemek Stekiel	42bb3ff40b	Adapt expected results in ChaCha20-Poly1305 ( invalid tag length) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-10 07:28:40 +02:00
Jerry Yu	63b06ea06e	Update test cases Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-08 14:56:38 +08:00
Jerry Yu	25ab654781	Add dummy ticket support Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-07 10:11:05 +08:00
Jerry Yu	8897c07075	Add server only guards for psk callback Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-07 10:11:05 +08:00
Przemek Stekiel	c1ceae4848	crypto_config_test_driver_extension.h: add support for ChaCha20 - Poly1305 This is done to have LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 defined in libtestdriver1. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-06 16:53:47 +02:00
David Horstmann	db73d3b149	Add mbedtls_x509_get_name memory leak unit test Introduce a unit test to test mbedtls_x509_get_name() and add a testcase with a corrupt DER-encoded name that causes mbedtls_x509_get_name() to have to cleanup things it is allocated. If it fails to do this, a memory leak is detected under Asan builds. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-05 13:09:57 +01:00
Manuel Pégourié-Gonnard	ec7012dbc7	Fix I/O format of PSA EC J-PAKE for compliance The format used by the mbedtls_ecjpake_xxx() APIs and that defined by the PSA Crypto PAKE extension are quite different; the former is tailored to the needs of TLS while the later is quite generic and plain. Previously we only addressed some part of this impedance mismatch: the different number of I/O rounds, but failed to address the part where the legacy API adds some extras (length bytes, ECParameters) that shouldn't be present in the PSA Crypto version. See comments in the code. Add some length testing as well; would have caught the issue. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-05 12:52:48 +02:00
Gilles Peskine	99a82dce74	Readability improvement Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-05 11:20:56 +02:00
Gilles Peskine	80ca44f33c	Merge pull request #6325 from gabor-mezei-arm/6308_missing_initialization_in_test Add initialization for structures in test	2022-10-05 11:09:35 +02:00
Gilles Peskine	22514eb99b	Fix typo in documentation Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-04 15:09:53 +02:00
Gabor Mezei	8fcde5bb8e	Remove duplicate test case Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-04 13:53:33 +02:00
Gabor Mezei	02e5d439db	Add more tests for cond_assign/swap functions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-03 16:45:11 +02:00
Gabor Mezei	6546a6cc03	Rewrite tests for cond_assign/swap The cond_swap and cond_assign test functions now requires the same limb size for the MPI parameters. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-03 14:56:51 +02:00
Przemek Stekiel	6a5cc74cc4	Fix typos and comments Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-03 09:04:16 +02:00
Przemek Stekiel	bd99a0221b	test_driver_aead.c: add support for LIBTESTDRIVER1 tests Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-02 21:01:23 +02:00
Przemek Stekiel	e290f2ea14	all.sh: add testing of AEAD drivers with libtestdriver1 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-02 20:58:39 +02:00
Gilles Peskine	5bbdfce44c	Streamline mbedtls_mpi_core_lt_ct unit test Use mbedtls_test_read_mpi_core() to read the test data. Among other benefits, X and Y are now allocated to their exact size, so analyzers (Asan, Valgrind, Coverity, ...) have a chance of complaining if the tested function overflows the buffer. Remove TEST_CF_PUBLIC calls which are no longer necessary. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:53:04 +02:00
Gilles Peskine	3aae4e815e	New function mbedtls_test_read_mpi_core Allocate and read an MPI from a binary test argument. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:51:41 +02:00
Gilles Peskine	571576fc5c	Move the definition of data_t to a header file This way it can be used in helper functions. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:51:41 +02:00
Gilles Peskine	bdc7b8bb6a	Allow test assertions on constant-flow scalar data When testing a function that is supposed to be constant-flow, we declare the inputs as constant-flow secrets with TEST_CF_SECRET. The result of such a function is itself a constant-flow secret, so it can't be tested with comparison operators. In TEST_EQUAL, TEST_LE_U and TEST_LE_S, declare the values to be compared as public. This way, test code doesn't need to explicitly declare results as public if they're only used by one of these macros. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:51:41 +02:00
