lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Merge branch 'development' into sha3

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2023-05-05 16:01:18 +02:00
parent 0004a86727 417c4c8b2c
commit d06c6fc45b
405 changed files with 28422 additions and 16737 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
tests/.gitignore vendored
View File

@ -18,6 +18,7 @@ include/alt-extra/psa/crypto_struct_alt.h
include/test/instrument_record_status.h
src/*.o
src/test_helpers/*.o
src/drivers/*.o
src/libmbed*

4
tests/CMakeLists.txt
View File

@ -237,7 +237,9 @@ function(add_test_suite suite_name)
test_suite_${data_name}.datax
)
add_executable(test_suite_${data_name} test_suite_${data_name}.c $<TARGET_OBJECTS:mbedtls_test>)
add_executable(test_suite_${data_name} test_suite_${data_name}.c
$<TARGET_OBJECTS:mbedtls_test>
$<TARGET_OBJECTS:mbedtls_test_helpers>)
add_dependencies(test_suite_${data_name} ${dependency})
target_link_libraries(test_suite_${data_name} ${libs})
# Include test-specific header files from ./include and private header

9
tests/Makefile
View File

@ -160,7 +160,7 @@ all: $(BINARIES)
$(MBEDLIBS):
$(MAKE) -C ../library
MBEDTLS_TEST_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c src/drivers/*.c))
MBEDTLS_TEST_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c src/drivers/*.c src/test_helpers/*.c))
mbedtls_test: $(MBEDTLS_TEST_OBJS)
@ -181,6 +181,10 @@ src/drivers/%.o : src/drivers/%.c
echo " CC $<"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
src/test_helpers/%.o : src/test_helpers/%.c
echo " CC $<"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
C_FILES := $(addsuffix .c,$(APPS))
c: $(C_FILES)
@ -217,7 +221,7 @@ $(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(TEST_OBJS_DEPS) $(MBEDTLS_TEST_OBJS)
clean:
ifndef WINDOWS
rm -rf $(BINARIES) *.c *.datax
rm -f src/*.o src/drivers/*.o src/libmbed*
rm -f src/*.o src/drivers/*.o src/test_helpers/*.o src/libmbed*
rm -f include/test/instrument_record_status.h
rm -f include/alt-extra/*/*_alt.h
rm -rf libtestdriver1
@ -228,6 +232,7 @@ else
if exist *.datax del /Q /F *.datax
if exist src/*.o del /Q /F src/*.o
if exist src/drivers/*.o del /Q /F src/drivers/*.o
if exist src/test_helpers/*.o del /Q /F src/test_helpers/*.o
if exist src/libmbed* del /Q /F src/libmed*
if exist include/test/instrument_record_status.h del /Q /F include/test/instrument_record_status.h
endif

145
tests/data_files/Makefile
View File

@ -337,6 +337,21 @@ server5-fan.crt: server5.key
server5-tricky-ip-san.crt: server5.key
$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS Tricky IP SAN" -set_serial 77 -config $(test_ca_config_file) -extensions tricky_ip_san -days 3650 -sha256 -key server5.key -out $@
server5-directoryname.crt.der: server5.key
$(OPENSSL) req -x509 -outform der -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS directoryName SAN" -set_serial 77 -config $(test_ca_config_file) -extensions directory_name_san -days 3650 -sha256 -key server5.key -out $@
server5-two-directorynames.crt.der: server5.key
$(OPENSSL) req -x509 -outform der -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS directoryName SAN" -set_serial 77 -config $(test_ca_config_file) -extensions two_directorynames -days 3650 -sha256 -key server5.key -out $@
# directoryname sequence tag malformed
server5-directoryname-seq-malformed.crt.der: server5-two-directorynames.crt.der
hexdump -ve '1/1 "%.2X"' $< | sed "s/62A4473045310B/62A4473145310B/" | xxd -r -p > $@
# Second directoryname OID length malformed 03 -> 15
server5-second-directoryname-oid-malformed.crt.der: server5-two-directorynames.crt.der
hexdump -ve '1/1 "%.2X"' $< | sed "s/0355040A0C0A4D414C464F524D5F4D45/1555040A0C0A4D414C464F524D5F4D45/" | xxd -r -p > $@
all_final += server5-tricky-ip-san.crt
rsa_single_san_uri.crt.der: rsa_single_san_uri.key
@ -920,6 +935,10 @@ ec_prv.pk8param.pem: ec_prv.pk8param.der
$(OPENSSL) pkey -in $< -inform DER -out $@
all_final += ec_prv.pk8param.pem
ec_pub.pem: ec_prv.sec1.der
$(OPENSSL) pkey -in $< -inform DER -outform PEM -pubout -out $@
all_final += ec_pub.pem
ec_prv.sec1.comp.pem: ec_prv.sec1.pem
$(OPENSSL) ec -in $< -out $@ -conv_form compressed
all_final += ec_prv.sec1.comp.pem
@ -984,6 +1003,89 @@ ec_bp512_pub.comp.pem: ec_bp512_pub.pem
$(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed
all_final += ec_bp512_pub.comp.pem
ec_x25519_prv.der:
$(OPENSSL) genpkey -algorithm X25519 -out $@ -outform DER
all_final += ec_x25519_prv.der
ec_x25519_pub.der: ec_x25519_pub.der
$(OPENSSL) pkey -in $< -inform DER -out $@ -outform DER
all_final += ec_x25519_pub.der
ec_x25519_prv.pem: ec_x25519_prv.pem
$(OPENSSL) pkey -in $< -inform DER -out $@
all_final += ec_x25519_prv.pem
ec_x25519_pub.pem: ec_x25519_pub.pem
$(OPENSSL) pkey -in $< -inform DER -out $@
all_final += ec_x25519_pub.pem
ec_x448_prv.der:
$(OPENSSL) genpkey -algorithm X448 -out $@ -outform DER
all_final += ec_x448_prv.der
ec_x448_pub.der: ec_x448_pub.der
$(OPENSSL) pkey -in $< -inform DER -out $@ -outform DER
all_final += ec_x448_pub.der
ec_x448_prv.pem: ec_x448_prv.pem
$(OPENSSL) pkey -in $< -inform DER -out $@
all_final += ec_x448_prv.pem
ec_x448_pub.pem: ec_x448_pub.pem
$(OPENSSL) pkey -in $< -inform DER -out $@
all_final += ec_x448_pub.pem
################################################################
#### Convert PEM keys to DER format
################################################################
server1.pubkey.der: server1.pubkey
$(OPENSSL) pkey -pubin -in $< -out $@ -outform DER
all_final += server1.pubkey.der
rsa4096_pub.der: rsa4096_pub.pem
$(OPENSSL) pkey -pubin -in $< -out $@ -outform DER
all_final += rsa4096_pub.der
ec_pub.der: ec_pub.pem
$(OPENSSL) pkey -pubin -in $< -out $@ -outform DER
all_final += ec_pub.der
ec_521_pub.der: ec_521_pub.pem
$(OPENSSL) pkey -pubin -in $< -out $@ -outform DER
all_final += ec_521_pub.der
ec_bp512_pub.der: ec_bp512_pub.pem
$(OPENSSL) pkey -pubin -in $< -out $@ -outform DER
all_final += ec_bp512_pub.der
server1.key.der: server1.key
$(OPENSSL) pkey -in $< -out $@ -outform DER
all_final += server1.key.der
rsa4096_prv.der: rsa4096_prv.pem
$(OPENSSL) pkey -in $< -out $@ -outform DER
all_final += rsa4096_prv.der
ec_prv.sec1.der: ec_prv.sec1.pem
$(OPENSSL) pkey -in $< -out $@ -outform DER
all_final += ec_prv.sec1.der
ec_256_long_prv.der: ec_256_long_prv.pem
$(OPENSSL) pkey -in $< -out $@ -outform DER
all_final += ec_256_long_prv.der
ec_521_prv.der: ec_521_prv.pem
$(OPENSSL) pkey -in $< -out $@ -outform DER
all_final += ec_521_prv.der
ec_521_short_prv.der: ec_521_short_prv.pem
$(OPENSSL) pkey -in $< -out $@ -outform DER
all_final += ec_521_short_prv.der
ec_bp512_prv.der: ec_bp512_prv.pem
$(OPENSSL) pkey -in $< -out $@ -outform DER
all_final += ec_bp512_prv.der
################################################################
### Generate CSRs for X.509 write test suite
################################################################
@ -1006,7 +1108,7 @@ all_final += server1.req.sha256
server1.req.sha256.ext: server1.key
# Generating this with OpenSSL as a comparison point to test we're getting the same result
openssl req -new -out $@ -key $< -subj '/C=NL/O=PolarSSL/CN=PolarSSL Server 1' -sha256 -addext "extendedKeyUsage=serverAuth"
openssl req -new -out $@ -key $< -subj '/C=NL/O=PolarSSL/CN=PolarSSL Server 1' -sha256 -addext "extendedKeyUsage=serverAuth" -addext "subjectAltName=URI:http://pki.example.com/,IP:127.1.1.0,DNS:example.com"
all_final += server1.req.sha256.ext
server1.req.sha384: server1.key
@ -1306,6 +1408,11 @@ pkcs7-rsa-expired.crt:
$(FAKETIME) -f -3650d $(OPENSSL) req -x509 -subj="/C=NL/O=PKCS7/CN=PKCS7 Cert Expired" -sha256 -nodes -days 365 -newkey rsa:2048 -keyout pkcs7-rsa-expired.key -out pkcs7-rsa-expired.crt
all_final += pkcs7-rsa-expired.crt
# File with an otherwise valid signature signed with an expired cert
pkcs7_data_rsa_expired.der: pkcs7-rsa-expired.key pkcs7-rsa-expired.crt pkcs7_data.bin
$(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -inkey pkcs7-rsa-expired.key -signer pkcs7-rsa-expired.crt -noattr -outform DER -out $@
all_final += pkcs7_data_rsa_expired.der
# Convert signing certs to DER for testing PEM-free builds
pkcs7-rsa-sha256-1.der: $(pkcs7_test_cert_1)
$(OPENSSL) x509 -in pkcs7-rsa-sha256-1.crt -out $@ -outform DER
@ -1315,6 +1422,10 @@ pkcs7-rsa-sha256-2.der: $(pkcs7_test_cert_2)
$(OPENSSL) x509 -in pkcs7-rsa-sha256-2.crt -out $@ -outform DER
all_final += pkcs7-rsa-sha256-2.der
pkcs7-rsa-expired.der: pkcs7-rsa-expired.crt
$(OPENSSL) x509 -in pkcs7-rsa-expired.crt -out $@ -outform DER
all_final += pkcs7-rsa-expired.der
# pkcs7 signature file over zero-len data
pkcs7_zerolendata_detached.der: pkcs7_zerolendata.bin pkcs7-rsa-sha256-1.key pkcs7-rsa-sha256-1.crt
$(OPENSSL) smime -sign -md sha256 -nocerts -noattr -in pkcs7_zerolendata.bin -inkey pkcs7-rsa-sha256-1.key -outform DER -binary -signer pkcs7-rsa-sha256-1.crt -out pkcs7_zerolendata_detached.der
@ -1384,6 +1495,38 @@ pkcs7_signerInfo_2_invalid_tag.der: pkcs7_data_3_signed.der
echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=810 conv=notrunc
all_final += pkcs7_signerInfo_2_invalid_tag.der
# pkcs7 signature file with corrupted signer info[1]
pkcs7_data_signed_badsigner1_badsize.der: pkcs7_data_3_signed.der
cp pkcs7_data_3_signed.der $@
echo '72' | xxd -p -r | dd of=$@ bs=1 seek=438 conv=notrunc
all_final += pkcs7_data_signed_badsigner1_badsize.der
pkcs7_data_signed_badsigner1_badtag.der: pkcs7_data_3_signed.der
cp pkcs7_data_3_signed.der $@
echo 'a1' | xxd -p -r | dd of=$@ bs=1 seek=442 conv=notrunc
all_final += pkcs7_data_signed_badsigner1_badtag.der
pkcs7_data_signed_badsigner1_fuzzbad.der: pkcs7_data_3_signed.der
cp pkcs7_data_3_signed.der $@
echo 'a1' | xxd -p -r | dd of=$@ bs=1 seek=550 conv=notrunc
all_final += pkcs7_data_signed_badsigner1_fuzzbad.der
# pkcs7 signature file with corrupted signer info[2]
pkcs7_data_signed_badsigner2_badsize.der: pkcs7_data_3_signed.der
cp pkcs7_data_3_signed.der $@
echo '72'| xxd -p -r | dd of=$@ bs=1 seek=813 conv=notrunc
all_final += pkcs7_data_signed_badsigner2_badsize
pkcs7_data_signed_badsigner2_badtag.der: pkcs7_data_3_signed.der
cp pkcs7_data_3_signed.der $@
echo 'a1'| xxd -p -r | dd of=$@ bs=1 seek=817 conv=notrunc
all_final += pkcs7_data_signed_badsigner2_badtag
pkcs7_data_signed_badsigner2_fuzzbad.der: pkcs7_data_3_signed.der
cp pkcs7_data_3_signed.der $@
echo 'a1'| xxd -p -r | dd of=$@ bs=1 seek=925 conv=notrunc
all_final += pkcs7_data_signed_badsigner2_fuzzbad
# pkcs7 file with version 2
pkcs7_data_cert_signed_v2.der: pkcs7_data_cert_signed_sha256.der
cp pkcs7_data_cert_signed_sha256.der $@

BIN
tests/data_files/ec_256_long_prv.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/ec_521_prv.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/ec_521_pub.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/ec_521_short_prv.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/ec_bp512_prv.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/ec_bp512_pub.der Normal file
View File

Binary file not shown.

4
tests/data_files/ec_pub.comp.pem
View File

@ -1,4 +1,4 @@
-----BEGIN PUBLIC KEY-----
MDEwEwYHKoZIzj0CAQYIKoZIzj0DAQEDGgACvHl9s65/COw9SWtPtBGz9iClWKUB
4CIt
MDEwEwYHKoZIzj0CAQYIKoZIzj0DAQEDGgADUXW83zCjcPOdU5PmEnKI2AFntfS0
t3bG
-----END PUBLIC KEY-----

BIN
tests/data_files/ec_pub.der
View File

Binary file not shown.

