Gilles Peskine
1eae11565d
Merge pull request #6949 from bensze01/replace_pkcs7_fuzzer_tests
...
Replace fuzzer-generated PKCS #7 memory management tests
2023-03-01 10:46:22 +01:00
Gilles Peskine
7e677fa2c5
Merge pull request #6389 from gilles-peskine-arm/ecdsa-use-psa-without-pkwrite
...
Remove pkwrite dependency in pk using PSA for ECDSA
2023-02-28 18:17:16 +01:00
Gilles Peskine
b52b788e55
Merge pull request #6895 from yuhaoth/pr/add-aes-with-armv8-crypto-extension
...
Add AES with armv8 crypto extension
2023-02-28 18:16:37 +01:00
Gilles Peskine
e4616830b3
Merge pull request #7137 from lpy4105/issue/1785/ssl-test-script-fail
...
compat.sh: Skip static ECDH cases if unsupported in openssl
2023-02-28 18:11:39 +01:00
Dave Rodgman
17152df58d
Merge pull request #7175 from paul-elliott-arm/interruptible_sign_hash_test_comments
...
Interruptible sign hash test comments
2023-02-28 17:09:43 +00:00
Gilles Peskine
ebb63420cc
Merge pull request #7124 from oberon-microsystems/fix-test-output-length-on-success-only
...
Fix test to check output length on PSA_SUCCESS only
2023-02-28 18:09:33 +01:00
Bence Szépkúti
35d674a6ee
Replace usage of echo -e in pkcs7 data Makefile
...
This use of the shell builtin is not portable.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-02-28 17:01:21 +01:00
Dave Rodgman
ffb4dc38c8
Merge pull request #7183 from paul-elliott-arm/interruptible_sign_hash_test_max_ops_0
...
Interruptible {sign|verify} hash : Change max_ops=min tests to use a value of zero.
2023-02-28 15:56:01 +00:00
Bence Szépkúti
4a2fff6369
Fix expected error code
...
This was overlooked during the rebase.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-02-28 16:40:27 +01:00
Paul Elliott
ac2251dad1
Merge pull request #7076 from mprse/parse_RFC822_name
...
Add parsing of x509 RFC822 name + test
2023-02-27 14:16:13 +00:00
Paul Elliott
cd7e8bce03
Change max_ops=min tests to use zero
...
Zero is the minimum value defined by the spec, just because the internal
implementation treats zero and one as the same thing does not mean that other
implementations will also do so.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-27 12:21:36 +00:00
Stephan Koch
5819d2c141
Feedback from Arm: guarantee that output_length <= output_size even on error, to reduce the risk that a missing error check
...
escalates into a buffer overflow in the application code
Signed-off-by: Stephan Koch <koch@oberon.ch>
2023-02-27 11:49:13 +01:00
oberon-sk
10c0f770ce
asymmetric_encrypt: check output length only if return code is PSA_SUCCESS.
...
Signed-off-by: Stephan Koch <koch@oberon.ch>
2023-02-27 11:48:51 +01:00
Paul Elliott
c2033502f5
Give edge case tests a better name
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-26 18:47:58 +00:00
Paul Elliott
c7f6882995
Add comments to each test case to show intent
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-26 18:47:58 +00:00
Bence Szépkúti
248971348b
Replace fuzzer-generated PKCS7 regression tests
...
This commit adds well-formed reproducers for the memory management
issues fixed in the following commits:
290f01b3f5
e7f8c616d0
f7641544ea
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-02-24 15:31:03 +01:00
Pengyu Lv
9e7bb2a92c
Update some comments
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-02-23 16:03:56 +08:00
Janos Follath
406b9172ad
Merge pull request #7044 from minosgalanakis/bignum/6342_add_named_moduli_setup
...
Bignum: Add named moduli setup
2023-02-22 12:14:33 +00:00
Pengyu Lv
07d5085fcf
Skip ECDH ciphersuites for O->m pair
...
The mechanism of detecting unsupported ciphersuites
for OpenSSL client doesn't work on a modern OpenSSL.
At least, it fails on Travis CI which is installed
with OpenSSL 1.1.1f. So we need to skip ECDH cipher-
suites for O->m.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-02-22 12:18:48 +08:00
Pengyu Lv
a64c277588
compat.sh: Skip all *ECDH_* ciphersuites
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-02-22 10:19:40 +08:00
Gilles Peskine
ffb92b0789
Merge pull request #7105 from davidhorstmann-arm/fix-oid-printing-bug
...
Fix bugs in OID to string conversion
2023-02-21 23:16:44 +01:00
Paul Elliott
48c591cb56
Fix warning with GCC 12
...
