Commit graph

8008 commits

Author SHA1 Message Date
Valerio Setti
2a3ffb4203 test: pake: add test for opaque password key
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-08 16:27:46 +01:00
Dave Rodgman
48223bc19e Bump version to 3.3.0. No changes to .so versions.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-12-08 14:43:19 +00:00
Tom Cosgrove
6129268fee Bignum: Implement mbedtls_mpi_mod_raw_inv_prime() and tests
Fixes #6023.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-08 09:44:10 +00:00
Tom Cosgrove
a7f0d7b029 mbedtls_mpi_core_exp_mod() ouuput may alias input A
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-08 08:46:28 +00:00
Gilles Peskine
3e5d56e7d4 Remove duplicated test cases
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-12-07 22:57:54 +01:00
Valerio Setti
f11e05a413 test: psa: minor improvements to test
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-07 16:02:45 +01:00
Dave Rodgman
90af1a10ab
Merge pull request #6734 from daverodgman/fix_test_dep_spelling
Fix spelling of test dependency
2022-12-07 09:06:29 +00:00
Janos Follath
d45924d862
Merge pull request #6733 from tom-cosgrove-arm/issue-6293-mod_exp-memory
Have mbedtls_mpi_core_exp_mod() take a temporary instead of allocating memory
2022-12-07 08:32:31 +00:00
Gilles Peskine
8781dd0e61 Fix overly large allocations of MPIs
The second argument of ASSERT_ALLOC is a number of array elements, not a
number of bytes.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-12-06 23:05:06 +01:00
Gilles Peskine
de09ddd64e Move tests of random-in-range functions to their own suite
The random-in-nrange test code has auxiliary functions that are common to all
the interfaces (core, mod_raw (upcoming), mod (upcoming), legacy), and does
some differential testing to check that all the layers consume the RNG in
the saame way. Test them all in the same test suite.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-12-06 22:50:11 +01:00
Dave Rodgman
1fe45295d7
Merge pull request #6685 from gilles-peskine-arm/valgrind-cf-skip-tests
Rationalize Valgrind tests
2022-12-06 18:39:32 +00:00
David Horstmann
92b5ac1a47 Add all.sh component to test with code style
Run the main test suites after running code style correction to check
that code style correction does not break these tests.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-12-06 17:44:30 +00:00
Dave Rodgman
92011eef34
Merge pull request #6717 from tom-cosgrove-arm/fix-typos-2212
Fix typos prior to release
2022-12-06 15:00:34 +00:00
Dave Rodgman
614688711d Fix spelling of test dependency
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-12-06 14:44:08 +00:00
Tom Cosgrove
0a0ddedfb7 Have mbedtls_mpi_core_exp_mod() take a temporary instead of allocating memory
Last PR needed for #6293

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-06 14:37:18 +00:00
Werner Lewis
3f2999ad25 Rename test_suite_bignum_mod.data for consistency
Use the same naming convention as bignum and bignum_core now that test
data is generated.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-12-06 11:55:32 +00:00
Werner Lewis
e1b6b7c0ac Implement mbedtls_mpi_mod_add()
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-12-06 11:55:32 +00:00
Valerio Setti
ba22c9c1ff test: pake: remove useless check in ssl_ecjpake_set_password()
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-06 11:42:33 +01:00
Valerio Setti
2e1e43fb82 test: pake: fix error in ssl_ecjpake_set_password()
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-06 11:41:57 +01:00
Manuel Pégourié-Gonnard
2b7ad6472b Document all effects of MBEDTLS_ECP_RESTARTABLE
It might not be obvious that this option goes beyond adding new
functions, but also automagically modifies the behaviour of TLS
in some circumstances. Moreover, the exact modifications and
circumstances were not documented anywhere outside the ChangeLog.

Fix that.

While at it, adjust the test that checks no restartable behaviour with
other key exchanges, to use a key exchange that allows cert-based client
authentication so that we can check that this is not restartable either.

We don't have any automated test checking that the server is never
affected. That would require adding an ec_max_ops command-line option to
ssl_server2 that never has any effect, just to check that it indeed
doesn't. I'm not sure that's worth it. I tested manually and could
confirm that the server never has restartable behaviour, even for the
parts that are shared between client and server such as cert chain
verification.

Note (from re-reading the code): all restartable behaviour is controlled
by the flag ssl->handshake->ecrs_enabled which is only client-side with
the ECDHE-ECDSA key exchange (TLS 1.2).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-06 10:54:35 +01:00
Tom Cosgrove
f51f972d67 Apply review comments
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-05 15:47:40 +00:00
Tom Cosgrove
1797b05602 Fix typos prior to release
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-04 17:19:59 +00:00
Valerio Setti
70e029006d test: pake: fix mixed testing in test_tls1_2_ecjpake_compatibility
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-02 16:21:56 +01:00
Valerio Setti
e7518ba28e test: pake: reshaping the ssl_ecjpake_set_password()
Removed the "error injection" strategy. Now the functions checks
for all the errors in a row.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-02 12:09:43 +01:00
Gilles Peskine
da9746e8ce Test NOT_ACCEPTABLE cases for MPI get-random
Test some cases where mbedtls_mpi_core_random() or mbedtls_mpi_random()
should return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE. These test cases use a very
small range that makes the NOT_ACCEPTABLE case likely. The test code uses a
deterministic RNG whose implementation is in the test framework, so we know
that the tests will pass reproducibly unless the implementation the test
framework changes.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-12-01 23:46:31 +01:00
Gilles Peskine
e3a1b81cb9 Switch mpi_random_many test function to testing core
The test function mpi_random_many() is the main function for testing the
get-random-in-range function. It validates that the random generator's
output is within the desired range, and performs some basic statistical
checks including checking that small ranges are covered exhaustively.