4
tests/data_files/ec_pub.pem
View File

@ -1,4 +1,4 @@
-----BEGIN PUBLIC KEY-----
MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEvHl9s65/COw9SWtPtBGz9iClWKUB
4CItCM/g3Irsixp78kvpKVHMW6G+uyR0kJrg
MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEUXW83zCjcPOdU5PmEnKI2AFntfS0
t3bGdPfG81S30iQGLB9oVLWnrw/leOryWPAn
-----END PUBLIC KEY-----

BIN
tests/data_files/ec_x25519_prv.der Normal file
View File

Binary file not shown.

3
tests/data_files/ec_x25519_prv.pem Normal file
View File

@ -0,0 +1,3 @@
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VuBCIEILBtgpZVVDpRy6NuU1IrwKz9YK9ZRmVV+z4eeWhyqxpZ
-----END PRIVATE KEY-----

BIN
tests/data_files/ec_x25519_pub.der Normal file
View File

Binary file not shown.

3
tests/data_files/ec_x25519_pub.pem Normal file
View File

@ -0,0 +1,3 @@
-----BEGIN PUBLIC KEY-----
MCowBQYDK2VuAyEAm8Ow6T2CM/5qi6YTiUjMEqkTYtXC7YFYTbBatUGcnRE=
-----END PUBLIC KEY-----

BIN
tests/data_files/ec_x448_prv.der Normal file
View File

Binary file not shown.

4
tests/data_files/ec_x448_prv.pem Normal file
View File

@ -0,0 +1,4 @@
-----BEGIN PRIVATE KEY-----
MEYCAQAwBQYDK2VvBDoEOGTpCDYD9atLDMYwDnjdwUTkjO4ZMB/uacXKw+4iUiED
oe50tXsIxi5REqWe2YOoL7eD7npOGRPt
-----END PRIVATE KEY-----

BIN
tests/data_files/ec_x448_pub.der Normal file
View File

Binary file not shown.

4
tests/data_files/ec_x448_pub.pem Normal file
View File

@ -0,0 +1,4 @@
-----BEGIN PUBLIC KEY-----
MEIwBQYDK2VvAzkAlrVhn5KDNBt3nL38B9mqGKqrPwnah3ynJgaWQ5IcLzv6zZT+
TIjhGQ1NFGWwgtOV8UqU2tO4pYQ=
-----END PUBLIC KEY-----

BIN
tests/data_files/pkcs7-rsa-expired.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/pkcs7_data_no_signers.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/pkcs7_data_rsa_expired.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/pkcs7_data_signed_badsigner1_badsize.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/pkcs7_data_signed_badsigner1_badtag.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/pkcs7_data_signed_badsigner1_fuzzbad.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/pkcs7_data_signed_badsigner2_badsize.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/pkcs7_data_signed_badsigner2_badtag.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/pkcs7_data_signed_badsigner2_fuzzbad.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/rsa4096_prv.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/rsa4096_pub.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/server1.key.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/server1.pubkey.der Normal file
View File

Binary file not shown.

19
tests/data_files/server1.req.sha256.ext
View File

@ -1,17 +1,18 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICpzCCAY8CAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
MIIC3jCCAcYCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAmMCQGCSqGSIb3DQEJDjEX
MBUwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggEBAHi0yEGu
Fh5tuLiLuT95UrRnly55+lTY9xchFiKtlcoEdSheybYxqk3JHuSSqojOFKZBlRdk
oG6Azg56/aMHPWyvtCMSRQX4b+FgjeQsm9IfhYNMquQOxyPxm62vjuU3MfZIofXH
hKdI6Ci2CDF4Fyvw50KBWniV38eE9+kjsvDLdXD3ESZJGhjjuFl8ReUiA2wdBTcP
XEZaXUIc6B4tUnlPeqn/2zp4GBqqWzNZx6TXBpApASGG3BEJnM52FVPC7E9p+8YZ
qIGuiF5Cz/rYZkpwffBWIfS2zZakHLm5TB8FgZkWlyReJU9Ihk2Tl/sZ1kllFdYa
xLPnLCL82KFL1Co=
DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaBdMFsGCSqGSIb3DQEJDjFO
MEwwEwYDVR0lBAwwCgYIKwYBBQUHAwEwNQYDVR0RBC4wLIYXaHR0cDovL3BraS5l
eGFtcGxlLmNvbS+HBH8BAQCCC2V4YW1wbGUuY29tMA0GCSqGSIb3DQEBCwUAA4IB
AQCGmTIXEUvTqwChkzRtxPIQDDchrMnCXgUrTSxre5nvUOpjVlcIIPGWAwxRovfe
pW6OaGZ/3xD0dRAcOW08sTD6GRUazFrubPA1eZiNC7vYdWV59qm84N5yRR/s8Hm+
okwI47m7W9C0pfaNXchgFUQBn16TrZxPXklbCpBJ/TFV+1ODY0sJPHYiCFpYI+Jz
YuJmadP2BHucl8wv2RyVHywOmV1sDc74i9igVrBCAh8wu+kqImMtrnkGZDxrnj/L
5P1eDfdqG2cN+s40RnMQMosh3UfqpNV/bTgAqBPP2uluT9L1KpWcjZeuvisOgVTq
XwFI5s34fen2DUVw6MWNfbDK
-----END CERTIFICATE REQUEST-----

BIN
tests/data_files/server5-directoryname-seq-malformed.crt.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/server5-directoryname.crt.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/server5-second-directoryname-oid-malformed.crt.der Normal file
View File

Binary file not shown.

BIN
tests/data_files/server5-two-directorynames.crt.der Normal file
View File

Binary file not shown.

14
tests/data_files/test-ca.opensslconf
View File

@ -99,3 +99,17 @@ nsCertType=server
keyUsage = cRLSign
subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:nonprintable_hw_module_name
nsCertType=client
[directory_name_san]
subjectAltName=dirName:dirname_sect
[bad_second_directory_name_san]
subjectAltName=dirName:dirname_sect, dirName:dirname_sect_bad
[dirname_sect]
C=UK
O=Mbed TLS
CN=Mbed TLS directoryName SAN
[two_directorynames]
O=MALFORM_ME

38
tests/include/test/arguments.h Normal file
View File

@ -0,0 +1,38 @@
/**
* \file arguments.h
*
* \brief Manipulation of test arguments.
*
* Much of the code is in host_test.function, to be migrated here later.
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef TEST_ARGUMENTS_H
#define TEST_ARGUMENTS_H
#include "mbedtls/build_info.h"
#include <stdint.h>
#include <stdlib.h>
typedef union {
size_t len;
intmax_t sint;
} mbedtls_test_argument_t;
#endif /* TEST_ARGUMENTS_H */

1
tests/include/test/drivers/config_test_driver.h
View File

@ -39,6 +39,7 @@
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
#define MBEDTLS_CTR_DRBG_C
#define MBEDTLS_ENTROPY_C
#define MBEDTLS_ENTROPY_FORCE_SHA256
/*
* Configuration options that may need to be additionally enabled for the

40
tests/include/test/drivers/crypto_config_test_driver_extension.h
View File

@ -158,6 +158,14 @@
#endif
#endif
#if defined(PSA_WANT_ALG_JPAKE)
#if defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE)
#undef MBEDTLS_PSA_ACCEL_ALG_JPAKE
#else
#define MBEDTLS_PSA_ACCEL_ALG_JPAKE 1
#endif
#endif
#if defined(PSA_WANT_KEY_TYPE_AES)
#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_AES
@ -206,6 +214,30 @@
#endif
#endif
#if defined(PSA_WANT_ALG_TLS12_PRF)
#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF
#else
#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF 1
#endif
#endif
#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS
#else
#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS 1
#endif
#endif
#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS)
#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS)
#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS
#else
#define MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS 1
#endif
#endif
#define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1
#define MBEDTLS_PSA_ACCEL_ALG_CCM 1
#define MBEDTLS_PSA_ACCEL_ALG_CMAC 1
@ -218,11 +250,10 @@
#define MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP 1
#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT 1
#define MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER 1
#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF 1
#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS 1
#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)
#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) && \
defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) && \
defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE)
#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 1
#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 1
#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 1
@ -237,7 +268,6 @@
#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 1
#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 1
#endif
#endif
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE 1
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC 1

87
tests/include/test/drivers/pake.h Normal file
View File

@ -0,0 +1,87 @@
/*
* Test driver for PAKE driver entry points.
*/
/* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef PSA_CRYPTO_TEST_DRIVERS_PAKE_H
#define PSA_CRYPTO_TEST_DRIVERS_PAKE_H
#include "mbedtls/build_info.h"
#if defined(PSA_CRYPTO_DRIVER_TEST)
#include <psa/crypto_driver_common.h>
typedef struct {
/* If not PSA_SUCCESS, return this error code instead of processing the
* function call. */
psa_status_t forced_status;
/* PAKE driver setup is executed on the first call to
pake_output/pake_input (added to distinguish forced statuses). */
psa_status_t forced_setup_status;
/* Count the amount of times PAKE driver functions are called. */
struct {
unsigned long total;
unsigned long setup;
unsigned long input;
unsigned long output;
unsigned long implicit_key;
unsigned long abort;
} hits;
/* Status returned by the last PAKE driver function call. */
psa_status_t driver_status;
/* Output returned by pake_output */
void *forced_output;
size_t forced_output_length;
} mbedtls_test_driver_pake_hooks_t;
#define MBEDTLS_TEST_DRIVER_PAKE_INIT { PSA_SUCCESS, PSA_SUCCESS, { 0, 0, 0, 0, 0, 0 }, PSA_SUCCESS, \
NULL, 0 }
static inline mbedtls_test_driver_pake_hooks_t
mbedtls_test_driver_pake_hooks_init(void)
{
const mbedtls_test_driver_pake_hooks_t v = MBEDTLS_TEST_DRIVER_PAKE_INIT;
return v;
}
extern mbedtls_test_driver_pake_hooks_t mbedtls_test_driver_pake_hooks;
psa_status_t mbedtls_test_transparent_pake_setup(
mbedtls_transparent_test_driver_pake_operation_t *operation,
const psa_crypto_driver_pake_inputs_t *inputs);
psa_status_t mbedtls_test_transparent_pake_output(
mbedtls_transparent_test_driver_pake_operation_t *operation,
psa_crypto_driver_pake_step_t step,
uint8_t *output,
size_t output_size,
size_t *output_length);
psa_status_t mbedtls_test_transparent_pake_input(
mbedtls_transparent_test_driver_pake_operation_t *operation,
psa_crypto_driver_pake_step_t step,
const uint8_t *input,
size_t input_length);
psa_status_t mbedtls_test_transparent_pake_get_implicit_key(
mbedtls_transparent_test_driver_pake_operation_t *operation,
uint8_t *output, size_t output_size, size_t *output_length);
psa_status_t mbedtls_test_transparent_pake_abort(
mbedtls_transparent_test_driver_pake_operation_t *operation);
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_TEST_DRIVERS_PAKE_H */

1
tests/include/test/drivers/test_driver.h
View File

@ -38,6 +38,7 @@
#include "test/drivers/signature.h"
#include "test/drivers/asymmetric_encryption.h"
#include "test/drivers/key_agreement.h"
#include "test/drivers/pake.h"
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_TEST_DRIVER_H */

23
tests/include/test/macros.h
View File

@ -253,27 +253,4 @@
*/
#define MAX(x, y) ((x) > (y) ? (x) : (y))
/*
* 32-bit integer manipulation macros (big endian)
*/
#ifndef GET_UINT32_BE
#define GET_UINT32_BE(n, b, i) \
{ \
(n) = ((uint32_t) (b)[(i)] << 24) \
| ((uint32_t) (b)[(i) + 1] << 16) \
| ((uint32_t) (b)[(i) + 2] << 8) \
| ((uint32_t) (b)[(i) + 3]); \
}
#endif
#ifndef PUT_UINT32_BE
#define PUT_UINT32_BE(n, b, i) \
{ \
(b)[(i)] = (unsigned char) ((n) >> 24); \
(b)[(i) + 1] = (unsigned char) ((n) >> 16); \
(b)[(i) + 2] = (unsigned char) ((n) >> 8); \
(b)[(i) + 3] = (unsigned char) ((n)); \
}
#endif
#endif /* TEST_MACROS_H */

