mbedtls

Author	SHA1	Message	Date
Ronald Cron	0e980e8e84	Merge pull request #5640 from ronald-cron-arm/version-negotiation-2 TLS 1.2/1.3 version negotiation - 2	2022-04-01 12:29:06 +02:00
Manuel Pégourié-Gonnard	33a9d61885	Merge pull request #5638 from paul-elliott-arm/ssl_cid_accessors Accessors to own CID within mbedtls_ssl_context	2022-04-01 11:36:00 +02:00
Manuel Pégourié-Gonnard	6a25159c69	Merge pull request #5648 from gabor-mezei-arm/5403_hkdf_use_internal_psa_implementations HKDF 2: use internal implementations in TLS 1.3	2022-04-01 11:15:29 +02:00
Paul Elliott	02758a51df	Add tls CID tests Add tests to test tls coneection id functionality, including the new 'own cid' accessor. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-03-31 19:21:41 +01:00
Paul Elliott	ff59a34606	Prevent free of uninitialised variables In an error case it was possible for mbedtls_mpi variables to be free'd uninitialised. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-03-31 17:14:13 +01:00
Dave Rodgman	017a19997a	Update references to old Github organisation Replace references to ARMmbed organisation with the new org, Mbed-TLS, following project migration. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-03-31 14:43:16 +01:00
Ronald Cron	a980adf4ce	Merge pull request #5637 from ronald-cron-arm/version-negotiation-1 TLS 1.2/1.3 version negotiation - 1	2022-03-31 11:47:16 +02:00
Ronald Cron	37bdaab64f	tls: Simplify the logic of the config version check and test it Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-31 09:26:58 +02:00
Neil Armstrong	56d51274d8	Initialize PSA crypto in test_suite_pk for RSA verify tests Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-30 16:39:07 +02:00
Manuel Pégourié-Gonnard	3304f253d7	Merge pull request #5653 from paul-elliott-arm/handshake_over Add mbedtls_ssl_is_handshake_over()	2022-03-30 12:16:40 +02:00
Ronald Cron	f660655b84	TLS: Allow hybrid TLS 1.2/1.3 in default configurations This implies that when both TLS 1.2 and TLS 1.3 are included in the build all the TLS 1.2 tests using the default configuration now go through a version negotiation on the client side. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-29 18:58:31 +02:00
Paul Elliott	571f1187b6	Merge pull request #5642 from mprse/ecp_export Add ECP keypair export function	2022-03-29 17:19:04 +01:00
Ronald Cron	086ee0be0e	ssl_tls.c: Reject TLS 1.3 version configuration for server Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-29 14:42:17 +02:00
Ronald Cron	63d97ad0bb	Merge pull request #5559 from yuhaoth/pr/add-rsae-sha384-sha512 Add rsae sha384 sha512	2022-03-29 14:01:51 +02:00
Przemek Stekiel	6a478ef054	mbedtls_ecp_group_cmp: change names of parameters to more suitable Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-28 07:25:12 +02:00
Gabor Mezei	ed6d6589b3	Use hash algoritm for parameter instead of HMAC To be compatible with the other functions `mbedtls_psa_hkdf_extract` and `mbedtls_psa_hkdf_expand` use hash algorithm for parameter. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-26 17:28:06 +01:00
Gabor Mezei	07732f7015	Translate from mbedtls_md_type_t to psa_algorithm_t Do the translation as early as possible from mbedtls_md_type_t to psa_algorithm_t. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-26 17:04:19 +01:00
Gabor Mezei	5d9a1fe9e9	PSA code depends on MBEDTLS_SSL_PROTO_TLS1_3 With TLS 1.3 support MBEDTLS_PSA_CRYPTO_C is enabled so PSA support is always enabled. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-26 15:47:15 +01:00
Manuel Pégourié-Gonnard	cefa904759	Merge pull request #5622 from paul-elliott-arm/timing_delay_accessor Accessor for mbedtls_timing_delay_context final delay	2022-03-25 09:14:41 +01:00
Paul Elliott	42d5e51a98	Make test function name more accurate Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-03-24 19:41:28 +00:00
Paul Elliott	27b0d94e25	Use mbedtls_ssl_is_handshake_over() Switch over to using the new function both internally and in tests. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-03-24 14:43:52 +00:00
Jerry Yu	f8aa9a44aa	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-03-23 20:54:38 +08:00