Gilles Peskine	97483b0fd4	Remove incorrect comment This comment (which used to be attached to the implementation, and should not have been moved to the header file) is incorrect: the library function mbedtls_mpi_read_string preserves leading zeros as desired, but does not create a zero-limb object for an empty string. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-30 18:51:41 +02:00
Gabor Mezei	ec5685f1ee	Use exact-size buffers for inputs and outputs to library functions in tests Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 14:48:54 +02:00
Gabor Mezei	f5ca726ce1	Rename variables to match bettr to its purpose The length in bytes is used with the 'len' prefix and the length in limbs is used with the 'limbs' prefix. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 14:35:42 +02:00
Gabor Mezei	8b05e3b148	Add memory freeing Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:41 +02:00
Gabor Mezei	a7584888da	Use exact-size buffers for inputs and outputs to library functions in tests Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:41 +02:00
Gabor Mezei	821d15107b	Check true and false condition in the same test case Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:41 +02:00
Gabor Mezei	3eff425b1a	Use only one limb parameter for assign Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:40 +02:00
Gabor Mezei	027d696434	Remove unused code Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:40 +02:00
Gabor Mezei	b2763ef507	Do not read uninitialized memory Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:40 +02:00
Gabor Mezei	cfc0eb8d22	Remove unused parameter Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:39 +02:00
Gabor Mezei	53e455db7b	Remove return value checking from test functions of assign and swap Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:39 +02:00
Gabor Mezei	b27b1c5db0	Add tests for conditional assign and swap functions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:30 +02:00
Gilles Peskine	845de0898e	Merge pull request #6083 from tom-cosgrove-arm/issue-6015-montgomery-multiplication Montgomery multiplication from bignum prototype	2022-09-30 10:35:21 +02:00
Tom Cosgrove	4386ead662	Correct the aliasing requirements in doc for mbedtls_mpi_core_montmul(), and test them Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-29 14:40:21 +01:00
Przemek Stekiel	48a6a666a0	Add ssl-opt tls 1.2 tests for single cipher builds Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-29 15:29:33 +02:00
Przemek Stekiel	8d4b241028	Remove redundant indirect dependencies after optimizing setup for one cipher components Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-29 10:13:40 +02:00
Przemek Stekiel	a891a091a3	test_suite_cmac.data: fix bug: use cipher type instead cipher id Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-29 09:53:20 +02:00
Przemek Stekiel	68db0d2f67	Optimize one cipher only components and adapt nemes Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-29 08:32:25 +02:00
Ronald Cron	77c691f099	Merge pull request #6194 from xkqian/tls13_add_psk_client_cases TLS 1.3: Add PSK client cases	2022-09-28 17:08:06 +02:00
Przemek Stekiel	0cc3466c9e	Change testing strategy to default + one cypher only (psa/no psa) In full config TLS 1.2 is disabled. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 12:06:57 +02:00
Przemek Stekiel	b0de1c040b	Add components to build and test default/full config with legacy-ccm cipher only Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 11:15:16 +02:00
Przemek Stekiel	9550c05757	Add component to build and test full config with stream cipher only Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 09:51:55 +02:00
Xiaokang Qian	a70bd9108a	Fix the description of psk client cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-28 07:50:13 +00:00
Manuel Pégourié-Gonnard	e3358e14b2	Merge pull request #6051 from mprse/permissions_2b_v2 Permissions 2b: TLS 1.3 sigalg selection	2022-09-28 09:50:04 +02:00
Manuel Pégourié-Gonnard	f3f9e450b6	Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2 Ad-hoc KDF for EC J-PAKE in TLS 1.2	2022-09-28 09:47:32 +02:00
Przemek Stekiel	d582a01073	Make MBEDTLS_SSL_CONTEXT_SERIALIZATION dependent on AEAD Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 07:59:01 +02:00
