Gabor Mezei
2cb630edee
Change the ecp_mod_p521_raw to be testable
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-15 18:05:22 +01:00
Gabor Mezei
8450ab9c60
Fix Secp521r1 reduction
...
The prototype calculated with wrong limb size and not taken into account
the overflow in the shared limb.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-15 18:03:03 +01:00
Gabor Mezei
42df16c84b
Extract Secp521r1 from the prototype
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-15 18:02:57 +01:00
David Horstmann
f51851dc70
Change += to |= for clearer semantics
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-02-15 15:44:24 +00:00
Gilles Peskine
e2a9f86755
Merge pull request #6971 from gabor-mezei-arm/6026_Secp192r1_fast_reduction
...
Extract Secp192r1 fast reduction from the prototype
2023-02-15 16:22:36 +01:00
David Horstmann
34b3f1b757
Make overflow checks more readable
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-02-15 13:46:53 +00:00
David Horstmann
21b8387929
Add ChangeLog for OID-to-string fixes
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-02-15 13:07:49 +00:00
Paul Elliott
9fe12f666b
PSA level initial implementation
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 12:13:17 +00:00
Paul Elliott
2d247923e5
Initial empty driver wrapper implementation
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 12:13:17 +00:00
Paul Elliott
1265f00494
First draft of PSA interruptible ECC signing design
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 12:13:17 +00:00
David Horstmann
895eb7c9b5
Add testcases for overlong encoding of OIDs
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-02-15 12:09:41 +00:00
David Horstmann
9c1887c4c7
Disallow overlong encoding when parsing OIDs
...
OID subidentifiers are encoded as follow. For every byte:
* The top bit is 1 if there is another byte to come, 0 if this is the
last byte.
* The other 7 bits form 7 bits of the number. These groups of 7 are
concatenated together in big-endian order.
Overlong encodings are explicitly disallowed by the BER/DER/X690
specification. For example, the number 1 cannot be encoded as:
0x80 0x80 0x01
It must be encoded as:
0x01
Enforce this in Mbed TLS' OID DER-to-string parser.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-02-15 12:02:27 +00:00
Manuel Pégourié-Gonnard
6778ddf657
Merge pull request #6549 from gilles-peskine-arm/psa-migration-md-cipher-strategy
...
Dual-API hash dispatch strategy
2023-02-15 12:50:13 +01:00
David Horstmann
f01de145bd
Add tests for mbedtls_oid_get_numeric_string()
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-02-15 11:45:51 +00:00
Pengyu Lv
10f41444a0
Fix CI failure
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-02-15 16:58:09 +08:00
Pengyu Lv
c36743f4e0
Only check files known to git
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-02-15 10:20:40 +08:00
Gilles Peskine
edc6ae9578
Merge pull request #7090 from paul-elliott-arm/fix_iar_warnings_dev
...
Fix IAR Warnings
2023-02-14 20:01:00 +01:00
Gilles Peskine
c5e2a4fe67
Merge pull request #6937 from valeriosetti/issue6886
...
Add test for PK parsing of keys using compressed points
2023-02-14 19:54:29 +01:00
David Horstmann
c7f700c795
Fix incorrect printing of OIDs
...
The first 2 components of an OID are combined together into the same
subidentifier via the formula:
subidentifier = (component1 * 40) + component2
The current code extracts component1 and component2 using division and
modulo as one would expect. However, there is a subtlety in the
specification[1]:
>This packing of the first two object identifier components recognizes
>that only three values are allocated from the root node, and at most
>39 subsequent values from nodes reached by X = 0 and X = 1.
If the root node (component1) is 2, the subsequent node (component2)
may be greater than 38. For example, the following are real OIDs:
* 2.40.0.25, UPU standard S25
* 2.49.0.0.826.0, Met Office
* 2.999, Allocated example OID
This has 2 implications that the current parsing code does not take
account of:
1. The second component may be > 39, so (subidentifier % 40) is not
correct in all circumstances.
2. The first subidentifier (containing the first 2 components) may be
more than one byte long. Currently we assume it is just 1 byte.
Improve parsing code to deal with these cases correctly.
[1] Rec. ITU-T X.690 (02/2021), 8.19.4
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-02-14 17:00:25 +00:00
Gabor Mezei
0b4b8e3c5e
Update documentation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-14 16:36:38 +01:00
Andrzej Kurek
570a0f808b
Move to DER certificates for new x509 tests
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-02-14 05:52:49 -05:00
Dave Rodgman
319a5675db
Merge pull request #7084 from daverodgman/sizemax-uintmax
...