Jerry Yu	5fb7d176f3	Replace rsakey to 2048bits for test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-03-23 11:16:53 +08:00
Jerry Yu	cef3f33012	Guard rsa sig algs with rsa_c and pkcs1_v{15,21} Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-03-22 23:16:42 +08:00
Jerry Yu	701656fb29	fix redefine error Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-03-22 21:52:05 +08:00
Jerry Yu	e2c882518c	Add pk_sign_ext unit tests Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-03-22 21:24:19 +08:00
Jerry Yu	5512ad9df8	fix genkey fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-03-22 15:14:53 +08:00
Jerry Yu	92339d25b4	Add more unit test for pk_sign_ext Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-03-22 15:14:53 +08:00
Jerry Yu	b3bfe9f5d2	Add verify for pk_sign_ext test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-03-22 15:14:53 +08:00
Jerry Yu	5a0afc8a12	fix test fail for pk_sign_ext Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-03-22 15:13:35 +08:00
Jerry Yu	1f45b67474	Add unit tests Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-03-22 15:13:34 +08:00
Gabor Mezei	1e64f7a643	Use MBEDTLS_USE_PSA_CRYPTO macro guard for testing instead of MBEDTLS_PSA_CRYPTO_C Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-21 17:00:54 +01:00
Gabor Mezei	892c4aa295	Update hkdf test cases to handle PSA code Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-21 17:00:54 +01:00
Paul Elliott	21bbb7a888	Add simple test to ensure accessor is working Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-03-21 15:28:05 +00:00
Paul Elliott	b9af2db4cf	Add accessor for timing final delay Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-03-21 15:26:19 +00:00
Manuel Pégourié-Gonnard	f4042f076b	Merge pull request #5573 from superna9999/5176-5177-5178-5179-tsl-record-hmac TLS record HMAC	2022-03-21 11:36:44 +01:00
Manuel Pégourié-Gonnard	706f6bae27	Merge pull request #5518 from superna9999/5274-ecdsa-signing PK: ECDSA signing	2022-03-21 09:57:57 +01:00
Manuel Pégourié-Gonnard	472044f21e	Merge pull request #5525 from superna9999/5161-pk-rsa-encryption PK: RSA encryption	2022-03-21 09:57:38 +01:00
Przemek Stekiel	a677b5f6c7	Fix minor issues - parameter name in function description - test_suite_ecp.data: add new line at the end of file Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-21 09:49:40 +01:00
Neil Armstrong	c23d2e3ef1	Wrap unused declaration in #if/#endif when USE_PSA is set in x509_csr_check() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 15:31:59 +01:00
Przemek Stekiel	4b30feb32e	Add test for ECP export Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-18 13:58:26 +01:00
Neil Armstrong	8f92bf3a26	Only make PSA HMAC key exportable when NULL or CBC & not EtM in build_transforms() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 11:10:09 +01:00
Manuel Pégourié-Gonnard	8d4bc5eeb9	Merge pull request #5481 from gabor-mezei-arm/5401_implement_hkdf_extract_based_on_psa_hmac HKDF 1a: Implement Extract in TLS 1.3 based on PSA HMAC	2022-03-17 11:55:48 +01:00
Manuel Pégourié-Gonnard	15c0e39fff	Merge pull request #5519 from superna9999/5150-pk-rsa-decryption PK: RSA decryption	2022-03-17 11:02:13 +01:00
Gabor Mezei	88f3b2e502	Update old style test function parameter handling Use data_t type for hex string parameters. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-16 16:53:23 +01:00
Gilles Peskine	cba28a7d40	Systematically generate test cases for operation setup failure The test suite test_suite_psa_crypto_op_fail now runs a large number of automatically generated test cases which attempt to perform a one-shot operation or to set up a multi-part operation with invalid parameters. The following cases are fully covered (based on the enumeration of valid algorithms and key types): * An algorithm is not supported. * The key type is not compatible with the algorithm (for operations that use a key). * The algorithm is not compatible for the operation. Some test functions allow the library to return PSA_ERROR_NOT_SUPPORTED where the test code generator expects PSA_ERROR_INVALID_ARGUMENT or vice versa. This may be refined in the future. Some corner cases with algorithms combining a key agreement with a key derivation are not handled properly. This will be fixed in follow-up commits. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-03-16 13:54:25 +01:00