Xiaokang Qian	ca343ae280	Improve message logs and test cases description in psk Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-28 02:07:54 +00:00
Gabor Mezei	0bb138241b	Add initialization for structures Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-27 18:48:44 +02:00
Przemek Stekiel	6f29a6c4b4	test_suite_cipher.function: always include aes.h It is done to have MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH macro available (used in tests) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-27 15:04:14 +02:00
Przemek Stekiel	a82290b727	Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions Both functions are calling mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions. These functions are guarded with MBEDTLS_CIPHER_MODE_AEAD \|\| MBEDTLS_NIST_KW_C flags - make it consistent. As a result ssl_server2 won't build now with MBEDTLS_SSL_SESSION_TICKETS enabled (mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions not available). Mark MBEDTLS_SSL_SESSION_TICKETS as dependent on MBEDTLS_CIPHER_MODE_AEAD \|\| MBEDTLS_NIST_KW_C and disable MBEDTLS_SSL_SESSION_TICKETS in stream cipher only build. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-27 15:04:14 +02:00
Przemek Stekiel	11c362a050	Add component to build and test default config with stream cipher only Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-27 15:04:08 +02:00
Xiaokang Qian	9c172042b6	Change cases description base on comments Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-27 11:41:50 +00:00
Xiaokang Qian	e12d30d751	Move psk related cases into tls13-kex-modes.sh Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-27 11:34:14 +00:00
Andrzej Kurek	3539f2c90b	Improve readability in ecjpake tests Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-26 10:56:02 -04:00
Xiaokang Qian	954d5769ef	PSK: change descriptions base on comments Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-26 08:40:10 +00:00
Xiaokang Qian	ac8195f4f7	Fix wrongly kex mode fallback issue in psk cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-26 06:31:58 +00:00
Gilles Peskine	12a1e85caa	Merge pull request #6138 from Zaya-dyno/validation_remove_change_key_agree Validation remove change key agree	2022-09-23 17:04:20 +02:00
Gilles Peskine	f70f4ead7f	Merge pull request #6248 from gilles-peskine-arm/all-sh-force-3.2 Fix all.sh --force	2022-09-23 17:04:00 +02:00
Gilles Peskine	87953f228f	Merge pull request #6091 from Zaya-dyno/validation_remove_change_pk Validation remove change pk	2022-09-23 17:03:30 +02:00
Paul Elliott	2c282c9bd0	Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.	2022-09-23 15:48:33 +01:00
Gabor Mezei	f29c2a5313	Add initialization for structures Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-23 15:25:27 +02:00
Xiaokang Qian	210727f3b1	Skip some psk cases cause wrong fallback to ephemeral Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 07:25:40 +00:00
Xiaokang Qian	dea2cbe199	Fix various test issues in psk m->m cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	658204c71e	Remove negative test cases for m->O and m->G Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	8939930b82	Rebase and fix some test failures Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	cffb18cee7	Fix various issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	8f7d7c7aaf	Address comments about description of psk cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	edc35e7ffd	Refine the psk test cases for m->G Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	2efece22a0	Refine the psk test cases for m->O Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	3cbbbbcb08	Shorten the description in psk m->m test cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	d7dcc4274b	Unified the test title of psk cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	2aaf1c1d74	Re-work psk test cases against openssl and gnutls Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	8e76e1de21	Add m->m cases with client be set to psk_all or all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	ca48dddf62	Add m->m with client be set to ephemeral or ephemeral_all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	198cefd1fa	Add force_version tls13 to the psk test cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	f9b694ba8f	Add m->m cases with client be set to psk and psk_ephemeral mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	