139
tests/include/test/psa_crypto_helpers.h
View File

@ -24,15 +24,47 @@
#include "test/helpers.h"
#if defined(MBEDTLS_PSA_CRYPTO_C)
#include "test/psa_helpers.h"
#include <psa/crypto.h>
#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "mbedtls/psa_util.h"
#endif
#if defined(MBEDTLS_MD_LIGHT)
#include "mbedtls/md.h"
#endif
#if defined(MBEDTLS_PSA_CRYPTO_C)
/** Initialize the PSA Crypto subsystem. */
#define PSA_INIT() PSA_ASSERT(psa_crypto_init())
/** Shut down the PSA Crypto subsystem and destroy persistent keys.
* Expect a clean shutdown, with no slots in use.
*
* If some key slots are still in use, record the test case as failed,
* but continue executing. This macro is suitable (and primarily intended)
* for use in the cleanup section of test functions.
*
* \note Persistent keys must be recorded with #TEST_USES_KEY_ID before
* creating them.
*/
#define PSA_DONE() \
do \
{ \
mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__); \
mbedtls_test_psa_purge_key_storage(); \
mbedtls_psa_crypto_free(); \
} \
while (0)
#else /*MBEDTLS_PSA_CRYPTO_C */
#define PSA_INIT() ((void) 0)
#define PSA_DONE() ((void) 0)
#endif /* MBEDTLS_PSA_CRYPTO_C */
#if defined(MBEDTLS_PSA_CRYPTO_C)
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
/* Internal function for #TEST_USES_KEY_ID. Return 1 on success, 0 on failure. */
@ -86,8 +118,6 @@ void mbedtls_test_psa_purge_key_cache(void);
#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
#define PSA_INIT() PSA_ASSERT(psa_crypto_init())
/** Check for things that have not been cleaned up properly in the
* PSA subsystem.
*
@ -104,30 +134,11 @@ const char *mbedtls_test_helper_is_psa_leaking(void);
* `TEST_ASSERT( ! mbedtls_test_helper_is_psa_leaking( ) )`
* but with a more informative message.
*/
#define ASSERT_PSA_PRISTINE() \
#define ASSERT_PSA_PRISTINE() \
do \
{ \
if (test_fail_if_psa_leaking(__LINE__, __FILE__)) \
goto exit; \
} \
while (0)
/** Shut down the PSA Crypto subsystem and destroy persistent keys.
* Expect a clean shutdown, with no slots in use.
*
* If some key slots are still in use, record the test case as failed,
* but continue executing. This macro is suitable (and primarily intended)
* for use in the cleanup section of test functions.
*
* \note Persistent keys must be recorded with #TEST_USES_KEY_ID before
* creating them.
*/
#define PSA_DONE() \
do \
{ \
test_fail_if_psa_leaking(__LINE__, __FILE__); \
mbedtls_test_psa_purge_key_storage(); \
mbedtls_psa_crypto_free(); \
if (mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__)) \
goto exit; \
} \
while (0)
@ -193,6 +204,14 @@ psa_status_t mbedtls_test_record_status(psa_status_t status,
*/
psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags);
/** Check that no PSA Crypto key slots are in use.
*
* If any slots are in use, mark the current test as failed.
*
* \return 0 if the key store is empty, 1 otherwise.
*/
int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename);
/** Skip a test case if the given key is a 192 bits AES key and the AES
* implementation is at least partially provided by an accelerator or
* alternative implementation.
@ -277,30 +296,24 @@ psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags)
} \
while (0)
#if !defined(MBEDTLS_MD_C)
#define PSA_INIT_IF_NO_MD() PSA_INIT()
#define PSA_DONE_IF_NO_MD() PSA_DONE()
#endif
#endif /* MBEDTLS_PSA_CRYPTO_C */
#if defined(MBEDTLS_MD_C)
#define PSA_INIT_IF_NO_MD() ((void) 0)
#define PSA_DONE_IF_NO_MD() ((void) 0)
#endif
/** \def USE_PSA_INIT
*
* Call this macro to initialize the PSA subsystem if #MBEDTLS_USE_PSA_CRYPTO
* or #MBEDTLS_SSL_PROTO_TLS1_3 (In contrast to TLS 1.2 implementation, the
* TLS 1.3 one uses PSA independently of the definition of
* #MBEDTLS_USE_PSA_CRYPTO) is enabled and do nothing otherwise. If the
* initialization fails, mark the test case as failed and jump to the \p exit
* label.
* #MBEDTLS_USE_PSA_CRYPTO) is enabled and do nothing otherwise.
*
* If the initialization fails, mark the test case as failed and jump to the
* \p exit label.
*/
/** \def USE_PSA_DONE
*
* Call this macro at the end of a test case if you called #USE_PSA_INIT.
* This is like #PSA_DONE, except that it does nothing if
* #MBEDTLS_USE_PSA_CRYPTO is disabled.
*
* This is like #PSA_DONE except it does nothing under the same conditions as
* #USE_PSA_INIT.
*/
#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
#define USE_PSA_INIT() PSA_INIT()
@ -313,4 +326,52 @@ psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags)
#define USE_PSA_DONE() ((void) 0)
#endif /* !MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_SSL_PROTO_TLS1_3 */
/** \def MD_PSA_INIT
*
* Call this macro to initialize the PSA subsystem if MD uses a driver,
* and do nothing otherwise.
*
* If the initialization fails, mark the test case as failed and jump to the
* \p exit label.
*/
/** \def MD_PSA_DONE
*
* Call this macro at the end of a test case if you called #MD_PSA_INIT.
*
* This is like #PSA_DONE except it does nothing under the same conditions as
* #MD_PSA_INIT.
*/
#if defined(MBEDTLS_MD_SOME_PSA)
#define MD_PSA_INIT() PSA_INIT()
#define MD_PSA_DONE() PSA_DONE()
#else /* MBEDTLS_MD_SOME_PSA */
#define MD_PSA_INIT() ((void) 0)
#define MD_PSA_DONE() ((void) 0)
#endif /* MBEDTLS_MD_SOME_PSA */
/** \def MD_OR_USE_PSA_INIT
*
* Call this macro to initialize the PSA subsystem if MD uses a driver,
* or if #MBEDTLS_USE_PSA_CRYPTO or #MBEDTLS_SSL_PROTO_TLS1_3 is enabled,
* and do nothing otherwise.
*
* If the initialization fails, mark the test case as failed and jump to the
* \p exit label.
*/
/** \def MD_OR_USE_PSA_DONE
*
* Call this macro at the end of a test case if you called #MD_OR_USE_PSA_INIT.
*
* This is like #PSA_DONE except it does nothing under the same conditions as
* #MD_OR_USE_PSA_INIT.
*/
#if defined(MBEDTLS_MD_SOME_PSA) || \
defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
#define MD_OR_USE_PSA_INIT() PSA_INIT()
#define MD_OR_USE_PSA_DONE() PSA_DONE()
#else
#define MD_OR_USE_PSA_INIT() ((void) 0)
#define MD_OR_USE_PSA_DONE() ((void) 0)
#endif
#endif /* PSA_CRYPTO_HELPERS_H */

2
tests/include/test/psa_exercise_key.h
View File

@ -34,7 +34,7 @@
*/
#if defined(PSA_WANT_ALG_MD5)
#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5
/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of
/* PSA_WANT_ALG_RIPEMD160 omitted. This is necessary for the sake of
* exercise_signature_key() because Mbed TLS doesn't support RIPEMD160
* in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be
* implausible anyway. */