Switch this function from testing mbedtls_mpi_random() to testing
mbedtls_mpi_core_random(). This does not reduce the test coverage of
mbedtls_mpi_random() because the same properties are now validated
indirectly via mpi_random_values() which checks that mbedtls_mpi_random()
and mbedtls_mpi_core_random() produce identical values for identical inputs.

As of this commit, mpi_random_many() still uses some legacy mpi functions
internally because the corresponding functions don't exist yet in core.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-12-01 23:46:31 +01:00
Gilles Peskine
34e8a2c287 Test mbedtls_mpi_random differentially from mbedtls_mpi_core_random
For good cases, test that mbedtls_mpi_random() produces the same output as
mbedtls_mpi_core_random().

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-12-01 23:46:31 +01:00
Gilles Peskine
6f949ea67b New constant-flow function mbedtls_mpi_core_uint_le_mpi
Compare a single-limb MPI with a multi-limb MPI. This is rather ad hoc, but
will be useful for mbedtls_mpi_core_random.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-12-01 23:06:43 +01:00
Valerio Setti
b287ddff7e test: psa_pake: add more tests for opaque password setting
Added mixed cases:
- server using opaque password, while client not
- client using opaque password, while server not

Added a test with mismatched passwords in case both server and
client are using opaque passwords (the same test was already
present for the non-opaque case)

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-01 16:18:12 +01:00
Tom Cosgrove
62b20488f1 Implement mbedtls_mpi_mod_sub()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-01 14:27:37 +00:00
Valerio Setti
dc40bbc2d7 test: pake: remove redundant test for opaque passwords
This is already covered by other already existing cases such as
"component_test_full_cmake_gcc_asan" which build with
"config.py full" and run all "ssl-opt.sh" test cases.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-01 15:25:49 +01:00
Valerio Setti
4452e98ec1 test: pake: add tests for set password functions
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-01 15:08:35 +01:00
Dave Rodgman
481a5e427b Improve parsing of test data
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-12-01 13:31:20 +00:00
Dave Rodgman
c3902ac661
Merge pull request #6698 from wernerlewis/bignum_mod_py
Bignum: Enable test generation from bignum_mod.py
2022-12-01 11:48:14 +00:00
Dave Rodgman
7fc53dd83d Suppress over-eager compiler warnings in tests
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-12-01 11:42:29 +00:00
Paul Elliott
266f79c136
Merge pull request #6426 from aditya-deshpande-arm/driver-wrapper-key-agreement
Add driver dispatch layer for raw key agreement, along with test call for transparent drivers.
2022-12-01 11:40:52 +00:00
Dave Rodgman
9dc55ba932 Suppress over-eager compiler warnings in test code
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-12-01 10:49:57 +00:00
Dave Rodgman
63e6a88874 Suppress over-eager compiler warning in tests
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-12-01 10:01:08 +00:00
Dave Rodgman
fb5fedcd00 Add tests for alignment.h
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-12-01 09:40:03 +00:00
Gilles Peskine
d7db883b71 Fix "make lcov" in CMake out-of-tree builds
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-30 17:52:54 +01:00
Valerio Setti
a6b69dabc5 test: psa_pake: add a separate test for opaque password
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-30 16:44:49 +01:00
Gilles Peskine
18f7028a0e Preserve line breaks from continued line comments
The commit "Preserve line breaks in comments before test functions"
only handled block comments. This commit handles line comments.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-30 16:38:49 +01:00
Werner Lewis
c84b731941 Enable test generation from bignum_mod.py
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-11-30 14:43:31 +00:00
Manuel Pégourié-Gonnard
fe549a76e4 Add comment about use of ASAN_CFLAGS
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-30 12:38:58 +01:00
Manuel Pégourié-Gonnard
30d9466762 Only run what we need from compat.sh
Also, comment why we run those tests.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-30 12:38:58 +01:00
Tom Cosgrove
fc2ac75453 Fix the name of basic-build-test.sh within the file
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-30 11:13:00 +00:00
Gilles Peskine
d8c0803821 Preserve line breaks in comments before test functions
This way line numbers match better in error messages.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-29 22:04:45 +01:00
Gilles Peskine
72bffe02b7
Merge pull request #6663 from davidhorstmann-arm/fix-typo-unsupported
Fix typo 'unsupoported' -> 'unsupported'
2022-11-29 21:44:27 +01:00
Gilles Peskine
edaa17b350
Merge pull request #6547 from yanesca/extract_mod_exp_from_prototype
Bignum: Extract mod exp from prototype
2022-11-29 21:40:07 +01:00
Gilles Peskine
d1bc6da3d3 Fix the build with MBEDTLS_TEST_HOOKS && !MBEDTLS_USE_PSA_CRYPTO
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-29 21:14:19 +01:00
Aditya Deshpande
b6bc7524f9 Minor formatting fixes to address code review comments
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2022-11-29 16:53:29 +00:00
Valerio Setti
661b9bca75 test: psa_pake: add specific log message for the opaque password
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-29 17:28:17 +01:00
Gilles Peskine
0c67160b00 Valgrind for constant flow: skip non-CF test suites
When testing under Valgrind for constant flow, skip test suites that don't
have any constant-flow annotations, since the testing wouldn't do anything
more that testing with ordinary Valgrind (component_test_valgrind and
component_test_valgrind_psa). This is a significant time saving since
testing with Valgrind is very slow.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-29 16:46:06 +01:00
Gilles Peskine
df3dd4c3bc Test MBEDTLS_USE_PSA_CRYPTO with Valgrind
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-29 16:46:06 +01:00
Gilles Peskine
3ffd6bce81 Create a separate test suite for constant-time functions
This is the first step in arranging that functions from constant_time.c are
tested in test_suite_constant_time.function.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-29 15:44:21 +01:00
Gilles Peskine
77e68c3176 Move constant-time HMAC testing to its own suite
These are very CPU-intensive, so make it easy to skip them. And conversely,
make it easy to run them without the growing body of SSL tests.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-29 15:42:36 +01:00
Gilles Peskine
bfec9d0df7
Merge pull request #6676 from davidhorstmann-arm/cmake-get-skip-test-from-env
Tell cmake to get SKIP_TEST_SUITES from ENV
2022-11-29 14:25:50 +01:00
Valerio Setti
d572a82df9 tls: psa_pake: add test for opaque password
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-29 11:30:56 +01:00
Manuel Pégourié-Gonnard
0b9b560770
Merge pull request #6601 from valeriosetti/issue6502
Avoid assumptions about implementation in EC J-PAKE tests
2022-11-29 11:21:23 +01:00
Manuel Pégourié-Gonnard
f9720cfa78
Merge pull request #6670 from gilles-peskine-arm/pkcs7-use-after-free-20221127
PKCS7: Fix some memory management errors
2022-11-29 11:17:27 +01:00
Manuel Pégourié-Gonnard
ffc330fafa
Merge pull request #6264 from hannestschofenig/rfc9146_2
CID update to RFC 9146
2022-11-29 09:25:14 +01:00
Manuel Pégourié-Gonnard
66f09834ea Enable optimisation with Asan with make in all.sh
All builds using ASAN_CFLAGS were with Asan but no optimisation, making
them particularly slow. Indeed, we were overwriting CFLAGS which
defaults to -O2 and not using any -O in the replacement. (CMake already has
optimisations on with ASan.)