e0cc584f70	Change result strings based on actula psk test result Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	df6a3891e8	Add client psk test cases for all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	a39d0d5e2b	Add client test cases for ephemeral_all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	01173c21b1	Add client test cases for ephemeral mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	ff5705bdd7	Add client test cases for psk_ephemeral mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	73894232e8	Add client test cases for psk_all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	cf6442e2e4	Add client test cases for psk mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:30 +00:00
XiaokangQian	335cfaadf9	Finalize client side code for psk Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-09-23 01:48:26 +00:00
Gilles Peskine	07ba2be20b	Merge pull request #6304 from yuhaoth/pr/exclude-pre_shared_key-from-hrr-msg TLS 1.3: PSK: Exclude pre_shared_key for HRR	2022-09-22 10:21:06 +02:00
Manuel Pégourié-Gonnard	1475ac49a4	Merge pull request #6107 from Zaya-dyno/validation_remove_change_hash Validation remove change hash	2022-09-22 09:24:44 +02:00
Manuel Pégourié-Gonnard	d5c82fb821	Merge pull request #6085 from Zaya-dyno/validation_remove_change_cipher Validation remove and change in files related to cipher in library	2022-09-22 09:10:13 +02:00
Jerry Yu	9370612312	remove certificate setting from psk_ephemeral HRR test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-21 22:44:24 +08:00
Tom Cosgrove	119eae2e51	Update names of test cases in generate_bignum_tests.py Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-21 12:19:18 +01:00
Tom Cosgrove	c573882674	Merge remote-tracking branch 'upstream/development' into issue-6015-montgomery-multiplication	2022-09-21 12:08:43 +01:00
Manuel Pégourié-Gonnard	d433cd7d07	Merge pull request #6283 from mpg/driver-only-hashes-wrap-up Driver only hashes wrap-up	2022-09-21 08:29:46 +02:00
Jerry Yu	2db49df44b	Add psk_ephemeral HRR tests Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-21 11:03:28 +08:00
Dave Rodgman	36e1d9ef1d	Merge pull request #6203 from wernerlewis/ecp_group_test Add test for ECP group metadata	2022-09-20 17:35:53 +01:00
Ronald Cron	50969e3af5	ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 15:57:57 +02:00
Tom Cosgrove	b0b77e1b13	Document and test aliasing of the bignums given to mbedtls_mpi_core_mla() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-20 13:33:40 +01:00
Ronald Cron	277cdcbcde	ssl-opt.sh: tls13 opaque key: Enable client authentication Enable client authentication in TLS 1.3 opaque key tests to use the opaque key on client side. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00
Ronald Cron	e3196d270c	ssl-opt.sh: tls13 opaque key: Do not force version on client side Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00
Ronald Cron	6ec2123bf3	ssl-opt.sh: Align prefix of TLS 1.3 opaque key tests Align prefix of TLS 1.3 opaque key tests with the prefix of the othe TLS 1.3 tests. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00
Ronald Cron	067a1e735e	tls13: Try reasonable sig alg for CertificateVerify signature Instead of fully validating beforehand signature algorithms with regards to the private key, do minimum validation and then just try to compute the signature. If it fails try another reasonable algorithm if any. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00
Ronald Cron	67ea2543ed	tls13: server: Add sig alg checks when selecting best certificate When selecting the server certificate based on the signature algorithms supported by the client, check the signature algorithms as close as possible to the way they are checked to compute the signature for the server to prove it possesses the private key associated to the certificate. That way we minimize the odds of selecting a certificate for which the server will not be able to compute the signature to prove it possesses the private key associated to the certificate. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:26:32 +02:00
Tom Cosgrove	ea45c1d2d4	Document and test aliasing of output for mbedtls_mpi_core_montmul() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-20 13:17:51 +01:00
Werner Lewis	05feee1841	Restore vbuf value after modification Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 12:05:58 +01:00