620
tests/include/test/ssl_helpers.h Normal file
View File

@ -0,0 +1,620 @@
/** \file ssl_helpers.h
*
* \brief This file contains helper functions to set up a TLS connection.
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef SSL_HELPERS_H
#define SSL_HELPERS_H
#include "mbedtls/build_info.h"
#include <string.h>
#include <test/helpers.h>
#include <test/macros.h>
#include <test/random.h>
#include <test/psa_crypto_helpers.h>
#if defined(MBEDTLS_SSL_TLS_C)
#include <ssl_misc.h>
#include <mbedtls/timing.h>
#include <mbedtls/debug.h>
#include "hash_info.h"
#include "test/certs.h"
#if defined(MBEDTLS_SSL_CACHE_C)
#include "mbedtls/ssl_cache.h"
#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#define PSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
psa_to_ssl_errors, \
psa_generic_status_to_mbedtls)
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#if defined(MBEDTLS_AES_C)
#if defined(MBEDTLS_GCM_C)
#if defined(MBEDTLS_MD_CAN_SHA384)
#define MBEDTLS_TEST_HAS_TLS1_3_AES_256_GCM_SHA384
#endif
#if defined(MBEDTLS_MD_CAN_SHA256)
#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_GCM_SHA256
#endif
#endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_MD_CAN_SHA256)
#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_SHA256
#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_8_SHA256
#endif
#endif /* MBEDTLS_AES_C */
#if defined(MBEDTLS_CHACHAPOLY_C) && defined(MBEDTLS_MD_CAN_SHA256)
#define MBEDTLS_TEST_HAS_TLS1_3_CHACHA20_POLY1305_SHA256
#endif
#if defined(MBEDTLS_TEST_HAS_TLS1_3_AES_256_GCM_SHA384) || \
defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_GCM_SHA256) || \
defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_SHA256) || \
defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_8_SHA256) || \
defined(MBEDTLS_TEST_HAS_TLS1_3_CHACHA20_POLY1305_SHA256)
#define MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
#define MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
#endif
enum {
#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \
tls13_label_ ## name,
MBEDTLS_SSL_TLS1_3_LABEL_LIST
#undef MBEDTLS_SSL_TLS1_3_LABEL
};
typedef struct mbedtls_test_ssl_log_pattern {
const char *pattern;
size_t counter;
} mbedtls_test_ssl_log_pattern;
typedef struct mbedtls_test_handshake_test_options {
const char *cipher;
mbedtls_ssl_protocol_version client_min_version;
mbedtls_ssl_protocol_version client_max_version;
mbedtls_ssl_protocol_version server_min_version;
mbedtls_ssl_protocol_version server_max_version;
mbedtls_ssl_protocol_version expected_negotiated_version;
int expected_handshake_result;
int expected_ciphersuite;
int pk_alg;
int opaque_alg;
int opaque_alg2;
int opaque_usage;
data_t *psk_str;
int dtls;
int srv_auth_mode;
int serialize;
int mfl;
int cli_msg_len;
int srv_msg_len;
int expected_cli_fragments;
int expected_srv_fragments;
int renegotiate;
int legacy_renegotiation;
void *srv_log_obj;
void *cli_log_obj;
void (*srv_log_fun)(void *, int, const char *, int, const char *);
void (*cli_log_fun)(void *, int, const char *, int, const char *);
int resize_buffers;
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_context *cache;
#endif
} mbedtls_test_handshake_test_options;
/*
* Buffer structure for custom I/O callbacks.
*/
typedef struct mbedtls_test_ssl_buffer {
size_t start;
size_t content_length;
size_t capacity;
unsigned char *buffer;
} mbedtls_test_ssl_buffer;
/*
* Context for a message metadata queue (fifo) that is on top of the ring buffer.
*/
typedef struct mbedtls_test_ssl_message_queue {
size_t *messages;
int pos;
int num;
int capacity;
} mbedtls_test_ssl_message_queue;
/*
* Context for the I/O callbacks simulating network connection.
*/
#define MBEDTLS_MOCK_SOCKET_CONNECTED 1
typedef struct mbedtls_test_mock_socket {
int status;
mbedtls_test_ssl_buffer *input;
mbedtls_test_ssl_buffer *output;
struct mbedtls_test_mock_socket *peer;
} mbedtls_test_mock_socket;
/* Errors used in the message socket mocks */
#define MBEDTLS_TEST_ERROR_CONTEXT_ERROR -55
#define MBEDTLS_TEST_ERROR_SEND_FAILED -66
#define MBEDTLS_TEST_ERROR_RECV_FAILED -77
/*
* Structure used as an addon, or a wrapper, around the mocked sockets.
* Contains an input queue, to which the other socket pushes metadata,
* and an output queue, to which this one pushes metadata. This context is
* considered as an owner of the input queue only, which is initialized and
* freed in the respective setup and free calls.
*/
typedef struct mbedtls_test_message_socket_context {
mbedtls_test_ssl_message_queue *queue_input;
mbedtls_test_ssl_message_queue *queue_output;
mbedtls_test_mock_socket *socket;
} mbedtls_test_message_socket_context;
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/*
* Structure with endpoint's certificates for SSL communication tests.
*/
typedef struct mbedtls_test_ssl_endpoint_certificate {
mbedtls_x509_crt *ca_cert;
mbedtls_x509_crt *cert;
mbedtls_pk_context *pkey;
} mbedtls_test_ssl_endpoint_certificate;
/*
* Endpoint structure for SSL communication tests.
*/
typedef struct mbedtls_test_ssl_endpoint {
const char *name;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_test_mock_socket socket;
mbedtls_test_ssl_endpoint_certificate cert;
} mbedtls_test_ssl_endpoint;
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
/*
* This function can be passed to mbedtls to receive output logs from it. In
* this case, it will count the instances of a mbedtls_test_ssl_log_pattern
* in the received logged messages.
*/
void mbedtls_test_ssl_log_analyzer(void *ctx, int level,
const char *file, int line,
const char *str);
void mbedtls_test_init_handshake_options(
mbedtls_test_handshake_test_options *opts);
void mbedtls_test_free_handshake_options(
mbedtls_test_handshake_test_options *opts);
/*
* Initialises \p buf. After calling this function it is safe to call
* `mbedtls_test_ssl_buffer_free()` on \p buf.
*/
void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf);
/*
* Sets up \p buf. After calling this function it is safe to call
* `mbedtls_test_ssl_buffer_put()` and `mbedtls_test_ssl_buffer_get()`
* on \p buf.
*/
int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf,
size_t capacity);
void mbedtls_test_ssl_buffer_free(mbedtls_test_ssl_buffer *buf);
/*
* Puts \p input_len bytes from the \p input buffer into the ring buffer \p buf.
*
* \p buf must have been initialized and set up by calling
* `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`.
*
* \retval \p input_len, if the data fits.
* \retval 0 <= value < \p input_len, if the data does not fit.
* \retval -1, if \p buf is NULL, it hasn't been set up or \p input_len is not
* zero and \p input is NULL.
*/
int mbedtls_test_ssl_buffer_put(mbedtls_test_ssl_buffer *buf,
const unsigned char *input, size_t input_len);
/*
* Gets \p output_len bytes from the ring buffer \p buf into the
* \p output buffer. The output buffer can be NULL, in this case a part of the
* ring buffer will be dropped, if the requested length is available.
*
* \p buf must have been initialized and set up by calling
* `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`.
*
* \retval \p output_len, if the data is available.
* \retval 0 <= value < \p output_len, if the data is not available.
* \retval -1, if \buf is NULL or it hasn't been set up.
*/
int mbedtls_test_ssl_buffer_get(mbedtls_test_ssl_buffer *buf,
unsigned char *output, size_t output_len);
/*
* Errors used in the message transport mock tests
*/
#define MBEDTLS_TEST_ERROR_ARG_NULL -11
#define MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED -44
/*
* Setup and free functions for the message metadata queue.
*
* \p capacity describes the number of message metadata chunks that can be held
* within the queue.
*
* \retval 0, if a metadata queue of a given length can be allocated.
* \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation failed.
*/
int mbedtls_test_ssl_message_queue_setup(
mbedtls_test_ssl_message_queue *queue, size_t capacity);
void mbedtls_test_ssl_message_queue_free(
mbedtls_test_ssl_message_queue *queue);
/*
* Push message length information onto the message metadata queue.
* This will become the last element to leave it (fifo).
*
* \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
* \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full.
* \retval \p len, if the push was successful.
*/
int mbedtls_test_ssl_message_queue_push_info(
mbedtls_test_ssl_message_queue *queue, size_t len);
/*
* Pop information about the next message length from the queue. This will be
* the oldest inserted message length(fifo). \p msg_len can be null, in which
* case the data will be popped from the queue but not copied anywhere.
*
* \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
* \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty.
* \retval message length, if the pop was successful, up to the given
\p buf_len.
*/
int mbedtls_test_ssl_message_queue_pop_info(
mbedtls_test_ssl_message_queue *queue, size_t buf_len);
/*
* Setup and teardown functions for mock sockets.
*/
void mbedtls_test_mock_socket_init(mbedtls_test_mock_socket *socket);
/*
* Closes the socket \p socket.
*
* \p socket must have been previously initialized by calling
* mbedtls_test_mock_socket_init().
*
* This function frees all allocated resources and both sockets are aware of the
* new connection state.
*
* That is, this function does not simulate half-open TCP connections and the
* phenomenon that when closing a UDP connection the peer is not aware of the
* connection having been closed.
*/
void mbedtls_test_mock_socket_close(mbedtls_test_mock_socket *socket);
/*
* Establishes a connection between \p peer1 and \p peer2.
*
* \p peer1 and \p peer2 must have been previously initialized by calling
* mbedtls_test_mock_socket_init().
*
* The capacities of the internal buffers are set to \p bufsize. Setting this to
* the correct value allows for simulation of MTU, sanity testing the mock
* implementation and mocking TCP connections with lower memory cost.
*/
int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1,
mbedtls_test_mock_socket *peer2,
size_t bufsize);
/*
* Callbacks for simulating blocking I/O over connection-oriented transport.
*/
int mbedtls_test_mock_tcp_send_b(void *ctx,
const unsigned char *buf, size_t len);
int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len);
/*
* Callbacks for simulating non-blocking I/O over connection-oriented transport.
*/
int mbedtls_test_mock_tcp_send_nb(void *ctx,
const unsigned char *buf, size_t len);
int mbedtls_test_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len);
void mbedtls_test_message_socket_init(
mbedtls_test_message_socket_context *ctx);
/*
* Setup a given message socket context including initialization of
* input/output queues to a chosen capacity of messages. Also set the
* corresponding mock socket.
*
* \retval 0, if everything succeeds.
* \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message
* queue failed.
*/
int mbedtls_test_message_socket_setup(
mbedtls_test_ssl_message_queue *queue_input,
mbedtls_test_ssl_message_queue *queue_output,
size_t queue_capacity,
mbedtls_test_mock_socket *socket,
mbedtls_test_message_socket_context *ctx);
/*
* Close a given message socket context, along with the socket itself. Free the
* memory allocated by the input queue.
*/
void mbedtls_test_message_socket_close(
mbedtls_test_message_socket_context *ctx);
/*
* Send one message through a given message socket context.
*
* \retval \p len, if everything succeeds.
* \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context
* elements or the context itself is null.
* \retval MBEDTLS_TEST_ERROR_SEND_FAILED if
* mbedtls_test_mock_tcp_send_b failed.
* \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the output queue is full.
*
* This function will also return any error from
* mbedtls_test_ssl_message_queue_push_info.
*/
int mbedtls_test_mock_tcp_send_msg(void *ctx,
const unsigned char *buf, size_t len);
/*
* Receive one message from a given message socket context and return message
* length or an error.
*
* \retval message length, if everything succeeds.
* \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context
* elements or the context itself is null.
* \retval MBEDTLS_TEST_ERROR_RECV_FAILED if
* mbedtls_test_mock_tcp_recv_b failed.
*
* This function will also return any error other than
* MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from test_ssl_message_queue_peek_info.
*/
int mbedtls_test_mock_tcp_recv_msg(void *ctx,
unsigned char *buf, size_t buf_len);
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/*
* Initializes \p ep_cert structure and assigns it to endpoint
* represented by \p ep.
*
* \retval 0 on success, otherwise error code.
*/
int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep,
int pk_alg,
int opaque_alg, int opaque_alg2,
int opaque_usage);
/*
* Initializes \p ep structure. It is important to call
* `mbedtls_test_ssl_endpoint_free()` after calling this function
* even if it fails.
*
* \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or
* MBEDTLS_SSL_IS_CLIENT.
* \p pk_alg the algorithm to use, currently only MBEDTLS_PK_RSA and
* MBEDTLS_PK_ECDSA are supported.
* \p dtls_context - in case of DTLS - this is the context handling metadata.
* \p input_queue - used only in case of DTLS.
* \p output_queue - used only in case of DTLS.
*
* \retval 0 on success, otherwise error code.
*/
int mbedtls_test_ssl_endpoint_init(
mbedtls_test_ssl_endpoint *ep, int endpoint_type,
mbedtls_test_handshake_test_options *options,
mbedtls_test_message_socket_context *dtls_context,
mbedtls_test_ssl_message_queue *input_queue,
mbedtls_test_ssl_message_queue *output_queue,
uint16_t *group_list);
/*
* Deinitializes endpoint represented by \p ep.
*/
void mbedtls_test_ssl_endpoint_free(
mbedtls_test_ssl_endpoint *ep,
mbedtls_test_message_socket_context *context);
/*
* This function moves ssl handshake from \p ssl to prescribed \p state.
* /p second_ssl is used as second endpoint and their sockets have to be
* connected before calling this function.
*
* \retval 0 on success, otherwise error code.
*/
int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl,
mbedtls_ssl_context *second_ssl,
int state);
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
/*
* Helper function setting up inverse record transformations
* using given cipher, hash, EtM mode, authentication tag length,
* and version.
*/
#define CHK(x) \
do \
{ \
if (!(x)) \
{ \
ret = -1; \
goto cleanup; \
} \
} while (0)
#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX
#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_IN_LEN_MAX
#else
#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_AES_C)
int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform,
const unsigned char *iv,
size_t iv_len,
const unsigned char *input,
size_t ilen,
unsigned char *output,
size_t *olen);
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_CIPHER_MODE_CBC &&
MBEDTLS_AES_C */
int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in,
mbedtls_ssl_transform *t_out,
int cipher_type, int hash_id,
int etm, int tag_mode,
mbedtls_ssl_protocol_version tls_version,
size_t cid0_len,
size_t cid1_len);
/*
* Populate a session structure for serialization tests.
* Choose dummy values, mostly non-0 to distinguish from the init default.
*/
int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session,
int ticket_len,
const char *crt_file);
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session,
int ticket_len,
int endpoint_type);
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/*
* Perform data exchanging between \p ssl_1 and \p ssl_2 and check if the
* message was sent in the correct number of fragments.
*
* /p ssl_1 and /p ssl_2 Endpoints represented by mbedtls_ssl_context. Both
* of them must be initialized and connected
* beforehand.
* /p msg_len_1 and /p msg_len_2 specify the size of the message to send.
* /p expected_fragments_1 and /p expected_fragments_2 determine in how many
* fragments the message should be sent.
* expected_fragments is 0: can be used for DTLS testing while the message
* size is larger than MFL. In that case the message
* cannot be fragmented and sent to the second
* endpoint.
* This value can be used for negative tests.
* expected_fragments is 1: can be used for TLS/DTLS testing while the
* message size is below MFL
* expected_fragments > 1: can be used for TLS testing while the message
* size is larger than MFL
*
* \retval 0 on success, otherwise error code.
*/
int mbedtls_test_ssl_exchange_data(
mbedtls_ssl_context *ssl_1,
int msg_len_1, const int expected_fragments_1,
mbedtls_ssl_context *ssl_2,
int msg_len_2, const int expected_fragments_2);
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
void mbedtls_test_ssl_perform_handshake(
mbedtls_test_handshake_test_options *options);
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_TEST_HOOKS)
/*
* Tweak vector lengths in a TLS 1.3 Certificate message
*
* \param[in] buf Buffer containing the Certificate message to tweak
* \param[in]]out] end End of the buffer to parse
* \param tweak Tweak identifier (from 1 to the number of tweaks).
* \param[out] expected_result Error code expected from the parsing function
* \param[out] args Arguments of the MBEDTLS_SSL_CHK_BUF_READ_PTR call that
* is expected to fail. All zeroes if no
* MBEDTLS_SSL_CHK_BUF_READ_PTR failure is expected.
*/
int mbedtls_test_tweak_tls13_certificate_msg_vector_len(
unsigned char *buf, unsigned char **end, int tweak,
int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args);
#endif /* MBEDTLS_TEST_HOOKS */
#define ECJPAKE_TEST_PWD "bla"
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#define ECJPAKE_TEST_SET_PASSWORD(exp_ret_val) \
ret = (use_opaque_arg) ? \
mbedtls_ssl_set_hs_ecjpake_password_opaque(&ssl, pwd_slot) : \
mbedtls_ssl_set_hs_ecjpake_password(&ssl, pwd_string, pwd_len); \
TEST_EQUAL(ret, exp_ret_val)
#else
#define ECJPAKE_TEST_SET_PASSWORD(exp_ret_val) \
ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl, \
pwd_string, pwd_len); \
TEST_EQUAL(ret, exp_ret_val)
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#define TEST_AVAILABLE_ECC(tls_id_, group_id_, psa_family_, psa_bits_) \
TEST_EQUAL(mbedtls_ssl_get_ecp_group_id_from_tls_id(tls_id_), \
group_id_); \
TEST_EQUAL(mbedtls_ssl_get_tls_id_from_ecp_group_id(group_id_), \
tls_id_); \
TEST_EQUAL(mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id_, \
&psa_family, &psa_bits), PSA_SUCCESS); \
TEST_EQUAL(psa_family_, psa_family); \
TEST_EQUAL(psa_bits_, psa_bits);
#define TEST_UNAVAILABLE_ECC(tls_id_, group_id_, psa_family_, psa_bits_) \
TEST_EQUAL(mbedtls_ssl_get_ecp_group_id_from_tls_id(tls_id_), \
MBEDTLS_ECP_DP_NONE); \
TEST_EQUAL(mbedtls_ssl_get_tls_id_from_ecp_group_id(group_id_), \
0); \
TEST_EQUAL(mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id_, \
&psa_family, &psa_bits), \
PSA_ERROR_NOT_SUPPORTED);
#endif /* MBEDTLS_SSL_TLS_C */
#endif /* SSL_HELPERS_H */

1440
tests/opt-testcases/tls13-compat.sh
View File

File diff suppressed because it is too large Load Diff

362
tests/opt-testcases/tls13-kex-modes.sh
View File

File diff suppressed because it is too large Load Diff

58
tests/opt-testcases/tls13-misc.sh
View File

@ -26,7 +26,7 @@ requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
run_test "TLS 1.3: PSK: No valid ciphersuite. G->m" \
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
"$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-CIPHER-ALL:+AES-256-GCM:+AEAD:+SHA384:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
localhost" \
@ -45,7 +45,7 @@ requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
run_test "TLS 1.3: PSK: No valid ciphersuite. O->m" \
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
"$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
"$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -ciphersuites TLS_AES_256_GCM_SHA384\
-psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1 \
@ -59,8 +59,8 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Multiple PSKs: valid ticket, reconnect with ticket" \
"$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8" \
"$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
"$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8" \
"$P_CLI tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
0 \
-c "Pre-configured PSK number = 2" \
-s "sent selected_identity: 0" \
@ -73,8 +73,8 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Multiple PSKs: invalid ticket, reconnect with PSK" \
"$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=1" \
"$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
"$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=1" \
"$P_CLI tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
0 \
-c "Pre-configured PSK number = 2" \
-s "sent selected_identity: 1" \
@ -88,7 +88,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Session resumption failure, ticket authentication failed." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=1" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=1" \
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -107,7 +107,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Session resumption failure, ticket expired." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=2" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=2" \
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -126,7 +126,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Session resumption failure, invalid start time." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=3" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=3" \
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -145,7 +145,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Session resumption failure, ticket expired. too old" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=4" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=4" \
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -164,7 +164,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too young." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=5" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=5" \
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -183,7 +183,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too old." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=6" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=6" \
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -201,7 +201,7 @@ requires_gnutls_tls1_3
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
run_test "TLS 1.3: G->m: ephemeral_all/psk, fail, no common kex mode" \
"$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
"$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
localhost" \
@ -221,7 +221,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_
requires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: G->m: PSK: configured psk only, good." \
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
"$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
localhost" \
@ -239,7 +239,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_
requires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: G->m: PSK: configured psk_ephemeral only, good." \
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
"$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
localhost" \
@ -257,7 +257,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_
requires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3: G->m: PSK: configured ephemeral only, good." \
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
"$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
localhost" \
@ -317,7 +317,7 @@ requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
run_test "TLS 1.3, ext PSK, early data" \
"$O_NEXT_SRV_EARLY_DATA -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
"$P_CLI debug_level=5 force_version=tls13 tls13_kex_modes=psk early_data=1 psk=010203 psk_identity=0a0b0c" \
"$P_CLI debug_level=5 tls13_kex_modes=psk early_data=1 psk=010203 psk_identity=0a0b0c" \
1 \
-c "Reconnecting with saved session" \
-c "NewSessionTicket: early_data(42) extension received." \
@ -330,7 +330,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/none." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=7" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=7" \
"$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -346,7 +346,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=8" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=8" \
"$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -358,7 +358,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk_ephemeral." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=9" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=9" \
"$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -374,7 +374,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk_all." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=10" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=10" \
"$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -386,7 +386,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/none." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=7" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=7" \
"$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -402,7 +402,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=8" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=8" \
"$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -418,7 +418,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk_ephemeral." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=9" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=9" \
"$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -430,7 +430,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk_all." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=10" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=10" \
"$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -443,7 +443,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/none." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=7" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=7" \
"$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -460,7 +460,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=8" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=8" \
"$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -473,7 +473,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk_ephemeral." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=9" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=9" \
"$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \
@ -486,7 +486,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk_all." \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=10" \
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=10" \
"$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \
0 \
-c "Pre-configured PSK number = 1" \