Fix warning about variable being used uninitialised.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-21 16:31:56 +00:00
Gilles Peskine
250a5ac4cb
Merge pull request #7095 from paul-elliott-arm/interruptible_sign_hash_codestyle
...
Implement PSA interruptible sign/verify hash
2023-02-21 15:13:34 +01:00
Przemek Stekiel
a006f8c17b
Adapt dependencies for parsing rfc822Name test
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-21 13:36:56 +01:00
Dave Rodgman
e42cedf256
Merge pull request #7077 from daverodgman/pkcs7-fixes-dm-rebased
...
Pkcs7 fixes
2023-02-21 11:53:30 +00:00
Pengyu Lv
5e780df3e3
Only use standard cipher name
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-02-21 14:19:27 +08:00
David Horstmann
a4fad2ba67
Correct error code in test_suite_x509parse.data
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-02-20 14:57:47 +00:00
Dave Rodgman
716163e824
Improve allocation bounds in testing
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-20 14:46:51 +00:00
David Horstmann
5b5a0b618c
Change error codes to more appropriate codes
...
The more precise error codes are borrowed from the ASN1 module.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-02-20 14:24:12 +00:00
Przemek Stekiel
5b9e4168cf
Add rfc822Name support in mbedtls_x509_info_subject_alt_name + adapt test
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-20 15:09:50 +01:00
Przemek Stekiel
608e3efc47
Add test for parsing SAN: rfc822Name
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-20 15:09:50 +01:00
Minos Galanakis
a30afe2216
ecp_curves: Minor refactoring.
...
This patch introduces the following changes:
* Documentation for `mbedtls_ecp_modulus_setup()`
moved to `ecp_invasive.h`.
* Added invalid modulus selector `MBEDTLS_ECP_MOD_NONE`.
* Adjusted negative tests to use invalid selectors.
* Reworded documentation.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-02-20 13:53:06 +00:00
Minos Galanakis
36f7c0e69b
test_suite_ecp: Added .data for ecp_setup_test()
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-02-20 13:51:49 +00:00
Minos Galanakis
9a1d02d738
test_suite_ecp: Added test for mbedtls_ecp_modulus_setup()
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-02-20 13:51:48 +00:00
Janos Follath
ec718afb41
Merge pull request #7051 from gabor-mezei-arm/6376_Secp521r1_fast_reduction
...
Add a raw entry point to Secp521r1 fast reduction
2023-02-20 13:03:12 +00:00
Manuel Pégourié-Gonnard
718eb4f190
Merge pull request #7025 from AndrzejKurek/uri_san
...
Add the uniformResourceIdentifier subtype for the subjectAltName
2023-02-20 11:29:59 +01:00
Pengyu Lv
1c0e4c013a
compat.sh: skip static ECDH cases if unsupported in openssl
...
This commit add support to detect if openssl used for testing
supports static ECDH key exchange. Skip the ciphersutes if
openssl doesn't support them.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-02-20 18:05:21 +08:00
Paul Elliott
f8e5b56ad8
Fix get_num_ops internal code.
...
Previously calling get_num_ops more than once would have ended up with ops
getting double counted, and not calling inbetween completes would have ended up
with ops getting missed. Fix this by moving this to where the work is actually
done, and add tests for double calls to get_num_ops().
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-19 18:55:10 +00:00
Dave Rodgman
d652dce9ea
Add failing test case (invalid signature) for zero-length data
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-16 16:39:34 +00:00
Dave Rodgman
c5874db5b0
Add test-case for signature over zero-length data
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-16 16:14:46 +00:00
Paul Elliott
0af1b5367b
Remove some abbrevations from test descriptions.
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-16 12:15:39 +00:00
Paul Elliott
96b89b208a
Add comment to indicate non-PSA spec assertion.
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-16 12:15:39 +00:00
Paul Elliott
f1743e2440
Add verify call to max ops tests
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-16 12:15:39 +00:00
Paul Elliott
c86d45e8a1
Remove spurious incorrect comment
...
Comment originated from original version of this code, and the newer comment
which was added when it was pulled into a seperate function covers all cases.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
efebad0d67
Run extra complete in failure tests regardless.
...
We do not need to expect to fail, running another complete in either sign or
verify after successful completion should also return BAD_STATE.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
01885fa5e5
Fix include guards on auxiliary test function.
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
a4cb909fcd
Add max ops tests
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
76d671ad73
Split state tests into two functions
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
b830b35fb1
Shorten test descriptions.
...
Also mark some tests as being deterministic ECDSA where this was lacking.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
1243f93cca
Fix build fails with non ECDSA / restartable builds
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00