While at it, also remove -Wall -Wextra which are redundant as they are
already part of WARNING_CFLAGS which we are not overwriting.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-29 09:12:12 +01:00
Gilles Peskine
a13f5eb7b8 Add missing dependency for the fuzzer-constructed test data
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-28 21:30:04 +01:00
Dave Rodgman
d98ac8b75e Merge remote-tracking branch 'dave/fast_xor' into fast_unaligned 2022-11-28 15:06:25 +00:00
Aditya Deshpande
1ac41dec09 Add test function for opaque driver (simply returns PSA_ERROR_NOT_SUPPORTED), and address other review comments.
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2022-11-28 14:46:30 +00:00
Valerio Setti
a34d0308cc test: psa_pake: fix dependency
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-28 11:46:36 +01:00
David Horstmann
3861062f6b Tell cmake to get SKIP_TEST_SUITES from ENV
If the variable SKIP_TEST_SUITES is not defined with -D, but is defined
in an environment variable, tell cmake to get it from there.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-11-28 10:18:05 +00:00
Gilles Peskine
4f01121f6e Fix memory leak on error in pkcs7_get_signers_info_set
mbedtls_x509_name allocates memory, which must be freed if there is a
subsequent error.

Credit to OSS-Fuzz (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53811).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-27 22:02:10 +01:00
Gilles Peskine
391005cb3b Fix structures initialized too late in tests
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-27 21:55:29 +01:00
Gilles Peskine
2336555444 Improve test failure reporting
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-27 21:55:29 +01:00
Gilles Peskine
290f01b3f5 Fix dangling freed pointer on error in pkcs7_get_signers_info_set
This fixes a use-after-free in PKCS#7 parsing when the signer data is
malformed.

Credit to OSS-Fuzz (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53798).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-27 21:55:29 +01:00
Janos Follath
e7190a2960 mpi_mod_io_neg: fix use of uninitialized value
Uninitialized values are invalid for the tested functions and we
shouldn't be testing that.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-26 18:46:54 +00:00
Janos Follath
0020df9cf9 mpi_mod_io: test with various buffer sizes
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-26 17:23:16 +00:00
Janos Follath
8dfc8c41b7 mbedtls_mpi_mod_write: prevent data corruption
The function wasn't converting back data to internal representation when
writing it out.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-26 15:39:02 +00:00
Janos Follath
d7bb35257b mbedtls_mpi_mod_read/write: restrict pre-conditions
Require equality for the number of limbs in the modulus and the residue.
This makes these functions consistent with residue_setup().