Werner Lewis	ccae25b4bf	Add explicit mbedtls_ecp_tls_read_group_id call Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 10:00:07 +01:00
Werner Lewis	7403d93f8a	Add leading zeros to group metadata Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 09:41:05 +01:00
Werner Lewis	57807308d5	Fix typo in MBEDTLS_ECP_DP_BP512R1 Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 09:16:11 +01:00
Tom Cosgrove	f2b3818a69	Test when all three inputs to mbedtls_mpi_core_sub() are aliased Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-20 09:08:31 +01:00
Asfandyar Orakzai	c155415f04	Merge branch 'Mbed-TLS:development' into codegen_1.1	2022-09-19 12:34:40 +02:00
Manuel Pégourié-Gonnard	1367f40d38	Fix memory corruption in an SSL test function Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-19 11:00:23 +02:00
Manuel Pégourié-Gonnard	73f9233a73	Use full config for testing driver-only hashes Stating from the default config means a few things are implicitly excluded; starting from the full config makes it all fully explicit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-19 10:47:05 +02:00
Manuel Pégourié-Gonnard	79e1467799	Fix include path for programs Same problem as #6101, same fix (the second commit of #6111). Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-19 09:27:53 +02:00
Jerry Yu	7a51305478	Add multi-session tickets test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-19 14:26:07 +08:00
Gilles Peskine	cca6ce8829	Fix directory mixup with generated data files CMakeLists.txt was calling generate_psa_tests.py and siblings to list the generated test data files with a --directory option, intended the output to be this argument textually. This used to work, but no longer does, because the --directory argument is relative to the current directory when the Python script is invoked, and the script now shows an absolute path. CMakeLists.txt now completely ignores the directory part of the listed data file paths and builds its own. The base_xxx_files variables now contain actual base names, without a "suites/" prefix. This makes it more robust with respect to the behavior of the Python script, but it will break if we put data files in multiple different directories one day. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-18 23:08:38 +02:00
Gilles Peskine	e188734f51	Don't use parallel jobs for pylint When pylint runs in parallel, it loses the ability to detect duplicated code across modules. Duplicated code is usually a bad thing, so give pylint the opportunity to let us know. This makes pylint slightly slower, but going from 2 threads to 1 does not make it anywhere close to twice as slow. On my machine, with Python 3.5, pylint -j2 takes about 12s while single-threaded pylint takes about 16s of wall clock time. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-18 21:27:37 +02:00
Ronald Cron	be0224aef3	Merge pull request #6167 from yuhaoth/pr/finalize-tls13-session-tickets	2022-09-18 21:18:13 +02:00
Gilles Peskine	d9071e7d96	Unify check_repo_path We had 4 identical copies of the check_repo_path function. Replace them by a single copy in the build_tree module where it naturally belongs. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-18 21:17:09 +02:00
Gilles Peskine	ef843f2b0c	MBEDTLS_PLATFORM_VSNPRINTF_ALT requires MBEDTLS_PLATFORM_C mbedtls_vsnprintf replacement works like mbedtls_snprintf replacement, so copy the requirements for MBEDTLS_PLATFORM_VSNPRINTF_ALT. (MBEDTLS_PLATFORM_xxx_MACRO shouldn't require MBEDTLS_PLATFORM_C, but that's a separate preexisting problem which I do not try address at this time.) Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-18 14:05:23 +02:00
Asfandyar Orakzai	4c93bb52ef	removed changed made to the test/bionic/Dockerfile Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>	2022-09-17 22:20:33 +02:00
asfand-silabs	b549776a23	Merge branch 'Mbed-TLS:development' into codegen_1.1	2022-09-17 19:54:01 +02:00
Gilles Peskine	4537d6d838	Move implementation detail from docstring to comment Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-17 10:38:58 +02:00
Gilles Peskine	64f2efdc40	More precise name for test data generation We have Python code both for test code generation (tests/scripts/generate_test_code.py) and now for test data generation. Avoid the ambiguous expression "test generation". This commit renames the Python module and adjusts all references to it. A subsequent commit will adjust the documentation. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-17 10:38:58 +02:00
