The exception in analyze_outcomes.py follows previous commit in which
a test in test_suite_pkparse was set with the ECP_C guard for a different
parsing of the private key between the legacy and PSA implementations.
The wrong guard in test_suite_ecp.function instead was erroneously
added in a past commit and it was setting a non-existing symbol of
mbedTLS so those tests were basically never executed.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
When the key is imported into an ecp_keypair structure it is read
by means of mbedtls_mpi_read_binary_le() and then checked with
mbedtls_ecp_check_privkey() which returns error (as expected).
When the key is imported in PSA then it is read using
mbedtls_ecp_read_key() which fixes the errors in the test before
importing. This cause the test itself to fail.
As a consequence I set the dependency to ECP_C because it's the
only case in which the key is imported in an ecp_keypair structure.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This patch introduces the `EcpP255Raw` test class for testing
the curve using the preestablished `ecp_mod_p_generic_raw()`
test. The test's logic has been updated accordingly.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This will be used for comparison in unit tests.
Add a possibility to write certificates with SAN
in cert_write.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Note = programs are not aligned to this change because:
- the original mbedtls_pk_ec is not ufficially deprecated
- that function is used in tests when ECP_C is defined, so
the legacy version of that function is available in that
case
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
We don't commit *.o files anywhere, not even as test data. So ignore them
everywhere.
This resolves *.o files not being ignored under 3rdparty/p256-m.
Also remove a redundant ignore of *.exe in a subdirectory.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
We maintain a dict with unique AudiData objects
(AuditData with unique underlying X.509 objects).
We don't need merge_auditdata anymore.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
We should print all the information for each objects
found every line. This makes it easy to analyze the
output.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
The identifier is calculated SHA1 hex string from
the DER encoding of each X.509 objects. It's useful
for finding out the identical X.509 objects.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
check_cryptography_version didn't provide helpful
message with Python < 3.6, because re.Match object
is not subscriptable.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Previously, if a file had multiple PEM objects, only
the first one would be parsed. This commit add the
support so that we could parse all the PEM objects
in the file.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
This commit adds support to auto-enable
MBEDTLS_CTR_DRBG_USE_128_BIT_KEY if
MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enabled.
Furthermore, the corresponding check is removed in check_config.h.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
This commit introduces a new function to generate extra dependencies
based on REGEX search pattern and predefined dependency list.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Since handshake_fragmentation uses cipher
"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" by default.
The corresponding test should be skipped when
MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is enabled.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
The parse_path tests are known to fail when compiled for a 32-btt architecture
and run via qemu-user on Linux on a 64-bit host. This is due to a known
bug in Qemu: https://gitlab.com/qemu-project/qemu/-/issues/263
Document this, and add test cases to parse the files involved to confirm
that the problem is only with parse_path.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Check the number of certificates found, as was done in the test of
mbedtls_x509_crt_parse_path().
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
As output functionality is not added yet return PSA_SUCCESS for
now if inputs are passed correctly. If input validation fails
operation is aborted and output_bytes will return PSA_ERROR_BAD_STATE
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
This change affects:
- both PEM and DER files, since they contain the same public key
only in different formats
- "ec_pub.comp.pem" since it's the same as "ec_pub.pem" but in
compressed format
The makefile was also updated accordingly to reflect these
dependencies.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
The seed file is part of the stable interface of PSA_CRYPTO_INJECT_ENTROPY,
because it has to survive a library upgrade on a device. So check that its
existence and content are as expected at each point in the tested life cycle.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This function was written before the PSA storage layer switched to the PSA
ITS API as its storage abstraction. Now we can just call PSA ITS functions
unconditionally.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Until now, we were never enabling this option in any test.
MBEDTLS_PSA_INJECT_ENTROPY requires MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES, so
it cannot be enabled in the full config and it gets its own component.