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-26 14:59:27 +00:00
Janos Follath
6ef582f2b8 Bignum Mod Tests: improve readabilty and style
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-26 14:19:02 +00:00
Janos Follath
339b439906 Bignum Mod: remove unused parameter in io_neg test
The value was overwritten and the length wasn't used either. This latter
could have lead to a buffer overflow as well.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-26 12:24:34 +00:00
Janos Follath
566c91db27 Bignum Mod: io_neg test pass data directly
Pass buffer directly instead of constructing it in the function.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-26 12:24:34 +00:00
Minos Galanakis
96070a53a8 bignum_tests: Refactored mpi_mod_io_neg()
This patch refactores the negative testing suite
to utilised non-hardcoded input data.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-11-26 12:24:34 +00:00
Janos Follath
91f3abdfda Bignum Mod: improve residue_setup test
- Rename input variables to match their purpose.
- Assert fields upon success

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-26 12:24:34 +00:00
Janos Follath
f55505d38b Bignum Mod Raw: fix tests after rebase
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-25 17:58:40 +00:00
Janos Follath
799eaeefdb Bignum Mod: move init before any goto
Test macros have goto instructions to the end where everything is freed.
We need to call init before that happens to make calling free functions
safe.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-25 17:55:00 +00:00
Janos Follath
91295d2b8f Bignum Mod: remove endianness from modulus
The external representation before included more than just endianness
(like reading in Mongtomery curve scalars or converting hashes to
numbers in a standard compliant way).

These are higher level concepts and are out of scope for Bignum and for
the modulus structure.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-25 17:55:00 +00:00
Janos Follath
3e3fc91c33 Bignum Mod: pass endianness as a parameter
The external representation before included more than just endianness
(like reading in Mongtomery curve scalars or converting hashes to
numbers in a standard compliant way).

These are higher level concepts and are out of scope for Bignum and for
the modulus structure.

Passing endianness as a parameter is a step towards removing it from the
modulus structure.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-25 17:55:00 +00:00
Janos Follath
d3eed33709 Bignum Mod Raw: pass endianness as a parameter
The external representation before included more than just endianness
(like reading in Mongtomery curve scalars or converting hashes to
numbers in a standard compliant way).

These are higher level concepts and are out of scope for Bignum and for
the modulus structure.

Passing endianness as a parameter is a step towards removing it from the
modulus structure.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-25 17:55:00 +00:00
Janos Follath
50cd4b842b Bignum Mod: Restrict residue setup
In theory we could allow residues to have more allocated limbs than the
modulus, but we might or might not need it in the end.

Go for the simpler option for now and we can extend it later if we
really need it.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-25 17:55:00 +00:00
Janos Follath
b62bad442e Bidnum Mod: fix check in setup
We want to make sure that the value has at least as many limbs allocated
as the modulus as we need this to be able to do any operations in
constant time.

An invariant of the API is that the residue values are canonical, make
sure that the residue is compared to the entire modulus.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-25 17:55:00 +00:00
Minos Galanakis
8b375451c5 bignum_mod: Refactored mbedtls_mpi_mod_read/write()
This patch adjusts the I/O methods and the tests.
Documentation has also been updated to be more clear.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-11-25 17:55:00 +00:00
Minos Galanakis
aed832ac16 bignum_mod: Adjusted input checking for mbedtls_mpi_mod_residue_setup()
This patch adjusts the logic of the size checking of the method,
and refactors the tests. Documentation has also been updated.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-11-25 17:55:00 +00:00
Minos Galanakis
a17ad48e2d bignum_mod: Fixed an issue with input checking in mpi_mod_residue_setup
This patch is inverting the input type checking logic in the method,
in order to ensure that residue < modulus.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-11-25 17:55:00 +00:00
Minos Galanakis
8f24270630 test_suite_bignum_mod: Added tests for hight level IO
This patch adds the following tests for the high levet IO api:
* mpi_mod_io_neg
* mpi_mod_io