Gilles Peskine	1716f06ee3	Merge pull request #6093 from wernerlewis/bignum_test_script Add bignum test case generation script	2022-09-17 10:37:26 +02:00
Werner Lewis	c2fb540c67	Use a script specific description in CLI help Previous changes used the docstring of the test_generation module, which does not inform a user about the script. Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-16 17:03:54 +01:00
Andrzej Kurek	2be1689504	Add capacity testing to EC J-PAKE to PMS tests Let the caller restrict the capacity but limit it to 32 bytes. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-16 07:14:04 -04:00
Andrzej Kurek	d37850404a	Add derivation step testing to EC J-PAKE to PMS tests Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-16 06:45:44 -04:00
Manuel Pégourié-Gonnard	07018f97d2	Make legacy_or_psa.h public. As a public header, it should no longer include common.h, just use build_info.h which is what we actually need anyway. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-16 12:02:48 +02:00
Archana	e17071a5ee	Update Dockerfile with missing packages Signed-off-by: Archana <archana.madhavan@silabs.com> Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>	2022-09-16 11:01:01 +02:00
Archana	634e0d25cb	Update check_names.py to exclude autogen file Don't look for MBED keywords on the autogenerated psa_crypto_driver_wrappers.c file. This is needed since the naming of constants is dependent on the driver json and the naming conventions used through the library is stuck at a place where it does not swing either way ( mbedtls_ / psa_). Signed-off-by: Archana <archana.madhavan@silabs.com> Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>	2022-09-16 11:01:01 +02:00
Archana	25876b8abb	Adding JSONSchema to CI scripts jsonschema is added to the ci scripts and Dockerfile Signed-off-by: Archana <archana.madhavan@silabs.com> Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>	2022-09-16 11:01:01 +02:00
Archana	04cfe34639	JSON Validation added (1) JSON file structure altered a bit. (2) JSON validated against schema. (3) Corresponding changes in the python script. Signed-off-by: Archana <archana.madhavan@silabs.com> Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>	2022-09-16 11:01:01 +02:00
Archana	e829cd6953	Driver Wrapper CodeGen Rev 1.1 (1) Add in driver jsons. (2) Improve Python scripts to take JSON file directory and template directory paths as arguments. (3) Add in file augment template files to template common functionality (4) render tempplates for Header files, ID generation and key management. (5) Changed driver ID nomenclature to be in synch with function names. Signed-off-by: Archana <archana.madhavan@silabs.com> Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>	2022-09-16 11:01:01 +02:00
Gilles Peskine	a844b4b370	No need to use MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED in tests Initializing return status variables to CORRUPTION_DETECTED is a second line of defense in library code in case there's a code path where we forget to assign to the variable. This isn't useful in test code. In any case, here, we might as well define the variable at the point of use. This fixes a build error in configurations with MBEDTLS_ERROR_C and MBEDTLS_PSA_CRYPTO_C both disabled, because then mbedtls/error.h isn't included so MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED isn't defined. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-15 21:05:04 +02:00
Gilles Peskine	945b23c46f	Include platform.h unconditionally: automatic part We used to include platform.h only when MBEDTLS_PLATFORM_C was enabled, and to define ad hoc replacements for mbedtls_xxx functions on a case-by-case basis when MBEDTLS_PLATFORM_C was disabled. The only reason for this complication was to allow building individual source modules without copying platform.h. This is not something we support or recommend anymore, so get rid of the complication: include platform.h unconditionally. There should be no change in behavior since just including the header should not change the behavior of a program. This commit replaces most occurrences of conditional inclusion of platform.h, using the following code: ``` perl -i -0777 -pe 's!#if.\n#include "mbedtls/platform.h"\n(#else.\n(#define (mbedtls\|MBEDTLS)_.\n\|#include <(stdarg\|stddef\|stdio\|stdlib\|string\|time)\.h>\n))?#endif.*!#include "mbedtls/platform.h"!mg' $(git grep -l '#include "mbedtls/platform.h"') ``` Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-15 20:33:07 +02:00