Assume SIZE_MAX >= INT_MAX, UINT_MAX
2023-02-14 10:06:22 +00:00
Manuel Pégourié-Gonnard
6b9503a32d
Merge pull request #7064 from valeriosetti/issue6860
...
driver-only ECDSA: get testing parity in SSL
2023-02-14 09:31:07 +01:00
Ronald Cron
70341c17b7
Merge pull request #6773 from yanrayw/6675-change-early_secrets-to-local
...
TLS 1.3: Key Generation: Change tls13_early_secrets to local variable
2023-02-14 09:03:32 +01:00
Pengyu Lv
e19b51bc53
Improve readability
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-02-14 10:29:53 +08:00
Paul Elliott
1748de160a
Fix IAR Warnings
...
IAR was warning that conditional execution could bypass initialisation of
variables, although those same variables were not used uninitialised.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-13 15:35:35 +00:00
Gabor Mezei
a264831cff
Update documentation and add comments
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-13 16:29:05 +01:00
Andrzej Kurek
3e8f65a7e2
Add a changelog entry for URI SAN parsing
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-02-13 10:21:20 -05:00
Andrzej Kurek
50836c4dfb
Fix a comment in x509_crt.h
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-02-13 10:21:14 -05:00
Andrzej Kurek
4077372b98
Fix SHA requirement for SAN URI tests
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-02-13 10:18:17 -05:00
Andrzej Kurek
7a05fab716
Added the uniformResourceIdentifier subtype for the subjectAltName.
...
Co-authored-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-02-13 10:03:07 -05:00
Valerio Setti
1b08d421a7
test: fix: replace CAN_ECDSA_SOME with CAN_ECDSA_SIGN+CAN_ECDSA_VERIFY when both are needed
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 15:35:37 +01:00
Valerio Setti
16f02e0196
test: adjust include after PK_CAN_ECDSA_SOME was moved
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 15:35:37 +01:00
Valerio Setti
d928aeb9ac
test_suite_ssl: use new macros for ECDSA capabilities
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 15:35:37 +01:00
Valerio Setti
ed02bb1f95
test_suite_debug: replace ECDSA_C with new ECDSA macros
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 15:35:37 +01:00
Valerio Setti
5dc6867f7e
test: don't skip debug and ssl suites in test parity for driver only ECDSA
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 15:35:37 +01:00
Manuel Pégourié-Gonnard
d3d8c852a0
Merge pull request #6997 from valeriosetti/issue6858
...
driver-only ECDSA: get testing parity in X.509
2023-02-13 15:30:06 +01:00
Gabor Mezei
5c9f401e47
Add more test cases
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-13 14:15:08 +01:00
Gabor Mezei
23d4b8baee
Add check for test
...
Check the bit length of the output of p192_raw.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-13 14:13:33 +01:00
Gabor Mezei
a9d82dd0a2
Keep the description in one place, just refer it
...
Delete the duplicated file description and refer to the original one
in generate_bignum_tests.py.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-13 14:10:23 +01:00
Valerio Setti
178b5bdddf
pk: move MBEDTLS_PK_CAN_ECDSA_SOME macro to pk.h and fix tests
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 11:15:06 +01:00
Valerio Setti
a119cb64ef
test: remove redundant ECDSA_C dependencies from test_suite_x509parse.data
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 09:54:49 +01:00
Manuel Pégourié-Gonnard
daa65956c3
Merge pull request #7046 from mpg/cleanup-md-tests
...
Clean up MD tests
2023-02-13 09:51:28 +01:00
Janos Follath
1e4abae73e
Merge pull request #7048 from KloolK/record-size-limit/extend-test-framework
...
Extend test framework for Record Size Limit Extension
2023-02-13 08:17:12 +00:00
Gilles Peskine
a9d39c42e9
Merge pull request #7085 from sergio-nsk/patch-1
...
Fix unreachable code compiler warning in psa_crypto_driver_wrappers.c
2023-02-12 23:56:32 +01:00
Dave Rodgman
641288bc1e
Restore test guards
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-11 22:02:04 +00:00
Dave Rodgman
91e832168f
Restore more test guards
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-11 20:07:43 +00:00
Dave Rodgman
a476363042
Restore more test guards
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-11 18:36:23 +00:00
Dave Rodgman
d26d7445b8
Restore guards on a couple of tests
...
These tests check for failures, but can only fail where SIZE_MAX
exceeds some limit (UINT_MAX or UINT32_MAX) and do not fail
in this way otherwise - so guards are needed.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-11 17:22:03 +00:00
Sergey
c36c14c7af
Update psa_crypto_driver_wrappers.c.jinja
...
Signed-off-by: Sergey <sergio_nsk@yahoo.de>
2023-02-10 14:14:00 -07:00