Manually generated test data has also been included.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-11-25 17:55:00 +00:00
Janos Follath
590ae5363d
Merge pull request #6656 from tom-cosgrove-arm/bignum_pr_6225-updated
Bignum: add mod_raw_add
2022-11-25 17:53:31 +00:00
Dave Rodgman
5a1d00f03d Merge remote-tracking branch 'origin/development' into fast_xor
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-11-25 17:10:25 +00:00
Dave Rodgman
bf9b23abf8
Merge pull request #6648 from gilles-peskine-arm/psa-ecb-null-0
Fix NULL+0 undefined behavior in PSA crypto ECB
2022-11-25 17:07:46 +00:00
David Horstmann
119d7e2011 Fix typo 'unsupoported' -> 'unsupported'
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-11-25 15:50:30 +00:00
Bence Szépkúti
6e85673e8d
Merge pull request #3431 from naynajain/development-pkcs7
PKCS7 Parser - RFC 2315
2022-11-25 15:55:46 +01:00
Tom Cosgrove
ddad40b1de Free the modulus before the data in it in mod_raw_add tests
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-25 14:18:52 +00:00
Janos Follath
505a228b7b
Merge pull request #6606 from gabor-mezei-arm/6222_bignum_low_level_subtraction
Bignum: Add low level subtraction
2022-11-25 13:27:23 +00:00
Dave Rodgman
f1419dbbe8
Merge pull request #6381 from tom-cosgrove-arm/pr2164
mbedtls: fix possible false success in mbedtls_cipher_check_tag()
2022-11-25 10:55:10 +00:00
Manuel Pégourié-Gonnard
6a543ba1d3 Remove redundant component in all.sh
CID is now enabled in the default config (as well as full), so it's
already tested in numerous all.sh components, not need to add one for
that.

We need a component for the legacy/compat option though as it's never
enabled in existing components. So, keep that one, but adjust the name
and fix a typo in a message.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-25 11:48:17 +01:00
Manuel Pégourié-Gonnard
5a454f7781 Remove redundant tests in ssl-opt.sh
We don't need to have two copies of the test with one of them depending
on legacy/compat CID: we can have just one copy, but make sure we run
ssl-opt.sh both in a build with standard CID and in a build with
legacy/compat - that's the job of all.sh (see next commit).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-25 11:48:17 +01:00
Hannes Tschofenig
db01d05011 Removal of redundant DTLS CID test in ssl-opt.sh
Per suggestion from Manuel, I removed this redundant test.

Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-25 11:19:19 +01:00
Hannes Tschofenig
df84bb30ab Removed MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH from CID tests in all.sh
Added also extra text.

Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-25 11:19:11 +01:00
Bence Szépkúti
ae79fb2c2e Merge branch 'development' into pr3431 2022-11-25 03:12:43 +01:00
Gilles Peskine
4bdb9fbfa2 Enable all ciphers in OpenSSL >=1.1.0
OpenSSL may be configured to support features such as cipher suites or
protocol versions that are disabled by default. Enable them all: we're
testing, we don't care about enabling insecure stuff. This is not needed
with the builds of OpenSSL that we're currently using on the Jenkins CI, but
it's needed with more recent versions such as typically found on developer
machines, and with future CI additions.

The syntax to do that was only introduced in OpenSSL 1.1.0; fortunately we
don't need to do anything special with earlier versions.

With OpenSSL 1.1.1f on Ubuntu 20.04, this allows SHA-1 in certificates,
which is still needed for a few test cases in ssl-opt.sh. Curiously, this is
also needed for the cipher suite TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 (and
no other, including other DHE-PSK or ARIA cipher suites).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-24 22:41:55 +01:00
Tom Cosgrove
50fc127a4e Change order of test arguments for bignum_mod_raw to simplify Python script
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-24 21:29:23 +00:00
Dave Rodgman
7a910a8be0 Minor formatting tweaks
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-11-24 21:17:40 +00:00
Tom Cosgrove
54d87bf5c2 Take limb count from the modulus in mod_raw_add tests
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-24 16:22:38 +00:00
Werner Lewis
f907576245 Pass correct arguments in test
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-11-24 16:18:06 +00:00
Werner Lewis
baa34b6248 Add test function for mpi_mod_raw_add
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-11-24 16:18:06 +00:00
Gabor Mezei
cbcbf4e434
Remove hand-written tests got raw_mod_sub
The generated tests cover all off the hand-written tests.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-24 11:48:59 +01:00
Pengyu Lv
3bb0e43b41 fix review comment
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2022-11-24 17:30:29 +08:00
Dave Rodgman
3172e4e1c9 Fix typo in test_suite_common
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-11-23 19:38:13 +00:00
Dave Rodgman
15531bc6d2 Test for all alignment combinations
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-11-23 16:51:12 +00:00
Gabor Mezei
b3b3466657
Test subtraction if the parameters are aliased to each other
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 14:44:14 +01:00
Gabor Mezei
4d3f3c5430
Fix the checking of the used limbs
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 14:44:14 +01:00
Gabor Mezei
68a45e0aaf
Fix potential not initialized warning
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 14:44:14 +01:00
Gabor Mezei
c426d9b6cc
Add generated test for low level subtraction with modulus
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 14:44:13 +01:00
Gabor Mezei
cefe03a10c
Add tests for low level subtraction with modulus
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 14:44:13 +01:00
Janos Follath
531a871b88
Merge pull request #6235 from tom-cosgrove-arm/issue-6231-core-sub-int
Bignum: extract core_sub_int from the prototype
2022-11-23 13:32:02 +00:00
Gilles Peskine
42649d9270 Fix NULL+0 undefined behavior in ECB encryption and decryption
psa_cipher_encrypt() and psa_cipher_decrypt() sometimes add a zero offset to
a null pointer when the cipher does not use an IV. This is undefined
behavior, although it works as naively expected on most platforms. This
can cause a crash with modern Clang+ASan (depending on compiler optimizations).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-23 14:16:52 +01:00
Manuel Pégourié-Gonnard
ef25a99f20
Merge pull request #6533 from valeriosetti/issue5847
Use PSA EC-JPAKE in TLS (1.2) - Part 2
2022-11-23 13:27:30 +01:00
Ronald Cron
1d1d53622f
Merge pull request #6490 from xkqian/tls13_parse_early_data_indication_ee
The internal CI merge job ran successfully.
2022-11-23 12:31:25 +01:00
Ronald Cron
cb0e680779
Merge pull request #6476 from yuhaoth/pr/fix-tls13-mbedtls_ssl_is_handshake_over
TLS 1.3: Fix tls13 mbedtls ssl is handshake over
2022-11-23 12:12:02 +01:00
Ronald Cron
d8603a7b44
Merge pull request #6638 from ronald-cron-arm/tls13-misc
TLS 1.3: Adjustments for the coming release
2022-11-23 09:07:36 +01:00
Janos Follath
cf0e86c9b8 mpi_core_exp_mod: remove manual tests
The previous commit added generated tests, we don't need the manually
added tests anymore.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-22 21:40:24 +00:00
Janos Follath
05867cb036 mpi_core_exp_mod: add generated tests
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-22 21:37:10 +00:00
Janos Follath
0f0d1e88a2 mpi_core_exp_mod: add unit tests
The test cases aim to mirror the legacy function, but needed the some
cases to be removed because:

- Null representation is not valid in core
- There are no negative numbers in core
- Bignum core doesn't do parameter checking and there are no promises for
  even N

The _size variant of the test has been removed as bignum core doesn't do
parameter checking and there is no promises for inputs that are larger
than MBEDTLS_MPI_MAX_SIZE.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-22 21:22:53 +00:00
Janos Follath
59cbd1be27 Make mbedtls_mpi_core_ct_uint_table_lookup static
Now that we have a function that calls
mbedtls_mpi_core_ct_uint_table_lookup(), the compiler won't complain if
we make it static.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-22 21:22:53 +00:00
Valerio Setti
728b142f40 test: psa_pake: port changes from cd356c3
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-22 19:47:24 +01:00
Dave Rodgman
8c18baf8c1 Add test for unaligned buffers
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-11-22 18:15:55 +00:00
Aditya Deshpande
5e3c70e3be Merge branch 'development' into driver-wrapper-key-agreement 2022-11-22 17:58:52 +00:00
Aditya Deshpande
8cc1470c18 Merge branch 'development' into driver-wrapper-key-agreement 2022-11-22 17:55:53 +00:00
Valerio Setti
e0d41de822 test: psa_pake: add missing initialization in ecjpake_setup()
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-22 18:52:17 +01:00
Valerio Setti
db4736a4ca test: psa_pake: remove empty password test
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-22 18:52:17 +01:00
Valerio Setti
b9ef1c2f03 test: psa_pake: fix error inject macro in ecjpake_do_round()
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-22 18:52:17 +01:00
Valerio Setti
b697745d14 test: psa_pake: fix erroneously duplicated tests
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-22 18:52:17 +01:00
Valerio Setti
40323c5d51 test: psa_pake: improved ecjpake_do_round() test function
Now it's possible to inject an error in every single step of the
key exchange process.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-22 18:52:17 +01:00
Valerio Setti
ac3ba95ee4 test: psa_pake: fix data file for ecjpake_setup()
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-22 18:52:17 +01:00
Valerio Setti
e65a41f278 test: psa_pake: fixes in ecjpake_setup()
Both changes concern the ERR_INJECT_UNINITIALIZED_ACCESS case:

- removed unnecessary psa_pake_abort()
- added psa_pake_get_implicit_key()

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-22 18:52:17 +01:00
Valerio Setti
e5d7864aa0 test: psa_pake: improved description of macros used in ecjpake_setup()
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-22 18:52:17 +01:00
Valerio Setti
7bb65ad22f test: psa_crypto_pake: enhanced ecjpake_setup()
- external errors are now checked in the specified point. If the
  same error happens in another line, then this is not valid and
  the test fails

- fixed some inconsistency in which injected error codes were not
  taken from the data file. Now all the expected error code are
  read from the data file

- added a couple of defines to shrink the code

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-22 18:52:17 +01:00
Valerio Setti
024b028ce1 test: split psa_pake function/data from the generic test_suite_psa_crypto
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-22 18:52:17 +01:00
Valerio Setti
1070aed778 test_suite_psa_crypto: do not re-use PAKE's contexts in case of errors
As for ecjpake_setup(), now the test function can handle:
- "external" errors, through parameters set by the data file
- "internal" ones, through enums which inject ad-hoc failures

Similarly also ecjpake_rounds() can handle both type of errors,
but right now there's no erroneous case in the associated ".data"
file.