731
tests/scripts/all.sh
View File

File diff suppressed because it is too large Load Diff

133
tests/scripts/analyze_outcomes.py
View File

@ -10,6 +10,8 @@ import argparse
import sys
import traceback
import re
import subprocess
import os
import check_test_cases
@ -51,6 +53,26 @@ class TestCaseOutcomes:
"""
return len(self.successes) + len(self.failures)
def execute_reference_driver_tests(ref_component, driver_component, outcome_file):
"""Run the tests specified in ref_component and driver_component. Results
are stored in the output_file and they will be used for the following
coverage analysis"""
# If the outcome file already exists, we assume that the user wants to
# perform the comparison analysis again without repeating the tests.
if os.path.exists(outcome_file):
Results.log("Outcome file (" + outcome_file + ") already exists. " + \
"Tests will be skipped.")
return
shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \
" " + ref_component + " " + driver_component
Results.log("Running: " + shell_command)
ret_val = subprocess.run(shell_command.split(), check=False).returncode
if ret_val != 0:
Results.log("Error: failed to run reference/driver components")
sys.exit(ret_val)
def analyze_coverage(results, outcomes):
"""Check that all available test cases are executed at least once."""
available = check_test_cases.collect_available_test_cases()
@ -82,7 +104,7 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver,
full_test_suite = key.split(';')[0] # retrieve full test suite name
test_string = key.split(';')[1] # retrieve the text string of this test
test_suite = full_test_suite.split('.')[0] # retrieve main part of test suite name
if test_suite in ignored_suites:
if test_suite in ignored_suites or full_test_suite in ignored_suites:
continue
if ((full_test_suite in ignored_test) and
(test_string in ignored_test[full_test_suite])):
@ -96,7 +118,7 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver,
if component_ref in entry:
reference_test_passed = True
if(reference_test_passed and not driver_test_passed):
print(key)
Results.log(key)
result = False
return result
@ -131,16 +153,19 @@ def do_analyze_coverage(outcome_file, args):
"""Perform coverage analysis."""
del args # unused
outcomes = read_outcome_file(outcome_file)
print("\n*** Analyze coverage ***\n")
Results.log("\n*** Analyze coverage ***\n")
results = analyze_outcomes(outcomes)
return results.error_count == 0
def do_analyze_driver_vs_reference(outcome_file, args):
"""Perform driver vs reference analyze."""
execute_reference_driver_tests(args['component_ref'], \
args['component_driver'], outcome_file)
ignored_suites = ['test_suite_' + x for x in args['ignored_suites']]
outcomes = read_outcome_file(outcome_file)
print("\n*** Analyze driver {} vs reference {} ***\n".format(
Results.log("\n*** Analyze driver {} vs reference {} ***\n".format(
args['component_driver'], args['component_ref']))
return analyze_driver_vs_reference(outcomes, args['component_ref'],
args['component_driver'], ignored_suites,
@ -152,9 +177,12 @@ TASKS = {
'test_function': do_analyze_coverage,
'args': {}
},
# How to use analyze_driver_vs_reference_xxx locally:
# 1. tests/scripts/all.sh --outcome-file "$PWD/out.csv" <component_ref> <component_driver>
# 2. tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx
# There are 2 options to use analyze_driver_vs_reference_xxx locally:
# 1. Run tests and then analysis:
# - tests/scripts/all.sh --outcome-file "$PWD/out.csv" <component_ref> <component_driver>
# - tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx
# 2. Let this script run both automatically:
# - tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx
'analyze_driver_vs_reference_hash': {
'test_function': do_analyze_driver_vs_reference,
'args': {
@ -162,24 +190,99 @@ TASKS = {
'component_driver': 'test_psa_crypto_config_accel_hash_use_psa',
'ignored_suites': [
'shax', 'mdx', # the software implementations that are being excluded
'md', # the legacy abstraction layer that's being excluded
'md.psa', # purposefully depends on whether drivers are present
],
'ignored_tests': {
}
}
},
'analyze_driver_vs_reference_ecdsa': {
'analyze_driver_vs_reference_all_ec_algs': {
'test_function': do_analyze_driver_vs_reference,
'args': {
'component_ref': 'test_psa_crypto_config_reference_ecdsa_use_psa',
'component_driver': 'test_psa_crypto_config_accel_ecdsa_use_psa',
'component_ref': 'test_psa_crypto_config_reference_all_ec_algs_use_psa',
'component_driver': 'test_psa_crypto_config_accel_all_ec_algs_use_psa',
'ignored_suites': [
'ecdsa', # the software implementation that's excluded
'ecdsa',
'ecdh',
'ecjpake',
],
'ignored_tests': {
'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)',
],
# In the accelerated test ECP_C is not set (only ECP_LIGHT is)
# so we must ignore disparities in the tests for which ECP_C
# is required.
'test_suite_ecp': [
'ECP check public-private #1 (OK)',
'ECP check public-private #2 (group none)',
'ECP check public-private #3 (group mismatch)',
'ECP check public-private #4 (Qx mismatch)',
'ECP check public-private #5 (Qy mismatch)',
'ECP check public-private #6 (wrong Qx)',
'ECP check public-private #7 (wrong Qy)',
'ECP gen keypair [#1]',
'ECP gen keypair [#2]',
'ECP gen keypair [#3]',
'ECP gen keypair wrapper',
'ECP point muladd secp256r1 #1',
'ECP point muladd secp256r1 #2',
'ECP point multiplication Curve25519 (element of order 2: origin) #3',
'ECP point multiplication Curve25519 (element of order 4: 1) #4',
'ECP point multiplication Curve25519 (element of order 8) #5',
'ECP point multiplication Curve25519 (normalized) #1',
'ECP point multiplication Curve25519 (not normalized) #2',
'ECP point multiplication rng fail Curve25519',
'ECP point multiplication rng fail secp256r1',
'ECP test vectors Curve25519',
'ECP test vectors Curve448 (RFC 7748 6.2, after decodeUCoordinate)',
'ECP test vectors brainpoolP256r1 rfc 7027',
'ECP test vectors brainpoolP384r1 rfc 7027',
'ECP test vectors brainpoolP512r1 rfc 7027',
'ECP test vectors secp192k1',
'ECP test vectors secp192r1 rfc 5114',
'ECP test vectors secp224k1',
'ECP test vectors secp224r1 rfc 5114',
'ECP test vectors secp256k1',
'ECP test vectors secp256r1 rfc 5114',
'ECP test vectors secp384r1 rfc 5114',
'ECP test vectors secp521r1 rfc 5114',
]
}
}
},
'analyze_driver_vs_reference_all_ec_algs_no_ecp': {
'test_function': do_analyze_driver_vs_reference,
'args': {
'component_ref': 'test_psa_crypto_full_reference_all_ec_algs_no_ecp_use_psa',
'component_driver': 'test_psa_crypto_full_accel_all_ec_algs_no_ecp_use_psa',
'ignored_suites': [
# Ignore test suites for the modules that are disabled in the
# accelerated test case.
'ecp',
'ecdsa',
'ecdh',
'ecjpake',
],
'ignored_tests': {
'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)',
],
'test_suite_psa_crypto': [
'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1',
'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)',
'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA',
'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1',
'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0',
'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1',
'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)',
'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)',
'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)',
'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)',
'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)',
'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)',
'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)',
]
}
}
},
@ -201,7 +304,7 @@ def main():
if options.list:
for task in TASKS:
print(task)
Results.log(task)
sys.exit(0)
result = True
@ -213,7 +316,7 @@ def main():
for task in tasks:
if task not in TASKS:
print('Error: invalid task: {}'.format(task))
Results.log('Error: invalid task: {}'.format(task))
sys.exit(1)
for task in TASKS:
@ -223,7 +326,7 @@ def main():
if result is False:
sys.exit(1)
print("SUCCESS :-)")
Results.log("SUCCESS :-)")
except Exception: # pylint: disable=broad-except
# Print the backtrace and exit explicitly with our chosen status.
traceback.print_exc()

2
tests/scripts/depends.py
View File

@ -277,7 +277,7 @@ REVERSE_DEPENDENCIES = {
# if a given define is the only one enabled from an exclusive group.
EXCLUSIVE_GROUPS = {
'MBEDTLS_SHA512_C': ['-MBEDTLS_SSL_COOKIE_C',
'-MBEDTLS_SSL_PROTO_TLS1_3'],
'-MBEDTLS_SSL_TLS_C'],
'MBEDTLS_ECP_DP_CURVE448_ENABLED': ['-MBEDTLS_ECDSA_C',
'-MBEDTLS_ECDSA_DETERMINISTIC',
'-MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',

2
tests/scripts/generate_pkcs7_tests.py
View File

@ -49,7 +49,7 @@ class TestData:
Take in test_suite_pkcs7.data file.
Allow for new tests to be added.
"""
mandatory_dep = "MBEDTLS_SHA256_C"
mandatory_dep = "MBEDTLS_MD_CAN_SHA256"
test_name = "PKCS7 Parse Failure Invalid ASN1"
test_function = "pkcs7_asn1_fail:"
def __init__(self, file_name):