Gilles Peskine	8b4a38176a	Generate test cases for hash operation failure Test that hash operation functions fail when given a hash algorithm that is not supported or an algorithm that is not a hash. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-03-16 13:54:25 +01:00
Gilles Peskine	c7e1ea074a	New test suite for systematically generated operation failure tests The new test suite psa_crypto_op_fail is intended for systematically generated test cases that ensure that cryptographic operations with invalid parameters fail as expected. I intend invalid parameters to cover things like an invalid algorithm, an algorithm that is incompatible with the operation, a key type that is incompatible with the algorithm, etc. This commit just creates the infrastructure. Subsequent commits will add data generation and test code. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-03-16 13:54:25 +01:00
Gilles Peskine	08622b6dc7	Declare PSA_WANT_ALG_CCM_STAR_NO_TAG and use it in tests CCM-no-tag is currently available whenever CCM is, so declare PSA_WANT_ALG_CCM_STAR_NO_TAG whenever PSA_WANT_ALG_CCM is declared and vice versa. Fix dependencies of test cases that use PSA_ALG_CCM_STAR_NO_TAG: some were using PSA_WANT_ALG_CCM and some had altogether wrong dependencies. This commit does not touch library code. There is still no provision for providing CCM support without CCM-no-tag or vice versa. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-03-16 13:54:25 +01:00
Dave Rodgman	2cecd8aaad	Merge pull request #3624 from daxtens/timeless RFC: Fix builds with MBEDTLS_HAVE_TIME disabled and test	2022-03-15 16:43:19 +00:00
Manuel Pégourié-Gonnard	c11bffe989	Merge pull request #5139 from mprse/key_der_ecc PSA: implement key derivation for ECC keys	2022-03-14 09:17:13 +01:00
Gilles Peskine	afb482897b	Merge pull request #5292 from mprse/asym_encrypt Driver dispatch for PSA asymmetric encryption + RSA tests	2022-03-10 20:07:38 +01:00
Manuel Pégourié-Gonnard	10e5cdbbbf	Merge pull request #5454 from gstrauss/cert_cb-user_data server certificate selection callback	2022-03-10 11:51:42 +01:00
Dave Rodgman	73e91e13a6	Merge pull request #2229 from RonEld/fix_test_md_api_violation Fix test md api violation	2022-03-10 09:21:47 +00:00
Przemek Stekiel	c85f0912c4	psa_crypto.c, test_suite_psa_crypto.function: fix style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-08 11:37:54 +01:00
Przemek Stekiel	b6bdebde5e	asymmetric_encrypt: handle forced output Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-08 10:32:18 +01:00
Przemek Stekiel	d5e5c8b58d	asymmetric_encrypt: add remining test driver cases Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-08 10:31:07 +01:00
Gilles Peskine	c9c967c812	Fix RSA sanity checks for asymmetric_encrypt * Remove expected_output_data: since asymmetric encryption is randomized, it can't be useful. * The decryption check needs the private exponent, not the public exponent. * Use PSA macro for the expected ciphertext buffer size. * Move RSA sanity checks to their own function for clarity. * For RSAES-PKCS1-v1_5, check that the result of the private key operation has the form 0x00 0x02 ... 0x00 M where M is the plaintext. * For OAEP, check that the result of the private key operation starts with 0x00. The rest is the result of masking which it would be possible to check here, but not worth the trouble of implementing. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-03-07 21:18:37 +01:00
Gilles Peskine	44311f5c98	Merge pull request #5571 from superna9999/5162-pk-rsa-signing PK: RSA signing	2022-03-07 17:09:14 +01:00
Gilles Peskine	6bf5c8cb1d	Merge pull request #5506 from superna9999/4964-extend-psa-one-shot-multipart Extend PSA operation setup tests to always cover both one-shot and multipart	2022-03-07 17:04:37 +01:00
Przemek Stekiel	72373f3819	WIP: Add asymmetric_encrypt test case Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-07 16:48:18 +01:00