Tom Cosgrove	c71ca0cb3c	Remove some unnecessary whitespace (two spaces after commas) Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 15:38:17 +01:00
Tom Cosgrove	dbc156172c	Don't bother to test b + a after testing a + b if a == b Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 15:36:23 +01:00
Tom Cosgrove	17f1fdca0f	Update comments in mpi_core_add_if() test Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 15:23:56 +01:00
Tom Cosgrove	b7438d1f62	Update name of mbedtls_mpi_montg_init() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 15:05:59 +01:00
Tom Cosgrove	359feb0d2f	Better wording for the reason why we use an input MPI for a scalar value Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:52:34 +01:00
Tom Cosgrove	e2159f2083	Use the MAX() macro Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:40:10 +01:00
Tom Cosgrove	be7209db1f	Remove unnecessary casts Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:32:38 +01:00
Tom Cosgrove	50c477bd6b	Use S and sum (rather than X/expected) in mpi_core_add_if() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:28:30 +01:00
Tom Cosgrove	1feb5ac1b7	Switch to using TEST_LE_S() and TEST_LE_U() in tests Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:22:35 +01:00
Tom Cosgrove	2b177926ad	Use ASSERT_ALLOC() in tests Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-15 14:07:18 +01:00
Przemek Stekiel	c454aba203	ssl-opt.sh: add tests for key_opaque_algs option Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-15 14:22:29 +02:00
Manuel Pégourié-Gonnard	409a620dea	Merge pull request #6255 from mprse/md_tls13 Driver-only hashes: TLS 1.3	2022-09-15 10:37:46 +02:00
Manuel Pégourié-Gonnard	18dff1f226	Merge pull request #5871 from superna9999/4153-psa-expose-ec-j-pake Expose ECJPAKE through the PSA Crypto API	2022-09-15 09:25:55 +02:00
Ronald Cron	62e24ba186	Merge pull request #6260 from yuhaoth/pr/add-multiple-pre-config-psks TLS 1.3:Add multiple pre-configured psk test for server	2022-09-15 08:58:40 +02:00
Andrzej Kurek	4ba0e45f8e	all.sh: don't build with ECJPAKE_TO_PMS if SHA256 is not available Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-14 14:58:49 -04:00
Werner Lewis	52ae326ebb	Update references to file targets in docstrings Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-14 16:52:45 +01:00
Werner Lewis	ac446c8a04	Add combination_pairs helper function Wrapper function for itertools.combinations_with_replacement, with explicit cast due to imprecise typing with older versions of mypy. Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-14 16:52:45 +01:00
Werner Lewis	b6e809133d	Use typing.cast instead of unqualified cast Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-14 16:52:45 +01:00
Andrzej Kurek	d8705bc7b7	Add tests for the newly created ad-hoc EC J-PAKE KDF Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-14 08:39:41 -04:00
Ronald Cron	208257b39f	Merge pull request #6259 from yuhaoth/pr/add-psk_ephemeral-possible-group-tests TLS 1.3: PSK: Add possible group tests for psk with ECDHE	2022-09-14 14:21:46 +02:00
Jerry Yu	673b0f9ad3	Randomize order of psks Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-14 18:02:26 +08:00
Manuel Pégourié-Gonnard	b2407f2b91	Merge pull request #6261 from mprse/hash_size_macro Create MBEDTLS_MAX_HASH_SIZE in hash_info.h	2022-09-14 10:00:06 +02:00
Przemek Stekiel	dcec7ac3e8	test_psa_crypto_config_accel_hash_use_psa: enable tls.1.3 at the end and adapt comment Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-13 18:08:54 +02:00
Przemek Stekiel	a4af13a46c	test_psa_crypto_config_accel_hash_use_psa: enable TLS 1.3 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-13 18:08:54 +02:00
Dave Rodgman	8cc46aa22c	Merge pull request #6275 from daverodgman/fixcopyright Correct copyright and license in crypto_spe.h	2022-09-13 11:23:52 +01:00
Jerry Yu	a02841bb8a	revert changes on PSK tests Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-13 11:07:27 +08:00
Dave Rodgman	53a18f23ac	Correct copyright and license in crypto_spe.h Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-09-12 17:57:32 +01:00
Werner Lewis	3dc45198e6	Replace L/R inputs with A/B Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-12 17:35:27 +01:00
Werner Lewis	1fade8adb6	Move symbol definition out of __init__ Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-12 17:34:15 +01:00