162
tests/scripts/generate_test_code.py
View File

@ -171,6 +171,28 @@ import string
import argparse
# Types recognized as signed integer arguments in test functions.
SIGNED_INTEGER_TYPES = frozenset([
'char',
'short',
'short int',
'int',
'int8_t',
'int16_t',
'int32_t',
'int64_t',
'intmax_t',
'long',
'long int',
'long long int',
'mbedtls_mpi_sint',
'psa_status_t',
])
# Types recognized as string arguments in test functions.
STRING_TYPES = frozenset(['char*', 'const char*', 'char const*'])
# Types recognized as hex data arguments in test functions.
DATA_TYPES = frozenset(['data_t*', 'const data_t*', 'data_t const*'])
BEGIN_HEADER_REGEX = r'/\*\s*BEGIN_HEADER\s*\*/'
END_HEADER_REGEX = r'/\*\s*END_HEADER\s*\*/'
@ -192,9 +214,6 @@ CONDITION_REGEX = r'({})(?:\s*({})\s*({}))?$'.format(C_IDENTIFIER_REGEX,
CONDITION_OPERATOR_REGEX,
CONDITION_VALUE_REGEX)
TEST_FUNCTION_VALIDATION_REGEX = r'\s*void\s+(?P<func_name>\w+)\s*\('
INT_CHECK_REGEX = r'int\s+.*'
CHAR_CHECK_REGEX = r'char\s*\*\s*.*'
DATA_T_CHECK_REGEX = r'data_t\s*\*\s*.*'
FUNCTION_ARG_LIST_END_REGEX = r'.*\)'
EXIT_LABEL_REGEX = r'^exit:'
@ -303,7 +322,7 @@ def gen_function_wrapper(name, local_vars, args_dispatch):
:param name: Test function name
:param local_vars: Local variables declaration code
:param args_dispatch: List of dispatch arguments.
Ex: ['(char *)params[0]', '*((int *)params[1])']
Ex: ['(char *) params[0]', '*((int *) params[1])']
:return: Test function wrapper.
"""
# Then create the wrapper
@ -444,6 +463,49 @@ def parse_function_dependencies(line):
return dependencies
ARGUMENT_DECLARATION_REGEX = re.compile(r'(.+?) ?(?:\bconst\b)? ?(\w+)\Z', re.S)
def parse_function_argument(arg, arg_idx, args, local_vars, args_dispatch):
"""
Parses one test function's argument declaration.
:param arg: argument declaration.
:param arg_idx: current wrapper argument index.
:param args: accumulator of arguments' internal types.
:param local_vars: accumulator of internal variable declarations.
:param args_dispatch: accumulator of argument usage expressions.
:return: the number of new wrapper arguments,
or None if the argument declaration is invalid.
"""
# Normalize whitespace
arg = arg.strip()
arg = re.sub(r'\s*\*\s*', r'*', arg)
arg = re.sub(r'\s+', r' ', arg)
# Extract name and type
m = ARGUMENT_DECLARATION_REGEX.search(arg)
if not m:
# E.g. "int x[42]"
return None
typ, _ = m.groups()
if typ in SIGNED_INTEGER_TYPES:
args.append('int')
args_dispatch.append('((mbedtls_test_argument_t *) params[%d])->sint' % arg_idx)
return 1
if typ in STRING_TYPES:
args.append('char*')
args_dispatch.append('(char *) params[%d]' % arg_idx)
return 1
if typ in DATA_TYPES:
args.append('hex')
# create a structure
pointer_initializer = '(uint8_t *) params[%d]' % arg_idx
len_initializer = '((mbedtls_test_argument_t *) params[%d])->len' % (arg_idx+1)
local_vars.append(' data_t data%d = {%s, %s};\n' %
(arg_idx, pointer_initializer, len_initializer))
args_dispatch.append('&data%d' % arg_idx)
return 2
return None
ARGUMENT_LIST_REGEX = re.compile(r'\((.*?)\)', re.S)
def parse_function_arguments(line):
"""
Parses test function signature for validation and generates
@ -455,42 +517,27 @@ def parse_function_arguments(line):
:return: argument list, local variables for
wrapper function and argument dispatch code.
"""
args = []
local_vars = ''
args_dispatch = []
arg_idx = 0
# Remove characters before arguments
line = line[line.find('(') + 1:]
# Process arguments, ex: <type> arg1, <type> arg2 )
# This script assumes that the argument list is terminated by ')'
# i.e. the test functions will not have a function pointer
# argument.
for arg in line[:line.find(')')].split(','):
arg = arg.strip()
if arg == '':
continue
if re.search(INT_CHECK_REGEX, arg.strip()):
args.append('int')
args_dispatch.append('*( (int *) params[%d] )' % arg_idx)
elif re.search(CHAR_CHECK_REGEX, arg.strip()):
args.append('char*')
args_dispatch.append('(char *) params[%d]' % arg_idx)
elif re.search(DATA_T_CHECK_REGEX, arg.strip()):
args.append('hex')
# create a structure
pointer_initializer = '(uint8_t *) params[%d]' % arg_idx
len_initializer = '*( (uint32_t *) params[%d] )' % (arg_idx+1)
local_vars += """ data_t data%d = {%s, %s};
""" % (arg_idx, pointer_initializer, len_initializer)
args_dispatch.append('&data%d' % arg_idx)
arg_idx += 1
else:
m = ARGUMENT_LIST_REGEX.search(line)
arg_list = m.group(1).strip()
if arg_list in ['', 'void']:
return [], '', []
args = []
local_vars = []
args_dispatch = []
arg_idx = 0
for arg in arg_list.split(','):
indexes = parse_function_argument(arg, arg_idx,
args, local_vars, args_dispatch)
if indexes is None:
raise ValueError("Test function arguments can only be 'int', "
"'char *' or 'data_t'\n%s" % line)
arg_idx += 1
arg_idx += indexes
return args, local_vars, args_dispatch
return args, ''.join(local_vars), args_dispatch
def generate_function_code(name, code, local_vars, args_dispatch,
@ -705,7 +752,7 @@ def parse_test_data(data_f):
execution.
:param data_f: file object of the data file.
:return: Generator that yields test name, function name,
:return: Generator that yields line number, test name, function name,
dependency list and function argument list.
"""
__state_read_name = 0
@ -748,7 +795,7 @@ def parse_test_data(data_f):
parts = escaped_split(line, ':')
test_function = parts[0]
args = parts[1:]
yield name, test_function, dependencies, args
yield data_f.line_no, name, test_function, dependencies, args
dependencies = []
state = __state_read_name
if state == __state_read_args:
@ -846,6 +893,14 @@ def write_dependencies(out_data_f, test_dependencies, unique_dependencies):
return dep_check_code
INT_VAL_REGEX = re.compile(r'-?(\d+|0x[0-9a-f]+)$', re.I)
def val_is_int(val: str) -> bool:
"""Whether val is suitable as an 'int' parameter in the .datax file."""
if not INT_VAL_REGEX.match(val):
return False
# Limit the range to what is guaranteed to get through strtol()
return abs(int(val, 0)) <= 0x7fffffff
def write_parameters(out_data_f, test_args, func_args, unique_expressions):
"""
Writes test parameters to the intermediate data file, replacing
@ -864,9 +919,9 @@ def write_parameters(out_data_f, test_args, func_args, unique_expressions):
typ = func_args[i]
val = test_args[i]
# check if val is a non literal int val (i.e. an expression)
if typ == 'int' and not re.match(r'(\d+|0x[0-9a-f]+)$',
val, re.I):
# Pass small integer constants literally. This reduces the size of
# the C code. Register anything else as an expression.
if typ == 'int' and not val_is_int(val):
typ = 'exp'
if val not in unique_expressions:
unique_expressions.append(val)
@ -909,6 +964,24 @@ def gen_suite_dep_checks(suite_dependencies, dep_check_code, expression_code):
return dep_check_code, expression_code
def get_function_info(func_info, function_name, line_no):
"""Look up information about a test function by name.
Raise an informative expression if function_name is not found.
:param func_info: dictionary mapping function names to their information.
:param function_name: the function name as written in the .function and
.data files.
:param line_no: line number for error messages.
:return Function information (id, args).
"""
test_function_name = 'test_' + function_name
if test_function_name not in func_info:
raise GeneratorInputError("%d: Function %s not found!" %
(line_no, test_function_name))
return func_info[test_function_name]
def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies):
"""
This function reads test case name, dependencies and test vectors
@ -931,7 +1004,7 @@ def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies):
unique_expressions = []
dep_check_code = ''
expression_code = ''
for test_name, function_name, test_dependencies, test_args in \
for line_no, test_name, function_name, test_dependencies, test_args in \
parse_test_data(data_f):
out_data_f.write(test_name + '\n')
@ -940,18 +1013,15 @@ def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies):
unique_dependencies)
# Write test function name
test_function_name = 'test_' + function_name
if test_function_name not in func_info:
raise GeneratorInputError("Function %s not found!" %
test_function_name)
func_id, func_args = func_info[test_function_name]
func_id, func_args = \
get_function_info(func_info, function_name, line_no)
out_data_f.write(str(func_id))
# Write parameters
if len(test_args) != len(func_args):
raise GeneratorInputError("Invalid number of arguments in test "
raise GeneratorInputError("%d: Invalid number of arguments in test "
"%s. See function %s signature." %
(test_name, function_name))
(line_no, test_name, function_name))
expression_code += write_parameters(out_data_f, test_args, func_args,
unique_expressions)

1
tests/scripts/generate_tls13_compat_tests.py
View File

@ -352,7 +352,6 @@ class MbedTLSBase(TLSProgram):
if self._named_groups:
named_groups = ','.join(self._named_groups)
ret += ["curves={named_groups}".format(named_groups=named_groups)]
ret += ['force_version=tls13']
return ret
def pre_checks(self):

108
tests/scripts/test_generate_test_code.py
View File

@ -485,9 +485,10 @@ class ParseFuncSignature(TestCase):
args, local, arg_dispatch = parse_function_arguments(line)
self.assertEqual(args, ['char*', 'int', 'int'])
self.assertEqual(local, '')
self.assertEqual(arg_dispatch, ['(char *) params[0]',
'*( (int *) params[1] )',
'*( (int *) params[2] )'])
self.assertEqual(arg_dispatch,
['(char *) params[0]',
'((mbedtls_test_argument_t *) params[1])->sint',
'((mbedtls_test_argument_t *) params[2])->sint'])
def test_hex_params(self):
"""
@ -499,22 +500,22 @@ class ParseFuncSignature(TestCase):
self.assertEqual(args, ['char*', 'hex', 'int'])
self.assertEqual(local,
' data_t data1 = {(uint8_t *) params[1], '
'*( (uint32_t *) params[2] )};\n')
'((mbedtls_test_argument_t *) params[2])->len};\n')
self.assertEqual(arg_dispatch, ['(char *) params[0]',
'&data1',
'*( (int *) params[3] )'])
'((mbedtls_test_argument_t *) params[3])->sint'])
def test_unsupported_arg(self):
"""
Test unsupported arguments (not among int, char * and data_t)
Test unsupported argument type
:return:
"""
line = 'void entropy_threshold( char * a, data_t * h, char result )'
line = 'void entropy_threshold( char * a, data_t * h, unknown_t result )'
self.assertRaises(ValueError, parse_function_arguments, line)
def test_no_params(self):
def test_empty_params(self):
"""
Test no parameters.
Test no parameters (nothing between parentheses).
:return:
"""
line = 'void entropy_threshold()'
@ -523,6 +524,39 @@ class ParseFuncSignature(TestCase):
self.assertEqual(local, '')
self.assertEqual(arg_dispatch, [])
def test_blank_params(self):
"""
Test no parameters (space between parentheses).
:return:
"""
line = 'void entropy_threshold( )'
args, local, arg_dispatch = parse_function_arguments(line)
self.assertEqual(args, [])
self.assertEqual(local, '')
self.assertEqual(arg_dispatch, [])
def test_void_params(self):
"""
Test no parameters (void keyword).
:return:
"""
line = 'void entropy_threshold(void)'
args, local, arg_dispatch = parse_function_arguments(line)
self.assertEqual(args, [])
self.assertEqual(local, '')
self.assertEqual(arg_dispatch, [])
def test_void_space_params(self):
"""
Test no parameters (void with spaces).
:return:
"""
line = 'void entropy_threshold( void )'
args, local, arg_dispatch = parse_function_arguments(line)
self.assertEqual(args, [])
self.assertEqual(local, '')
self.assertEqual(arg_dispatch, [])
class ParseFunctionCode(TestCase):
"""
@ -1264,29 +1298,33 @@ dhm_selftest:
# List of (name, function_name, dependencies, args)
tests = list(parse_test_data(stream))
test1, test2, test3, test4 = tests
self.assertEqual(test1[0], 'Diffie-Hellman full exchange #1')
self.assertEqual(test1[1], 'dhm_do_dhm')
self.assertEqual(test1[2], [])
self.assertEqual(test1[3], ['10', '"23"', '10', '"5"'])
self.assertEqual(test1[0], 3)
self.assertEqual(test1[1], 'Diffie-Hellman full exchange #1')
self.assertEqual(test1[2], 'dhm_do_dhm')
self.assertEqual(test1[3], [])
self.assertEqual(test1[4], ['10', '"23"', '10', '"5"'])
self.assertEqual(test2[0], 'Diffie-Hellman full exchange #2')
self.assertEqual(test2[1], 'dhm_do_dhm')
self.assertEqual(test2[2], [])
self.assertEqual(test2[3], ['10', '"93450983094850938450983409623"',
self.assertEqual(test2[0], 6)
self.assertEqual(test2[1], 'Diffie-Hellman full exchange #2')
self.assertEqual(test2[2], 'dhm_do_dhm')
self.assertEqual(test2[3], [])
self.assertEqual(test2[4], ['10', '"93450983094850938450983409623"',
'10', '"9345098304850938450983409622"'])
self.assertEqual(test3[0], 'Diffie-Hellman full exchange #3')
self.assertEqual(test3[1], 'dhm_do_dhm')
self.assertEqual(test3[2], [])
self.assertEqual(test3[3], ['10',
self.assertEqual(test3[0], 9)
self.assertEqual(test3[1], 'Diffie-Hellman full exchange #3')
self.assertEqual(test3[2], 'dhm_do_dhm')
self.assertEqual(test3[3], [])
self.assertEqual(test3[4], ['10',
'"9345098382739712938719287391879381271"',
'10',
'"9345098792137312973297123912791271"'])
self.assertEqual(test4[0], 'Diffie-Hellman selftest')
self.assertEqual(test4[1], 'dhm_selftest')
self.assertEqual(test4[2], [])
self.assertEqual(test4[0], 12)
self.assertEqual(test4[1], 'Diffie-Hellman selftest')
self.assertEqual(test4[2], 'dhm_selftest')
self.assertEqual(test4[3], [])
self.assertEqual(test4[4], [])
def test_with_dependencies(self):
"""
@ -1306,15 +1344,17 @@ dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622"
# List of (name, function_name, dependencies, args)
tests = list(parse_test_data(stream))
test1, test2 = tests
self.assertEqual(test1[0], 'Diffie-Hellman full exchange #1')
self.assertEqual(test1[1], 'dhm_do_dhm')
self.assertEqual(test1[2], ['YAHOO'])
self.assertEqual(test1[3], ['10', '"23"', '10', '"5"'])
self.assertEqual(test1[0], 4)
self.assertEqual(test1[1], 'Diffie-Hellman full exchange #1')
self.assertEqual(test1[2], 'dhm_do_dhm')
self.assertEqual(test1[3], ['YAHOO'])
self.assertEqual(test1[4], ['10', '"23"', '10', '"5"'])
self.assertEqual(test2[0], 'Diffie-Hellman full exchange #2')
self.assertEqual(test2[1], 'dhm_do_dhm')
self.assertEqual(test2[2], [])
self.assertEqual(test2[3], ['10', '"93450983094850938450983409623"',
self.assertEqual(test2[0], 7)
self.assertEqual(test2[1], 'Diffie-Hellman full exchange #2')
self.assertEqual(test2[2], 'dhm_do_dhm')
self.assertEqual(test2[3], [])
self.assertEqual(test2[4], ['10', '"93450983094850938450983409623"',
'10', '"9345098304850938450983409622"'])
def test_no_args(self):
@ -1335,7 +1375,7 @@ dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622"
stream = StringIOWrapper('test_suite_ut.function', data)
err = None
try:
for _, _, _, _ in parse_test_data(stream):
for _, _, _, _, _ in parse_test_data(stream):
pass
except GeneratorInputError as err:
self.assertEqual(type(err), GeneratorInputError)
@ -1353,7 +1393,7 @@ depends_on:YAHOO
stream = StringIOWrapper('test_suite_ut.function', data)
err = None
try:
for _, _, _, _ in parse_test_data(stream):
for _, _, _, _, _ in parse_test_data(stream):
pass
except GeneratorInputError as err:
self.assertEqual(type(err), GeneratorInputError)