Przemek Stekiel	7a58208809	Change names rsa->asymmetric_encryption Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-07 10:49:04 +01:00
Neil Armstrong	fd4c259a7b	Use PSA_INIT() in mac_multipart_internal_func() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-07 10:11:11 +01:00
Ron Eldor	0df1ecd5fd	Fix test_suite_md API violation Add a call to `mbedtls_md_starts()` in the `mbedtls_md_process()` test, as it violates the API usage. Fixes #2227. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-03-04 16:48:17 +00:00
Andrzej Kurek	469fa95cbc	Add the timing test dependency on MBEDTLS_HAVE_TIME Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-03-04 05:07:45 -05:00
Neil Armstrong	502da11df1	Initialize PSA crypto in test_suite_pk pk_rsa_decrypt_test_vec() when USE_PSA_CRYPTO is enabled Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:52:47 +01:00
Neil Armstrong	5b32038ff0	Alternative CSR checks in x509_csr_check when USE_PSA_CRYPTO The X509write x509_csr_check reference file depends on mbedtls_test_rnd_pseudo_rand being used to match the pre-generated data. This calls x509_crt_verifycsr() like in x509_csr_check_opaque() when MBEDTLS_USE_PSA_CRYPTO is defined. Notably using PSA_ALG_DETERMINISTIC_ECDSA() in ecdsa_sign_wrap() makes this test run without these changes. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:44:06 +01:00
Neil Armstrong	5f8328b2f6	Initialize PSA crypto in test_suite_x509write for RSA signing tests Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Neil Armstrong	c921bfdf30	Fix 80 characters indentation in pk_rsa_encrypt_decrypt_test() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:33:39 +01:00
Neil Armstrong	7f1055223d	Remove pk_rsa_encrypt_test_vec() test in favor to pk_rsa_encrypt_decrypt_test() Not checking the encrypt result with PSA makes the test useless. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:33:39 +01:00
Neil Armstrong	dac2f23a82	Stop checking against reference vector in pk_rsa_encrypt_test_vec when USE_PSA_CRYPTO The pk_rsa_encrypt_test_vec() reference vector is calculated while using mbedtls_test_rnd_pseudo_rand rng source, but since the RNG souce can't be controlled when USE_PSA_CRYPTO is enabled we can't get the same result. The pk_rsa_encrypt_test_vec() fails when switching to mbedtls_test_rnd_std_rand as rng source. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:33:39 +01:00
Neil Armstrong	e0df42cbb7	Introduce pk_rsa_encrypt_decrypt_test Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:33:39 +01:00
Neil Armstrong	445d2192d5	Initialize PSA crypto in test_suite_pk pk_rsa_encrypt_test_vec() & pk_rsa_alt() when USE_PSA_CRYPTO is enabled Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:33:39 +01:00
Neil Armstrong	fe6da1c35c	Fix style issues in mac_sign_verify_multi() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:29:14 +01:00
Gilles Peskine	052deb941f	Merge pull request #5554 from tom-daubney-arm/fix_uninitialised_buffers_in_tests Fix uninitialised buffers in tests - Coverity issue	2022-03-03 13:30:58 +01:00
Gilles Peskine	d929dbbb25	Merge pull request #5368 from mfil/feature/additional_md_getters Add function to get message digest info from context	2022-03-02 16:44:26 +01:00
Przemek Stekiel	38df86cc6c	Simplyfy asymmetric_decrypt() test function Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-02 09:11:04 +01:00
Gilles Peskine	92e08fba4c	Merge pull request #5475 from miudr/fix_issue_5140 Fix AEAD multipart incorrect offset in test_suite_psa_crypto.function	2022-03-01 20:45:54 +01:00
Przemek Stekiel	4400be408b	Adapt test cases for invalid bits with and without ECC keys enabled Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-01 17:02:46 +01:00
Przemek Stekiel	dcab6ccb3b	Return PSA_ERROR_INVALID_ARGUMENT for a public key, and PSA_ERROR_NOT_SUPPORTED for a type that is not handled. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-01 14:29:49 +01:00
Neil Armstrong	4766f99fe5	Add multi-part mac sign/verify test The test is based on the AEAD multi-part test, re-using the design on aead_multipart_internal_func() to test differnet sequence of psa_mac_update() for MAC update or verify. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-28 18:37:30 +01:00