Andrzej Kurek	d681746a51	Split some ssl-opt.sh test cases into two There's a slightly different behaviour without MBEDTLS_SSL_ASYNC_PRIVATE that has to be handled. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-12 05:37:46 -04:00
Andrzej Kurek	07e3570f8c	Add an ssl-opt.sh run to all.sh for the accel_hash_use_psa config Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-12 05:37:46 -04:00
Andrzej Kurek	934e9cd47f	Switch to the new version of hash algorithm checking in ssl-opt.sh Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-12 05:34:23 -04:00
Andrzej Kurek	9c061a2d19	Add a posibility to check for the availability of hash algs to ssl-opt The new function now dispatches a check for either an MBEDTLS or PSA define to check for SHA_XXX. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-12 05:34:23 -04:00
Manuel Pégourié-Gonnard	f6a6a2d815	Merge pull request #6216 from AndrzejKurek/tls-tests-no-md-compat TLS without MD - compat.sh addition to all.sh hash acceleration tests	2022-09-12 10:23:49 +02:00
Przemek Stekiel	40afdd2791	Make use of MBEDTLS_MAX_HASH_SIZE macro Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-06 14:18:45 +02:00
Neil Armstrong	2a73f21878	Fixup expected status handling in ecjpake_setup() and add more coverage for psa_pake_set_password_key() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-09-06 11:34:54 +02:00
Jerry Yu	58af2335d9	Add possible group tests for psk with ECDHE Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-06 14:49:39 +08:00
Jerry Yu	079472b4c9	Add multiple pre-configured psk test for server Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-06 11:44:18 +08:00
Neil Armstrong	78c4e8e9cb	Make ecjpake_do_round() return void and use TEST_ASSERT with a descriptive text instead of returning a value Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-09-05 18:08:13 +02:00
Neil Armstrong	51009d7297	Add comment in ecjpake_do_round() explaining input errors can be detected any time in the input sequence Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-09-05 17:59:54 +02:00
Andrzej Kurek	5e0654a324	Add a compat.sh run to psa_crypto_config_accel_hash_use_psa Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-04 09:31:17 -04:00
Andrzej Kurek	c502210291	Adjust pkparse test dependencies Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-02 15:33:20 -04:00
Werner Lewis	855e45c817	Use simpler int to hex string conversion Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-02 17:26:19 +01:00
Werner Lewis	56013081c7	Remove unused imports Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-02 12:57:37 +01:00
Werner Lewis	a4668a6b6c	Rework TestGenerator to add file targets BaseTarget-derived targets are now added to TestGenerator.targets in initialization. This reduces repeated code in generate_xxx_tests.py scripts which use this framework. Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-02 11:56:34 +01:00
Tom Cosgrove	1135b20064	Add mbedtls_mpi_core_add_if() tests for when inputs are aliased Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-02 11:46:18 +01:00
Tom Cosgrove	42dfac6ae8	Rename variables and update comments in mpi_core_mla test Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-02 11:27:39 +01:00
Tom Cosgrove	a043aeb95c	Rename variables and update comments in mpi_core_sub test Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-02 11:27:39 +01:00
Tom Cosgrove	eceb4ccfc3	Rename variables and update comments in mpi_core_add_if test Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-02 11:27:31 +01:00
Tom Cosgrove	1b2947a614	Remove mbedtls_ prefix from bignum test cases Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-09-02 10:24:55 +01:00
Andrzej Kurek	7a32072038	Setup / deinitialize PSA in pk tests only if no MD is used Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-02 04:07:15 -04:00
Andrzej Kurek	26909f348f	Add PSA initialization and teardown to tests using pkcs5 If PSA is defined and there is no MD - an initialization is required. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-02 04:05:37 -04:00
Andrzej Kurek	a57267c758	Add a possibility to call PSA_INIT without MBEDTLS_PSA_CRYPTO_C Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-02 04:05:37 -04:00
Andrzej Kurek	37a17e890c	Enable PKCS5 in no-md builds in all.sh Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-02 04:05:33 -04:00

... 3 4 5 6 7 ...

7567 commits