38
tests/src/certs.c
View File

@ -23,8 +23,6 @@
#include "mbedtls/build_info.h"
#include "mbedtls/legacy_or_psa.h"
#include "mbedtls/pk.h"
/*
@ -1569,13 +1567,13 @@ const size_t mbedtls_test_cli_crt_ec_len =
* Dispatch between SHA-1 and SHA-256
*/
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
#if defined(MBEDTLS_MD_CAN_SHA256)
#define TEST_CA_CRT_RSA TEST_CA_CRT_RSA_SHA256
#define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA256
#else
#define TEST_CA_CRT_RSA TEST_CA_CRT_RSA_SHA1
#define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA1
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
#endif /* MBEDTLS_MD_CAN_SHA256 */
const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA;
const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA;
@ -1674,10 +1672,10 @@ const size_t mbedtls_test_cli_crt_len =
/* List of CAs in PEM or DER, depending on config */
const char *mbedtls_test_cas[] = {
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA1)
mbedtls_test_ca_crt_rsa_sha1,
#endif
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256)
mbedtls_test_ca_crt_rsa_sha256,
#endif
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
@ -1686,10 +1684,10 @@ const char *mbedtls_test_cas[] = {
NULL
};
const size_t mbedtls_test_cas_len[] = {
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA1)
sizeof(mbedtls_test_ca_crt_rsa_sha1),
#endif
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256)
sizeof(mbedtls_test_ca_crt_rsa_sha256),
#endif
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
@ -1701,12 +1699,12 @@ const size_t mbedtls_test_cas_len[] = {
/* List of all available CA certificates in DER format */
const unsigned char *mbedtls_test_cas_der[] = {
#if defined(MBEDTLS_RSA_C)
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
#if defined(MBEDTLS_MD_CAN_SHA256)
mbedtls_test_ca_crt_rsa_sha256_der,
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
#endif /* MBEDTLS_MD_CAN_SHA256 */
#if defined(MBEDTLS_MD_CAN_SHA1)
mbedtls_test_ca_crt_rsa_sha1_der,
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* MBEDTLS_RSA_C */
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
mbedtls_test_ca_crt_ec_der,
@ -1716,12 +1714,12 @@ const unsigned char *mbedtls_test_cas_der[] = {
const size_t mbedtls_test_cas_der_len[] = {
#if defined(MBEDTLS_RSA_C)
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
#if defined(MBEDTLS_MD_CAN_SHA256)
sizeof(mbedtls_test_ca_crt_rsa_sha256_der),
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
#endif /* MBEDTLS_MD_CAN_SHA256 */
#if defined(MBEDTLS_MD_CAN_SHA1)
sizeof(mbedtls_test_ca_crt_rsa_sha1_der),
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* MBEDTLS_RSA_C */
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
sizeof(mbedtls_test_ca_crt_ec_der),
@ -1733,12 +1731,12 @@ const size_t mbedtls_test_cas_der_len[] = {
#if defined(MBEDTLS_PEM_PARSE_C)
const char mbedtls_test_cas_pem[] =
#if defined(MBEDTLS_RSA_C)
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
#if defined(MBEDTLS_MD_CAN_SHA256)
TEST_CA_CRT_RSA_SHA256_PEM
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
#endif /* MBEDTLS_MD_CAN_SHA256 */
#if defined(MBEDTLS_MD_CAN_SHA1)
TEST_CA_CRT_RSA_SHA1_PEM
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* MBEDTLS_RSA_C */
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
TEST_CA_CRT_EC_PEM

4
tests/src/drivers/hash.c
View File

@ -19,7 +19,7 @@
#include <test/helpers.h>
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa_crypto_hash.h"
#include "test/drivers/hash.h"
@ -208,4 +208,4 @@ psa_status_t mbedtls_test_transparent_hash_abort(
return mbedtls_test_driver_hash_hooks.driver_status;
}
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_DRIVER_TEST */

4
tests/src/drivers/test_driver_aead.c
View File

@ -19,7 +19,7 @@
#include <test/helpers.h>
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa_crypto_aead.h"
#include "psa_crypto_core.h"
@ -469,4 +469,4 @@ psa_status_t mbedtls_test_transparent_aead_abort(
return mbedtls_test_driver_aead_hooks.driver_status;
}
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_DRIVER_TEST */

4
tests/src/drivers/test_driver_asymmetric_encryption.c
View File

@ -19,7 +19,7 @@
#include <test/helpers.h>
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa/crypto.h"
#include "mbedtls/rsa.h"
#include "psa_crypto_rsa.h"
@ -160,4 +160,4 @@ psa_status_t mbedtls_test_opaque_asymmetric_decrypt(
return PSA_ERROR_NOT_SUPPORTED;
}
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_DRIVER_TEST */

4
tests/src/drivers/test_driver_cipher.c
View File

@ -20,7 +20,7 @@
#include <test/helpers.h>
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa/crypto.h"
#include "psa_crypto_cipher.h"
#include "psa_crypto_core.h"
@ -433,4 +433,4 @@ psa_status_t mbedtls_test_opaque_cipher_finish(
(void) output_length;
return PSA_ERROR_NOT_SUPPORTED;
}
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_DRIVER_TEST */

4
tests/src/drivers/test_driver_key_agreement.c
View File

@ -19,7 +19,7 @@
#include <test/helpers.h>
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa/crypto.h"
#include "psa_crypto_core.h"
@ -123,4 +123,4 @@ psa_status_t mbedtls_test_opaque_key_agreement(
return PSA_ERROR_NOT_SUPPORTED;
}
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_DRIVER_TEST */

4
tests/src/drivers/test_driver_key_management.c
View File

@ -20,7 +20,7 @@
#include <test/helpers.h>
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa/crypto.h"
#include "psa_crypto_core.h"
#include "psa_crypto_ecp.h"
@ -748,4 +748,4 @@ psa_status_t mbedtls_test_opaque_copy_key(
return PSA_SUCCESS;
}
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_DRIVER_TEST */

4
tests/src/drivers/test_driver_mac.c
View File

@ -19,7 +19,7 @@
#include <test/helpers.h>
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa_crypto_mac.h"
#include "test/drivers/mac.h"
@ -431,4 +431,4 @@ psa_status_t mbedtls_test_opaque_mac_abort(
return mbedtls_test_driver_mac_hooks.driver_status;
}
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_DRIVER_TEST */

212
tests/src/drivers/test_driver_pake.c Normal file
View File

@ -0,0 +1,212 @@
/*
* Test driver for MAC entry points.
*/
/* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <test/helpers.h>
#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa_crypto_pake.h"
#include "test/drivers/pake.h"
#include "string.h"
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
#include "libtestdriver1/library/psa_crypto_pake.h"
#endif
mbedtls_test_driver_pake_hooks_t mbedtls_test_driver_pake_hooks =
MBEDTLS_TEST_DRIVER_PAKE_INIT;
psa_status_t mbedtls_test_transparent_pake_setup(
mbedtls_transparent_test_driver_pake_operation_t *operation,
const psa_crypto_driver_pake_inputs_t *inputs)
{
mbedtls_test_driver_pake_hooks.hits.total++;
mbedtls_test_driver_pake_hooks.hits.setup++;
if (mbedtls_test_driver_pake_hooks.forced_setup_status != PSA_SUCCESS) {
mbedtls_test_driver_pake_hooks.driver_status =
mbedtls_test_driver_pake_hooks.forced_setup_status;
} else {
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
mbedtls_test_driver_pake_hooks.driver_status =
libtestdriver1_mbedtls_psa_pake_setup(
operation, (const libtestdriver1_psa_crypto_driver_pake_inputs_t *) inputs);
#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
mbedtls_test_driver_pake_hooks.driver_status =
mbedtls_psa_pake_setup(
operation, inputs);
#else
(void) operation;
(void) inputs;
mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
#endif
}
return mbedtls_test_driver_pake_hooks.driver_status;
}
psa_status_t mbedtls_test_transparent_pake_output(
mbedtls_transparent_test_driver_pake_operation_t *operation,
psa_crypto_driver_pake_step_t step,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
mbedtls_test_driver_pake_hooks.hits.total++;
mbedtls_test_driver_pake_hooks.hits.output++;
if (mbedtls_test_driver_pake_hooks.forced_output != NULL) {
if (output_size < mbedtls_test_driver_pake_hooks.forced_output_length) {
return PSA_ERROR_BUFFER_TOO_SMALL;
}
memcpy(output,
mbedtls_test_driver_pake_hooks.forced_output,
mbedtls_test_driver_pake_hooks.forced_output_length);
*output_length = mbedtls_test_driver_pake_hooks.forced_output_length;
return mbedtls_test_driver_pake_hooks.forced_status;
}
if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) {
mbedtls_test_driver_pake_hooks.driver_status =
mbedtls_test_driver_pake_hooks.forced_status;
} else {
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
mbedtls_test_driver_pake_hooks.driver_status =
libtestdriver1_mbedtls_psa_pake_output(
operation, step, output, output_size, output_length);
#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
mbedtls_test_driver_pake_hooks.driver_status =
mbedtls_psa_pake_output(
operation, step, output, output_size, output_length);
#else
(void) operation;
(void) step;
(void) output;
(void) output_size;
(void) output_length;
mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
#endif
}
return mbedtls_test_driver_pake_hooks.driver_status;
}
psa_status_t mbedtls_test_transparent_pake_input(
mbedtls_transparent_test_driver_pake_operation_t *operation,
psa_crypto_driver_pake_step_t step,
const uint8_t *input,
size_t input_length)
{
mbedtls_test_driver_pake_hooks.hits.total++;
mbedtls_test_driver_pake_hooks.hits.input++;
if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) {
mbedtls_test_driver_pake_hooks.driver_status =
mbedtls_test_driver_pake_hooks.forced_status;
} else {
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
mbedtls_test_driver_pake_hooks.driver_status =
libtestdriver1_mbedtls_psa_pake_input(
operation, step, input, input_length);
#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
mbedtls_test_driver_pake_hooks.driver_status =
mbedtls_psa_pake_input(
operation, step, input, input_length);
#else
(void) operation;
(void) step;
(void) input;
(void) input_length;
mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
#endif
}
return mbedtls_test_driver_pake_hooks.driver_status;
}
psa_status_t mbedtls_test_transparent_pake_get_implicit_key(
mbedtls_transparent_test_driver_pake_operation_t *operation,
uint8_t *output, size_t output_size, size_t *output_length)
{
mbedtls_test_driver_pake_hooks.hits.total++;
mbedtls_test_driver_pake_hooks.hits.implicit_key++;
if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) {
mbedtls_test_driver_pake_hooks.driver_status =
mbedtls_test_driver_pake_hooks.forced_status;
} else {
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
mbedtls_test_driver_pake_hooks.driver_status =
libtestdriver1_mbedtls_psa_pake_get_implicit_key(
operation, output, output_size, output_length);
#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
mbedtls_test_driver_pake_hooks.driver_status =
mbedtls_psa_pake_get_implicit_key(
operation, output, output_size, output_length);
#else
(void) operation;
(void) output;
(void) output_size;
(void) output_length;
mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
#endif
}
return mbedtls_test_driver_pake_hooks.driver_status;
}
psa_status_t mbedtls_test_transparent_pake_abort(
mbedtls_transparent_test_driver_pake_operation_t *operation)
{
mbedtls_test_driver_pake_hooks.hits.total++;
mbedtls_test_driver_pake_hooks.hits.abort++;
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
mbedtls_test_driver_pake_hooks.driver_status =
libtestdriver1_mbedtls_psa_pake_abort(
operation);
#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
mbedtls_test_driver_pake_hooks.driver_status =
mbedtls_psa_pake_abort(
operation);
#else
(void) operation;
mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
#endif
if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS &&
mbedtls_test_driver_pake_hooks.driver_status == PSA_SUCCESS) {
mbedtls_test_driver_pake_hooks.driver_status =
mbedtls_test_driver_pake_hooks.forced_status;
}
return mbedtls_test_driver_pake_hooks.driver_status;
}
#endif /* PSA_CRYPTO_DRIVER_TEST */

4
tests/src/drivers/test_driver_signature.c
View File

@ -21,7 +21,7 @@
#include <test/helpers.h>
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa/crypto.h"
#include "psa_crypto_core.h"
#include "psa_crypto_ecp.h"
@ -414,4 +414,4 @@ psa_status_t mbedtls_test_opaque_signature_verify_hash(
return PSA_ERROR_NOT_SUPPORTED;
}
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_DRIVER_TEST */

11
tests/src/psa_crypto_helpers.c
View File

@ -138,4 +138,15 @@ psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags)
return updated_usage;
}
int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename)
{
const char *msg = mbedtls_test_helper_is_psa_leaking();
if (msg == NULL) {
return 0;
} else {
mbedtls_test_fail(msg, line_no, filename);
return 1;
}
}
#endif /* MBEDTLS_PSA_CRYPTO_C */

12
tests/src/psa_exercise_key.c
View File

@ -727,14 +727,12 @@ int mbedtls_test_psa_exported_key_sanity_check(
} else
#endif /* MBEDTLS_ASN1_PARSE_C */
#if defined(MBEDTLS_ECP_C)
if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) {
/* Just the secret value */
TEST_EQUAL(exported_length, PSA_BITS_TO_BYTES(bits));
TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE);
} else
#endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_ASN1_PARSE_C)
if (type == PSA_KEY_TYPE_RSA_PUBLIC_KEY) {
@ -766,7 +764,6 @@ int mbedtls_test_psa_exported_key_sanity_check(
} else
#endif /* MBEDTLS_ASN1_PARSE_C */
#if defined(MBEDTLS_ECP_C)
if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)) {
TEST_ASSERT(exported_length <=
@ -778,6 +775,10 @@ int mbedtls_test_psa_exported_key_sanity_check(
/* The representation of an ECC Montgomery public key is
* the raw compressed point */
TEST_EQUAL(PSA_BITS_TO_BYTES(bits), exported_length);
} else if (PSA_KEY_TYPE_ECC_GET_FAMILY(type) == PSA_ECC_FAMILY_TWISTED_EDWARDS) {
/* The representation of an ECC Edwards public key is
* the raw compressed point */
TEST_EQUAL(PSA_BITS_TO_BYTES(bits + 1), exported_length);
} else {
/* The representation of an ECC Weierstrass public key is:
* - The byte 0x04;
@ -788,10 +789,7 @@ int mbedtls_test_psa_exported_key_sanity_check(
TEST_EQUAL(1 + 2 * PSA_BITS_TO_BYTES(bits), exported_length);
TEST_EQUAL(exported[0], 4);
}
} else
#endif /* MBEDTLS_ECP_C */
{
} else {
(void) exported;
TEST_ASSERT(!"Sanity check not implemented for this key type");
}

3
tests/src/random.c
View File

@ -36,6 +36,7 @@
#include <string.h>
#include <mbedtls/entropy.h>
#include "../../library/alignment.h"
int mbedtls_test_rnd_std_rand(void *rng_state,
unsigned char *output,
@ -137,7 +138,7 @@ int mbedtls_test_rnd_pseudo_rand(void *rng_state,
+ info->v0) ^ (sum + k[(sum>>11) & 3]);
}
PUT_UINT32_BE(info->v0, result, 0);
MBEDTLS_PUT_UINT32_BE(info->v0, result, 0);
memcpy(out, result, use_len);
len -= use_len;
out += 4;