Neil Armstrong	60234f87a6	Revert "Introduce new mac_key_policy_multi() variant of mac_key_policy() testing multiple updates occurences" This reverts commit `3ccd08b343`. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-28 15:21:38 +01:00
Gilles Peskine	9c656ec718	Fix unused function warning Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-26 19:56:12 +01:00
Glenn Strauss	36872dbd0b	Provide means to reset handshake cert list Extend mbedtls_ssl_set_hs_own_cert() to reset handshake cert list if cert provided is null. Previously, mbedtls_ssl_set_hs_own_cert() only provided a way to append to the handshake certificate list, without providing a way to replace the handshake certificate list. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-25 19:55:48 -05:00
Neil Armstrong	3ccd08b343	Introduce new mac_key_policy_multi() variant of mac_key_policy() testing multiple updates occurences Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 16:15:08 +01:00
Neil Armstrong	ee9686b446	Fix style issue in hash_setup() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:47:34 +01:00
Neil Armstrong	e858996413	Use PSA version of mbedtls_ct_hmac() in mbedtls_ssl_decrypt_buf() Due to mbedtls_ct_hmac() implementation the decryption MAC key must be exportable. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:17:50 +01:00
Neil Armstrong	2968d306e4	Implement mbedtls_ct_hmac() using PSA hash API Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:50 +01:00
Neil Armstrong	cf8841a076	Remove non-PSA MAC keys in mbedtls_ssl_transform when MBEDTLS_USE_PSA_CRYPTO is defined Also remove last usage of non-PSA MAC keys in ssl_decrypt_non_etm_cbc() SSL test. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:49 +01:00
Neil Armstrong	4f091290bd	Remove Obsolete SSLs tests with truncated MAC tags & NULL/CBC cipher These tests are related to an obsolete feature removed from the library. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:49 +01:00
Neil Armstrong	f4cc062935	Setup MAC PSA keys in build_transforms() to pass ssl_crypt_record() with PSA crypto Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:49 +01:00
Neil Armstrong	46a1760922	Allow USE_PSA_CRYPTO for handshake TLS tests Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:49 +01:00
Przemyslaw Stekiel	aeaa4f0651	Code optimization - fix codding style - fix comments and descriptions - add helper function for montgomery curve - move N-2 calculation outside the loop - fix access to <data> bytes: data[x] -> (data)[x] Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	f6c2c87492	Fix ECC derivation tests Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	7b6e61a132	Add test vectors for ECC key excercise Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel	50fcc535e5	Add Weierstrass curve/bits consistancy check + negative test vectors Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel	02cf12ff92	Enable tests for Montgomery curves Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel	8590f3b5ff	Enable related test vectors Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel	696b120650	Add tests for ECC key derivation Test code and test vectors are taken from PR #5218 Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:26 +01:00
Neil Armstrong	66a479f8fb	Add Cipher Decrypt Fail multi-part case Make `PSA symetric decrypt: CCM-no-tag, input too short (15 bytes)` depend on MBEDTLS_CCM_C otherwise the multi-part test fails on the missing CCM instead on the input length validity for CCM*. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 10:56:18 +01:00
Neil Armstrong	d8dba4e0aa	Add Cipher Encrypt Fail multi-part case Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 10:56:18 +01:00
Neil Armstrong	3ee335dbe3	Add Cipher Encrypt multi-part case Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 10:56:18 +01:00
Neil Armstrong	752d811015	Add AEAD Key Policy check multi-part cases Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 10:56:18 +01:00
Neil Armstrong	78aeaf8ad7	Add Cipher Key Policy check one-shot cases Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 10:56:18 +01:00