Test with MBEDTLS_USE_PSA_CRYPTO enabled, since MBEDTLS_PSA_INJECT_ENTROPY
is a very PSA feature (which can break non-PSA applications), and Mbed
OS (for whch MBEDTLS_PSA_INJECT_ENTROPY was designed) enables
MBEDTLS_USE_PSA_CRYPTO when it enables MBEDTLS_PSA_INJECT_ENTROPY.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When MBEDTLS_PSA_INJECT_ENTROPY is enabled, we disable standard entropy
sources, so mbedtls_entropy_func() doesn't work out of the box. Disable
tests that rely on it. MBEDTLS_PSA_INJECT_ENTROPY is intended for PSA-only
environments anyway, so it doesn't matter if some legacy features don't work
normally.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The seed file must exist before running tests. Because the location is
somewhat platform- and configuration-dependent, and to be friendly to
developers who run test suites individually and aren't familiar with this
feature, rely on the test framework code rather than on test scripts to
create the seed file.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The build option MBEDTLS_PSA_INJECT_ENTROPY requires some extra platform
functions, for historical reasons. To enable us to test this option, provide
a version of these functions for testing.
(These versions would actually work in production, but providing them in the
library in a way that doesn't break existing users might be slightly tricky,
so it's out of scope of this commit.)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The test framework used to treat them specially (but no longer does). Add
these test cases as non-regression for how the test framework allows "?"
and especially "??" (which I think in the very distant path needed special
handling because the test data was embedded in a .c file, and thus ?? could
be interpreted as the prefix of a trigraph).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Now that the C code supports the full range of intmax_t, allow any size of
signed integer type in the .data file parser.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Change the type of signed integer arguments from int32_t to intmax_t.
This allows the C code to work with test function arguments with a range
larger than int32_t. A subsequent commit will change the .datax generator
to support larger types.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Use normalization the equality comparisons instead of loose regular
expressions to determine the type of an argument of a test function.
Now declarations are parsed in a stricter way: there can't be ignored junk
at the beginning or at the end. For example, `long long unsigned int x`
was accepted as a test function argument (but not `long long unsigned x`),
although this was misleading since the value was truncated to the range of
int. Now only recognized types are accepted.
The new code is slightly looser in that it accepts `char const*` as well as
`const char*`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The test framework stores size_t and int32_t values in the parameter store
by converting them all to int. This is ok in practice, since we assume int
covers int32_t and we don't have test data larger than 2GB. But it's
confusing and error-prone. So make the parameter store a union, which allows
size_t values not to be potentially truncated and makes the code a little
clearer.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In the .datax parser, since we're calling strtol() anyway, rely on it for
verification. This makes the .datax parser very slightly more
liberal (leading spaces and '+' are now accepted), and changes the
interpretation of numbers with leading zeros to octal.
Before, an argument like :0123: was parsed as decimal, but an argument like
:0123+1: was parsed as a C expression and hence the leading zero marked an
octal representation. Now, a leading zero is always interpreted according to
C syntax, namely indicating octal. There are no nonzero integer constants
with a leading zero in a .data file, so this does not affect existing test
cases.
In the .datax generator, allow negative arguments to be 'int' (before, they
were systematically treated as 'exp' even though they didn't need to be).
In the .datax parser, validate the range of integer constants. They have to
fit in int32_t. In the .datax generator, use 'exp' instead of 'int' for
integer constants that are out of range.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Treat backslash as a universal escape character: "\n" is a newline,
backslash escapes any non-alphanumeric character.
This affects some test cases that had "\," standing for backslash-comma.
With the new uniform treatment of backslashes, this needs to be "\\,".
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
No intended behavior change. This commit is mainly to satisfy pylint, which
complains that gen_from_test_data now has too many variables. But it's a
good thing anyway to make the function a little more readable.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
We're using the non-standard function strcasecmp() just so that the case
of digits beyond 9 can be different in the library and in the test data.
Use matching case in the test data, and use a standard function for the
comparison.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This patch introduces basic unit-testing for the `ecp_mod_p256k1()`.
The method is exposed through the ecp_invasive interface, and
the standard testing data is being provided by the python framework.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
The script requires cryptography >= 35.0.0, we
need to check the version and provide meaningful
error message when the package version was too
old.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
The commit adds '--data-files' and '--suite-data-files'
options so that we could pass names for the two types
of files separately. Additionally, the commit improves
the documentation in the script.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
This patch introduces basic unit-testing for the `ecp_mod_p224k1()`.