In both cases, after an error the current test is terminated.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-22 18:45:03 +01:00
Dave Rodgman
4413b6690f Add tests for mbedtls_xor
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-11-22 17:32:43 +00:00
Tom Cosgrove
d66d5b2fef Add unit tests for mbedtls_mpi_core_sub_int(), MPI A - scalar b
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-22 15:07:31 +00:00
Bence Szépkúti
a17d038ee1 Merge branch 'development' into pr3431 2022-11-22 15:54:52 +01:00
Janos Follath
0fc88779ec
Merge pull request #6632 from yanesca/refactor_bignum_test_framework
Refactor bignum test framework
2022-11-22 14:53:58 +00:00
Gilles Peskine
a08103aa94
Merge pull request #6611 from gilles-peskine-arm/run-test-suites-out-of-tree
Fix run-test-suites.pl in out-of-tree builds
2022-11-22 15:01:13 +01:00
Gilles Peskine
4f19d86e3f
Merge pull request #6608 from mprse/ecjpake_password_fix
Make a copy of the password key in operation object while setting j-pake password
2022-11-22 14:52:12 +01:00
Xiaokang Qian
8bee89994d Add parse function for early data in encrypted extentions
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-22 09:40:07 +00:00
Ronald Cron
c2e110f445 tls13: Disable MBEDTLS_SSL_EARLY_DATA by default
Eventually we want it to be enabled by default
when TLS 1.3 is enabled but currently the
feature is on development thus it should not be
enabled by default.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-11-22 09:01:46 +01:00
Aditya Deshpande
39e08d4094 Add tests for the key agreement driver wrapper to test_suite_psa_crypto_driver_wrappers
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2022-11-21 19:39:35 +00:00
Gilles Peskine
339406daf9
Merge pull request #6609 from gilles-peskine-arm/mpi_sint-min-ub
Fix undefined behavior in bignum: NULL+0 and -most-negative-sint
2022-11-21 19:51:58 +01:00
Gilles Peskine
8b85b4835e
Merge pull request #6617 from tom-cosgrove-arm/call-mbedtls_mpi_mod_modulus_init-first-final-2
Must call mbedtls_mpi_mod_modulus_init() before anything else in tests
2022-11-21 19:50:20 +01:00
Przemek Stekiel
f82effa982 Optimize pake test code
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-11-21 15:10:32 +01:00
Przemek Stekiel
cd356c3cdb Add ec-jpake test to verify if key can be destroyed after set_password_key
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-11-21 12:25:21 +01:00
Dave Rodgman
9e1836cc16
Merge pull request #6593 from Mbed-TLS/fix_tls12_sent_sigalgs
Fix TLS1.2 signature algorithms list entry getting overwritten by length.
2022-11-21 10:09:57 +00:00
Janos Follath
f45797652f Bignum tests: set unique combinations off by default
Normally we need all the combinations, unique combinations make sense
only if the operation is commutative.

No changes to generated tests.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
351e6885f5 Make pylint happy
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:14 +00:00
Janos Follath
87df373e0e Bignum test: Move identical function to superclass
No intended change in generated test cases.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:13 +00:00
Janos Follath
0cd8967ba1 Split test generator base class
The class BaseTarget served two purposes:
- track test cases and target files for generation
- provide an abstract base class for individual test groups

Splitting these allows decoupling these two and to have further common
superclasses across targets.