Neil Armstrong	3af9b97a29	Add Multipart Message authentication Compute & Verify cases Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 10:56:18 +01:00
Neil Armstrong	ca30a00aad	Add Multipart Hash Compute & Compare tests Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 10:56:18 +01:00
Neil Armstrong	55a1be1f48	Add Multipart Hash Compare fail tests Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 10:56:18 +01:00
Neil Armstrong	161ec5c368	Add Multipart Hash Compute fail tests Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 10:56:18 +01:00
Neil Armstrong	edb20865c7	Add One-Shot Hash setup test Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 10:56:18 +01:00
Przemyslaw Stekiel	d9fa99917e	Extend test coverage for transparent driver decryption. Encryption is not deterministic and can not be verified by a know-answer test. Encryption is already verified via encrypt-decrypt test. Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 09:36:35 +01:00
Ronald Cron	4579a972bf	Merge pull request #5426 from gilles-peskine-arm/ssl-get-version-3.1 Add accessors to mbedtls_ssl_context: user data, version ABI-API-checking fails which was expected as this PR adds a new field in mbedtls_ssl_context and mbedtls_ssl_config.	2022-02-21 17:03:24 +01:00
Manuel Pégourié-Gonnard	e3a2dd787e	Merge pull request #5521 from AndrzejKurek/rsa-pss-use-psa Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO	2022-02-21 16:58:57 +01:00
Gabor Mezei	4fded1359a	Use PSA_INIT() Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:47:24 +01:00
Gabor Mezei	c5efb8e58b	Use PSA error code Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:38 +01:00
Gabor Mezei	5d7d201b87	Update test Testing the hash length in this context is not applicable because there is no way to specify it when calling mbedtls_psa_hkdf_extract. Change to test invalid `alg` parameter. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:33 +01:00
Gabor Mezei	ebc9368173	typo Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:44:51 +01:00
Gabor Mezei	298a2d6109	Use ASSERT_ALLOC Change the calloc functions to ASSERT_ALLOC to check the return value of calloc as well. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:43:52 +01:00
Gabor Mezei	62bf024025	Make the mbedtls_psa_hkdf_extract function more PSA compatible Change the return value to `psa_status_t`. Add `prk_size` and `prk_len` parameters. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:42:57 +01:00
Gabor Mezei	73cb6f54de	Add tests for mbedtls_psa_hkdf_extrct The tests are based on the the test of mbedtls_hkdf_extract. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:41:42 +01:00
Gilles Peskine	49d7ddf7f3	Serializing a context does not save the user data The user data is typically a pointer to a data structure or a handle which may no longer be valid after the session is restored. If the user data needs to be preserved, let the application do it. This way, it is a conscious decision for the application to save/restore either the pointer/handle itself or the object it refers to. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	80dae04f24	Make user_data fields private Add accessor functions. Add unit tests for the accessor functions. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	1255b0de98	Positive unit testing for SSL context version functions Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Paul Elliott	436b72690d	Merge pull request #5362 from yuhaoth/pr/enable-tls13-only-build TLS1.3:Enable tls13 only build	2022-02-21 11:22:37 +00:00
Thomas Daubney	4901978308	Modifies data files to match new test function name This commit alters the relevant .data files such that the new function name change of check_iv to iv_len_validity is relfected there. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2022-02-21 09:57:51 +00:00
Manuel Pégourié-Gonnard	9b545c04f7	Merge pull request #5520 from gabor-mezei-arm/5402_implement_hkdf_expand_based_on_psa_hmac HKDF 1b: Implement Expand in TLS 1.3 based on PSA HMAC	2022-02-21 09:30:31 +01:00