The method is exposed through the ecp_invasive interface, and
the standard testing data is being provided by the python framework.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This commit is a collection of improving the documentation in the
script:
* Restore uppercase in the license header.
* Reword the script description.
* Reword the docstring of AuditData.fill_validity_duration
* Rename AuditData.filename to *.location
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Make FILE as positional argument so that we can
pass multiple files to the script. This commit
also contains some help message improvements.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Only some test cases are skipped for which ECP_C is mandatory,
but the other ones are included.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Changes in test_suite_psa_crypto are to enforce the dependency
on ECP_C which is mandatory for some key's derivation.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This is to make CI happy. The script requires cryptography
>= 35.0.0, which is only available for Python >= 3.6. But
both ubuntu-16.04 and Travis CI are using Python 3.5.x.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Instead of using the legacy mbedtls_ecp_gen_keypair() which makes
use of ECP's math, when USE_PSA_CRYPTO is enabled then the new
function pk_genkey_ec() is used in test_suite_pk.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Instead of using the legacy mbedtls_ecp_mul() function which makes use of
ECP's math, this commit adds a new function named pk_derive_public_key()
which implements the same behavior using PSA functions.
The flow is simple:
- import the private key into PSA
- export its public part
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This patch introduces a new local hash define of
`MBEDTLS_ECP_DP_SECP_GENERIC_ENABLED` to replace the
removed curve specific macros, introduced in upstream.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This patch replaces similiarly structured test functions
for:
* MBEDTLS_ECP_DP_SECP192R1
* MBEDTLS_ECP_DP_SECP224R1
* MBEDTLS_ECP_DP_SECP256R1
* MBEDTLS_ECP_DP_SECP384R1
* MBEDTLS_ECP_DP_BP512R1R1
with a more generic version, which adjusts the parameters, based on the `curve_id` field,
provided by the testing data.
The python test framework has been updated to provide that extra field.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Restore the dependency on !MBEDTLS_SSL_PROTO_TLS1_3
of the DTLS fragmentation tests. That way the test
is not run on Windows 2013 (as in development) where
there is an issue with MBEDTLS_PRINTF_SIZET when
running those tests. I will address this issue in a
separate PR.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Set hybrid TLS 1.2/1.3 as default server
configuration if both TLS 1.2 and TLS 1.3
are enabled at build time.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Force TLS 1.2 on TLS 1.2 specific tests in
preparation of TLS 1.3 being the default
protocol version when both TLS 1.2 and
TLS 1.3 are enabled.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Force TLS 1.2 version on tests related to
MBEDTLS_SSL_ASYNC_PRIVATE, CA callback and
MBEDTLS_SSL_MAX_FRAGMENT_LENGTH. Those
SSL options are not supported in TLS 1.3
for the time being. Thus force TLS 1.2
version in preparation of TLS 1.3 being
the default protocol version when both
TLS 1.2 and TLS 1.3 are enabled.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Remove unnecessary explicit MBEDTLS_SSL_PROTO_TLS1_2
dependency if TLS 1.2 version is forced or a TLS 1.2
cipher suite is forced (as TLS 1.2 cipher suites are
available if and only if TLS 1.2 is enabled and
cipher suite availability is check automatically).
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Move min/max TLS version setting to endpoint init
where it fits better: before the call to
mbedtls_ssl_setup() and available for all tests
not only those calling perform_handshake().
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
We introduce the script to audit the expiry date of X509 files
(i.e. crt/crl/csr files) in tests/data_files/ folder.
This commit add basic classes and the framework for auditing
and "-a" option to list all valid crt/crl/csr files it found.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Also updated the x509_get_general_names function to be able to parse rfc822Names
Test are also updated according these changes.
Signed-off-by: toth92g <toth92g@gmail.com>
- Wrong condition was checked (ref_ret != 0 instead of ref_ret == 0)
- tags were not checked (nor lengths)
- Using ASSERT_COMPARE where possible
Signed-off-by: toth92g <toth92g@gmail.com>
Increasing heap memory size of SSL_Client2 and SSL_Server2, because the original value is not enough to handle some certificates. The AuthorityKeyId and SubjectKeyId are also parsed now increasing the size of some certificates
Signed-off-by: toth92g <toth92g@gmail.com>
A few tests are also added which test the feature with a correct certificate and multiple ones with erroneous ASN1 tags.