No intended change in generated test cases.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-21 08:56:13 +00:00
Jerry Yu
dddd35ccf3 remvoe unrelative change
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-20 12:31:45 +08:00
Jerry Yu
a8d3c5048f Rename new session ticket name for TLS 1.3
NewSessionTicket is different with TLS 1.2.
It should not share same state.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-19 20:12:35 +08:00
Jerry Yu
c5826eaba2 Add debug message
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-19 20:12:35 +08:00
Jerry Yu
6969eee5d2 Remove Terminated message on 22.04
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-19 20:12:34 +08:00
Gilles Peskine
9ac62c3a97 Explain space preservation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-18 22:27:37 +01:00
Gilles Peskine
268ea5a9b0 Typos in comments
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-18 22:26:03 +01:00
Gilles Peskine
45747a0779 Add test cases for comment nesting
Add a test case that would fail if all line comments were parsed before
block comments, and a test case that would fail if all block comments were
parsed before line comments.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-18 22:25:18 +01:00
Gilles Peskine
18f48eb48e Fix intended backslash in test data
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-18 22:24:56 +01:00
Xiaokang Qian
4e83173bb7 Skip early data basic check temp
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-18 10:57:46 +00:00
Manuel Pégourié-Gonnard
ba7c006222
Merge pull request #6466 from mprse/driver-only-hash-ci
Driver-only hashes: test coverage in the CI
2022-11-18 09:31:13 +01:00
Paul Elliott
f6e342cae2 Add test for single signature alg with openssl
Test supplied by Gilles Peskine. Also rename previous test to fit to
naming pattern.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-11-17 14:58:14 +00:00
Paul Elliott
3b4cedaa71 Add SSL_SRV requirement to test
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-11-17 14:58:14 +00:00
Andrzej Kurek
ec71b0937f Introduce a test for single signature algorithm correctness
The value of the first sent signature algorithm is overwritten.
This test forces only a single algorithm to be sent and then
validates that the client received such algorithm.
04 03 is the expected value for SECP256R1_SHA256.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-11-17 14:58:14 +00:00
Ronald Cron
d12922a69a
Merge pull request #6486 from xkqian/tls13_add_early_data_indication
The merge job of the internal CI ran successfully. This is good to go.
2022-11-17 12:48:50 +01:00
Przemek Stekiel
85c54ea361 Allow providing space sepatated tasks
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-11-17 11:50:23 +01:00
Xiaokang Qian
e9622ac4ba Remove the fore_tls13 option case from client side
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-17 09:23:32 +00:00
Tom Cosgrove
8c0eb9744c Must call mbedtls_mpi_mod_modulus_init() before anything else in tests
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-17 08:48:12 +00:00
Przemek Stekiel
542d932352 Fix handling of default value for task argument
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-11-17 09:43:34 +01:00
Przemek Stekiel
7c7954842b Adapt ec-jpake_setup test
Now when operation holds pointer to dynamically allocated buffer for password key we can't do copy of the operation object in test instead we need to re-initialize operation object after error.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-11-16 16:27:55 +01:00
Przemek Stekiel
6419ab5299 Reduce number of skipped suites (after making configs more similar)
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-11-16 14:56:49 +01:00
Przemek Stekiel
52d8e96ff6 Disable PSA_WANT_ALG_STREAM_CIPHER, PSA_WANT_ALG_ECB_NO_PADDING also in reference config
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-11-16 14:56:26 +01:00
Przemek Stekiel
f3be7ccade Keep drivers enabled also in reference build
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-11-16 12:53:20 +01:00
Xiaokang Qian
e7bab00825 Update enabled guards for early data cases
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-16 10:06:50 +00:00
Xiaokang Qian
f3cefb4f4c Move early data test cases to tls13-misc.sh
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-16 03:23:46 +00:00
Xiaokang Qian
2dbfedae4a Update early data test cases with latest code message
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-16 02:01:49 +00:00
Gilles Peskine
298f781948 Use .datax for make test, not .data
Looking for the .data file doesn't work in out-of-tree builds. Use the
.datax file instead. `make clean` removes all .datax files, so this resolves
the issue of executables not present on the current branch being left behind
after a branch change followed by a `make clean`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-15 23:54:26 +01:00
Gilles Peskine
af601f9751 Fix undefined behavior with the most negative mbedtls_mpi_sint
When x is the most negative value of a two's complement type,
`(unsigned_type)(-x)` has undefined behavior, whereas `-(unsigned_type)x`
has well-defined behavior and does what was intended.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-15 23:02:14 +01:00
Gilles Peskine
23875ceb11 Fix autocucumber in documentation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-15 20:49:58 +01:00
Gilles Peskine
b9b9026c53 Pacify pylint
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-15 20:49:43 +01:00
Gilles Peskine
35af02171d Add negative zero as an input to automatically generated tests
Although negative zero is officially unsupported, we've had bugs related to
it in the past. So do test functions with a negative zero input.

There will likely be cases where we don't want to accept negative zero as if
it was valid, because it's too hard to handle. We'll add exceptions on a
case by case basis.

For the functions that are currently tested by the generated tests, the new
test cases pass.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-15 20:47:07 +01:00
Gilles Peskine
ca6e8aac58 Support negative zero as MPI test input
The bignum module does not officially support "negative zero" (an
mbedtls_mpi object with s=-1 and all limbs zero). However, we have a
history of bugs where a function that should produce an official
zero (with s=1), produces a negative zero in some circumstances. So it's
good to check that the bignum functions are robust when passed a negative
zero as input. And for that, we need a way to construct a negative zero
from test case arguments.

There are checks that functions don't produce negative zeros as output in
the test suite. Skip those checks if there's a negative zero input: we
don't want functions to _create_ negative zeros, but we don't mind if
they _propagate_ negative zeros.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-15 20:47:07 +01:00
Valerio Setti
9f0ec53c4c add a test for EC-JPAKE compatibility in TLS1.2
This is to ensure that the MbedTLS based implementation of EC-JPAKE
is compatible with the PSA crypto one

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-15 16:49:55 +01:00
Przemek Stekiel
aa88e0b86b Make configurations (driver, reference) as close as possible
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-11-15 13:21:14 +01:00
Gilles Peskine
2909f53740
Merge pull request #6604 from tom-cosgrove-arm/call-mbedtls_mpi_mod_modulus_init-first-cid-381893-381894
Bignum: Must call mbedtls_mpi_mod_modulus_init() before anything else in tests
2022-11-15 12:33:13 +01:00
Manuel Pégourié-Gonnard
edce0b42fb
Merge pull request #6454 from valeriosetti/issue4577
Adding unit test for mbedtls_x509write_csr_set_extension()
2022-11-15 09:39:07 +01:00
Tom Cosgrove
f90111b2b5 Must call mbedtls_mpi_mod_modulus_init() before anything else in tests
Fixes (new) Coverity issues 381893 and 381894

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-15 06:15:15 +00:00
Xiaokang Qian
9a0aafbe79 Enable/disable MBEDTLS_SSL_EARLY_DATA for cases in ssl-opt.sh
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-11-15 02:49:46 +00:00
Dave Rodgman
d384b64dd2
Merge branch 'development' into rfc9146_2
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-11-14 17:43:15 +00:00