Jerry Yu	baa4934e7b	Add check tests Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	53d23e2c95	Guards tls_prf functions with TLS1_2 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Thomas Daubney	5dcbc4d326	Changes name of iv_check to iv_len_validity Commit changes name of check_iv to iv_len_validity as this seems to better describe its functionality. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2022-02-17 21:30:25 +00:00
Thomas Daubney	0bd08e7ac0	Initialise buffer before use Commit initialises buf before it is used. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2022-02-17 21:30:25 +00:00
Gabor Mezei	cbe5ba500a	Add tests for mbedtls_psa_hkdf_expand Add test cases which test psa_import_key and psa_mac_sign_setup function call if they return error. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-17 17:01:49 +01:00
Thomas Daubney	3a066ec999	Initialise iv buffer before use Commit initialises the iv buffer before it is passed to mbedtls_cipher_set_iv(). Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2022-02-17 14:00:06 +00:00
Gabor Mezei	8e3602569b	Typo Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-17 11:50:02 +01:00
Manuel Pégourié-Gonnard	4fa604cc3b	Merge pull request #5511 from SiliconLabs/feature/PSEC-3195-PSA-test-suites-NOT-using-UID-0 feat: Update test_suite_psa_its to NOT use UID=0	2022-02-17 11:49:33 +01:00
Andrzej Kurek	32048a6d92	pk_verify_ext: introduce more tests for signature length mismatches Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-16 06:17:00 -05:00
Gabor Mezei	d917081b8b	Typo Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-15 16:25:27 +01:00
Gabor Mezei	7381242748	Use PSA_INIT() Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-15 16:24:58 +01:00
Andrzej Kurek	8666df6f18	Add signature length mismatch handling when using PSA in pk_verify_ext Introduce a regression test for that too. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-15 08:23:02 -05:00
Andrzej Kurek	853ad7bfcf	Use macros in tests for PSA init/deinit routines Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-15 07:13:03 -05:00
Gilles Peskine	bebeae9428	Merge pull request #5504 from gstrauss/mbedtls_pem_get_der Add accessor to get der from mbedtls_pem_context	2022-02-10 23:56:57 +01:00
Gabor Mezei	b35759ded8	Add tests for mbedtls_psa_hkdf_expand The tests are based on the test of mbedtls_hkdf_expand. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-10 10:57:24 +01:00
Andrzej Kurek	7db1b78fff	Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO Duplicate a test case but with a different expected error due to error translation to and from PSA. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-09 14:13:44 -05:00
Gabor Mezei	748ab4ae77	Use ASSERT_ALLOC Change the calloc functions to ASSERT_ALLOC to check the return value of calloc as well. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-09 16:31:48 +01:00
Manuel Pégourié-Gonnard	1df23b903f	Check the result of PEM decoding Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-08 14:53:50 -05:00
Manuel Pégourié-Gonnard	33ab075f45	Add success case for pem_read testing Currently all cases were negative, so the block that exercised mbedtls_pem_get_der() would never be reached. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-08 14:53:50 -05:00
Glenn Strauss	72bd4e4d6a	Add accessor to get buf from mbedtls_pem_context Co-authored-by: Gilles Peskine <gilles.peskine@arm.com> Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-08 14:53:46 -05:00
pespacek	443c78eb83	BUGFIX: PSA test vectors use UID 1 instead of 0. Test vector to test rejection of uid = 0 was added. Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-08 15:19:26 +01:00
pespacek	d62e906b1c	TEST: added psa_its_set expected failure test Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-08 15:19:26 +01:00
Manuel Pégourié-Gonnard	45c5768a74	Merge pull request #5434 from mprse/tls_use_psa TLS Cipher: use PSA crypto	2022-02-08 10:27:25 +01:00
Ronald Cron	6a0b1ef27e	Merge pull request #5282 from AndrzejKurek/import-opaque-driver-wrappers Add tests for an opaque import in the driver wrappers	2022-02-07 11:14:43 +01:00
Andrzej Kurek	ba4cadef14	Test drivers: rename import call source to driver location Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-03 10:27:01 -05:00

1 2 3 4 5 ...

3915 commits