Signed-off-by: toth92g <toth92g@gmail.com>
Instead of using the legacy mbedtls_ecp_check_pub_priv() function which
was based on ECP math, we add a new option named eckey_check_pair_psa()
which takes advantage of PSA.
Of course, this is available when MBEDTLS_USE_PSA_CRYPTO in enabled.
Tests were also fixed accordingly.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
All RSA associated algs are now forcedly disabled both on library
and driver sides.
Some PSA driver tests required to be fixed because they were just
requiring for not having the built-in version, but they didn't check
if the driver one was present (kind of assuming that RSA was always
supported on the driver side).
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
The test cases use the following MPI values.
The .data file only includes those (a, b) values where a <= b; the test code
does a * b and b * a.
0 1 80 ff 100 fffe ffff 10000 ffffffff 100000000
20000000000000 7f7f7f7f7f7f7f7f 8000000000000000 ffffffffffffffff
10000000000000000 10000000000000001 1234567890abcdef0
fffffffffffffffffefefefefefefefe 100000000000000000000000000000000
1234567890abcdef01234567890abcdef0
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
1234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef0
4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b
The lines in the .data file were generated by the following script
```
#!/usr/bin/env perl
#
# mpi-test-core-mul.pl - generate MPI tests in Perl for mbedtls_mpi_core_mul()
#
use strict;
use warnings;
use Math::BigInt;
use sort 'stable';
my $echo = 0;
my @mul_mpis = qw(
0 1 80 ff 100 fffe ffff 10000 ffffffff 100000000
20000000000000 7f7f7f7f7f7f7f7f 8000000000000000 ffffffffffffffff
10000000000000000 10000000000000001 1234567890abcdef0 fffffffffffffffffefefefefefefefe
100000000000000000000000000000000 1234567890abcdef01234567890abcdef0
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
1234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef0
4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b
);
generate_tests();
sub generate_tests {
generate_mbedtls_mpi_core_mul();
}
sub generate_mbedtls_mpi_core_mul {
my $sub_name = (caller(0))[3]; # e.g. main::generate_mbedtls_mpi_sub_mpi
my ($ignore, $test_name) = split("main::generate_", $sub_name);
my @cases = ();
for my $ah (@mul_mpis) {
for my $bh (@mul_mpis) {
my $a = Math::BigInt->from_hex($ah);
my $b = Math::BigInt->from_hex($bh);
next if $a > $b; # don't need to repeat test cases
my $r = $a * $b;
my $rh = $r->to_hex();
my $desc = "$test_name #NUMBER: 0x$ah * 0x$bh = 0x$rh";
my $case = output($test_name, str($ah), str($bh), str($rh));
push(@cases, [$case, $desc]);
}
}
output_cases("", @cases);
}
sub output_cases {
my ($explain, @cases) = @_;
my $count = 1;
for my $c (@cases) {
my ($case, $desc, $dep) = @$c;
$desc =~ s/NUMBER/$count/; $count++;
if (defined($explain) && $desc =~ /EXPLAIN/) {
$desc =~ s/EXPLAIN/$explain/;
$explain = "";
}
my $depends = "";
$depends = "depends_on:$dep\n" if defined($dep) && length($dep);
print <<EOF;
$desc
$depends$case
EOF
}
}
sub output {
return join(":", @_);
}
sub str {
return '"' . $_[0] . '"';
}
```
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
The component_test_psa_crypto_drivers was
renamed component_test_psa_crypto_builtin_keys
in a previous commit. This was misleading as
the goal of the component is not to test
the builtin keys but to run the PSA unit
tests with the test drivers doing the
cryptographic operations.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The support for the PSA crypto driver interface
is not optional anymore as the implementation of
the PSA cryptography interface has been restructured
around the PSA crypto driver interface (see
psa-crypto-implementation-structure.md). There is
thus no purpose for the configuration options
MBEDTLS_PSA_CRYPTO_DRIVERS anymore.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Now, that the errors are not silently ignored
anymore, instead of expecting a <malformed>
tag in parsed data, the test case returns
an error.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>