2240
tests/src/test_helpers/ssl_helpers.c Normal file
View File

File diff suppressed because it is too large Load Diff

1432
tests/ssl-opt.sh
View File

File diff suppressed because it is too large Load Diff

41
tests/suites/helpers.function
View File

@ -2,13 +2,18 @@
/*----------------------------------------------------------------------------*/
/* Headers */
#include <test/arguments.h>
#include <test/helpers.h>
#include <test/macros.h>
#include <test/random.h>
#include <test/bignum_helpers.h>
#include <test/psa_crypto_helpers.h>
#include <errno.h>
#include <limits.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#if defined(MBEDTLS_ERROR_C)
#include "mbedtls/error.h"
@ -19,23 +24,6 @@
#include "mbedtls/memory_buffer_alloc.h"
#endif
#ifdef _MSC_VER
#include <basetsd.h>
typedef UINT8 uint8_t;
typedef INT32 int32_t;
typedef UINT32 uint32_t;
#define strncasecmp _strnicmp
#define strcasecmp _stricmp
#else
#include <stdint.h>
#endif
#include <string.h>
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) || defined(__MINGW32__)
#include <strings.h>
#endif
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
#include <unistd.h>
#endif
@ -76,25 +64,6 @@ typedef UINT32 uint32_t;
/*----------------------------------------------------------------------------*/
/* Helper Functions */
#if defined(MBEDTLS_PSA_CRYPTO_C)
/** Check that no PSA Crypto key slots are in use.
*
* If any slots are in use, mark the current test as failed.
*
* \return 0 if the key store is empty, 1 otherwise.
*/
int test_fail_if_psa_leaking(int line_no, const char *filename)
{
const char *msg = mbedtls_test_helper_is_psa_leaking();
if (msg == NULL) {
return 0;
} else {
mbedtls_test_fail(msg, line_no, filename);
return 1;
}
}
#endif /* defined(MBEDTLS_PSA_CRYPTO_C) */
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
static int redirect_output(FILE *out_stream, const char *path)
{

89
tests/suites/host_test.function
View File

@ -28,50 +28,28 @@ int verify_string(char **str)
* integer value.
*
* \param str Input string.
* \param value Pointer to int for output value.
* \param p_value Pointer to output value.
*
* \return 0 if success else 1
*/
int verify_int(char *str, int32_t *value)
int verify_int(char *str, intmax_t *p_value)
{
size_t i;
int minus = 0;
int digits = 1;
int hex = 0;
for (i = 0; i < strlen(str); i++) {
if (i == 0 && str[i] == '-') {
minus = 1;
continue;
}
if (((minus && i == 2) || (!minus && i == 1)) &&
str[i - 1] == '0' && (str[i] == 'x' || str[i] == 'X')) {
hex = 1;
continue;
}
if (!((str[i] >= '0' && str[i] <= '9') ||
(hex && ((str[i] >= 'a' && str[i] <= 'f') ||
(str[i] >= 'A' && str[i] <= 'F'))))) {
digits = 0;
break;
}
char *end = NULL;
errno = 0;
/* Limit the range to long: for large integers, the test framework will
* use expressions anyway. */
long value = strtol(str, &end, 0);
if (errno == EINVAL || *end != '\0') {
mbedtls_fprintf(stderr,
"Expected integer for parameter and got: %s\n", str);
return KEY_VALUE_MAPPING_NOT_FOUND;
}
if (digits) {
if (hex) {
*value = strtol(str, NULL, 16);
} else {
*value = strtol(str, NULL, 10);
}
return 0;
if (errno == ERANGE) {
mbedtls_fprintf(stderr, "Integer out of range: %s\n", str);
return KEY_VALUE_MAPPING_NOT_FOUND;
}
mbedtls_fprintf(stderr,
"Expected integer for parameter and got: %s\n", str);
return KEY_VALUE_MAPPING_NOT_FOUND;
*p_value = value;
return 0;
}
@ -180,24 +158,24 @@ static int parse_arguments(char *buf, size_t len, char **params,
p++;
}
/* Replace newlines, question marks and colons in strings */
/* Replace backslash escapes in strings */
for (i = 0; i < cnt; i++) {
p = params[i];
q = params[i];
while (*p != '\0') {
if (*p == '\\' && *(p + 1) == 'n') {
p += 2;
*(q++) = '\n';
} else if (*p == '\\' && *(p + 1) == ':') {
p += 2;
*(q++) = ':';
} else if (*p == '\\' && *(p + 1) == '?') {
p += 2;
*(q++) = '?';
} else {
*(q++) = *(p++);
if (*p == '\\') {
++p;
switch (*p) {
case 'n':
*p = '\n';
break;
default:
// Fall through to copying *p
break;
}
}
*(q++) = *(p++);
}
*q = '\0';
}
@ -223,7 +201,8 @@ static int parse_arguments(char *buf, size_t len, char **params,
*
* \return 0 for success else 1
*/
static int convert_params(size_t cnt, char **params, int32_t *int_params_store)
static int convert_params(size_t cnt, char **params,
mbedtls_test_argument_t *int_params_store)
{
char **cur = params;
char **out = params;
@ -241,7 +220,7 @@ static int convert_params(size_t cnt, char **params, int32_t *int_params_store)
break;
}
} else if (strcmp(type, "int") == 0) {
if (verify_int(val, int_params_store) == 0) {
if (verify_int(val, &int_params_store->sint) == 0) {
*out++ = (char *) int_params_store++;
} else {
ret = (DISPATCH_INVALID_TEST_DATA);
@ -255,7 +234,7 @@ static int convert_params(size_t cnt, char **params, int32_t *int_params_store)
mbedtls_test_unhexify((unsigned char *) val, strlen(val),
val, &len) == 0);
*int_params_store = len;
int_params_store->len = len;
*out++ = val;
*out++ = (char *) (int_params_store++);
} else {
@ -264,7 +243,7 @@ static int convert_params(size_t cnt, char **params, int32_t *int_params_store)
}
} else if (strcmp(type, "exp") == 0) {
int exp_id = strtol(val, NULL, 10);
if (get_expression(exp_id, int_params_store) == 0) {
if (get_expression(exp_id, &int_params_store->sint) == 0) {
*out++ = (char *) int_params_store++;
} else {
ret = (DISPATCH_INVALID_TEST_DATA);
@ -483,7 +462,7 @@ int execute_tests(int argc, const char **argv)
char buf[5000];
char *params[50];
/* Store for processed integer params. */
int32_t int_params[50];
mbedtls_test_argument_t int_params[50];
void *pointer;
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
int stdout_fd = -1;

2
tests/suites/main_test.function
View File

@ -69,7 +69,7 @@ __MBEDTLS_TEST_TEMPLATE__FUNCTIONS_CODE
*
* \return 0 if exp_id is found. 1 otherwise.
*/
int get_expression(int32_t exp_id, int32_t *out_value)
int get_expression(int32_t exp_id, intmax_t *out_value)
{
int ret = KEY_VALUE_MAPPING_FOUND;

10
tests/suites/test_suite_aes.ecb.data
View File

@ -229,5 +229,11 @@ aes_decrypt_ecb:"000000000000000000000000000000000000000000000000000000000000000
AES-256-ECB Decrypt NIST KAT #12
aes_decrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"9b80eefb7ebe2d2b16247aa0efc72f5d":"e0000000000000000000000000000000":0
AES-256-ECB Copy Context NIST KAT #1
aes_ecb_copy_context:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"00000000000000000000000000000000"
AES-128-ECB Copy context
aes_ecb_copy_context:"000102030405060708090a0b0c0d0e0f"
AES-192-ECB Copy context
aes_ecb_copy_context:"000102030405060708090a0b0c0d0e0f1011121314151617"
AES-256-ECB Copy context
aes_ecb_copy_context:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"

155
tests/suites/test_suite_aes.function
View File

@ -1,5 +1,61 @@
/* BEGIN_HEADER */
#include "mbedtls/aes.h"
/* Test AES with a copied context.
*
* master, enc and dec must be AES context objects. They don't need to
* be initialized, and are left freed.
*/
static int test_copy(const data_t *key,
mbedtls_aes_context *master,
mbedtls_aes_context *enc,
mbedtls_aes_context *dec)
{
unsigned char plaintext[16] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
};
unsigned char ciphertext[16];
unsigned char output[16];
// Set key and encrypt with original context
mbedtls_aes_init(master);
TEST_ASSERT(mbedtls_aes_setkey_enc(master, key->x,
key->len * 8) == 0);
TEST_ASSERT(mbedtls_aes_crypt_ecb(master, MBEDTLS_AES_ENCRYPT,
plaintext, ciphertext) == 0);
*enc = *master;
// Set key for decryption with original context
mbedtls_aes_init(master);
TEST_ASSERT(mbedtls_aes_setkey_dec(master, key->x,
key->len * 8) == 0);
*dec = *master;
// Wipe the original context to make sure nothing from it is used
memset(master, 0, sizeof(*master));
// Encrypt with copied context
TEST_ASSERT(mbedtls_aes_crypt_ecb(enc, MBEDTLS_AES_ENCRYPT,
plaintext, output) == 0);
ASSERT_COMPARE(ciphertext, 16, output, 16);
mbedtls_aes_free(enc);
// Decrypt with copied context
TEST_ASSERT(mbedtls_aes_crypt_ecb(dec, MBEDTLS_AES_DECRYPT,
ciphertext, output) == 0);
ASSERT_COMPARE(plaintext, 16, output, 16);
mbedtls_aes_free(dec);
return 1;
exit:
/* Bug: we may be leaving something unfreed. This is harmless
* in our built-in implementations, but might cause a memory leak
* with alternative implementations. */
return 0;
}
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@ -468,32 +524,89 @@ void aes_misc_params()
/* END_CASE */
/* BEGIN_CASE */
void aes_ecb_copy_context(data_t *key_str, data_t *src_str)
void aes_ecb_copy_context(data_t *key)
{
unsigned char output1[16], output2[16], plain[16];
mbedtls_aes_context ctx1, ctx2, ctx3;
/* We test context copying multiple times, with different alignments
* of the original and of the copies. */
// Set key and encrypt with original context
mbedtls_aes_init(&ctx1);
TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx1, key_str->x,
key_str->len * 8) == 0);
TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx1, MBEDTLS_AES_ENCRYPT,
src_str->x, output1) == 0);
struct align0 {
mbedtls_aes_context ctx;
};
struct align0 *src0 = NULL;
struct align0 *enc0 = NULL;
struct align0 *dec0 = NULL;
ctx2 = ctx1;
TEST_ASSERT(mbedtls_aes_setkey_dec(&ctx1, key_str->x,
key_str->len * 8) == 0);
ctx3 = ctx1;
memset(&ctx1, 0, sizeof(ctx1));
struct align1 {
char bump;
mbedtls_aes_context ctx;
};
struct align1 *src1 = NULL;
struct align1 *enc1 = NULL;
struct align1 *dec1 = NULL;
// Encrypt and decrypt with copied context
TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx2, MBEDTLS_AES_ENCRYPT,
src_str->x, output2) == 0);
TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx3, MBEDTLS_AES_DECRYPT,
output1, plain) == 0);
/* All peak alignment */
ASSERT_ALLOC(src0, 1);
ASSERT_ALLOC(enc0, 1);
ASSERT_ALLOC(dec0, 1);
if (!test_copy(key, &src0->ctx, &enc0->ctx, &dec0->ctx)) {
goto exit;
}
mbedtls_free(src0);
src0 = NULL;
mbedtls_free(enc0);
enc0 = NULL;
mbedtls_free(dec0);
dec0 = NULL;
TEST_ASSERT(mbedtls_test_hexcmp(output1, output2, 16, 16) == 0);
TEST_ASSERT(mbedtls_test_hexcmp(src_str->x, plain, src_str->len, 16) == 0);
/* Original shifted */
ASSERT_ALLOC(src1, 1);
ASSERT_ALLOC(enc0, 1);
ASSERT_ALLOC(dec0, 1);
if (!test_copy(key, &src1->ctx, &enc0->ctx, &dec0->ctx)) {
goto exit;
}
mbedtls_free(src1);
src1 = NULL;
mbedtls_free(enc0);
enc0 = NULL;
mbedtls_free(dec0);
dec0 = NULL;
/* Copies shifted */
ASSERT_ALLOC(src0, 1);
ASSERT_ALLOC(enc1, 1);
ASSERT_ALLOC(dec1, 1);
if (!test_copy(key, &src0->ctx, &enc1->ctx, &dec1->ctx)) {
goto exit;
}
mbedtls_free(src0);
src0 = NULL;
mbedtls_free(enc1);
enc1 = NULL;
mbedtls_free(dec1);
dec1 = NULL;
/* Source and copies shifted */
ASSERT_ALLOC(src1, 1);
ASSERT_ALLOC(enc1, 1);
ASSERT_ALLOC(dec1, 1);
if (!test_copy(key, &src1->ctx, &enc1->ctx, &dec1->ctx)) {
goto exit;
}
mbedtls_free(src1);
src1 = NULL;
mbedtls_free(enc1);
enc1 = NULL;
mbedtls_free(dec1);
dec1 = NULL;
exit:
mbedtls_free(src0);
mbedtls_free(enc0);
mbedtls_free(dec0);
mbedtls_free(src1);
mbedtls_free(enc1);
mbedtls_free(dec1);
}
/* END_CASE */

54
tests/suites/test_suite_alignment.function
View File

@ -12,18 +12,15 @@
*/
int parse_hex_string(char *hex_string, uint64_t *result)
{
uint8_t raw[8];
uint8_t raw[8] = { 0 };
size_t olen;
if (mbedtls_test_unhexify(raw, sizeof(raw), hex_string, &olen) != 0) {
return 0;
}
*result = 0;
for (size_t i = 0; i < olen; i++) {
if (MBEDTLS_IS_BIG_ENDIAN) {
*result |= ((uint64_t) raw[i]) << (i * 8);
} else {
*result |= ((uint64_t) raw[i]) << ((olen - i - 1) * 8);
}
*result |= ((uint64_t) raw[i]) << ((olen - i - 1) * 8);
}
return 1;
}
@ -57,44 +54,29 @@ void mbedtls_unaligned_access(int size, int offset)
break;
}
/* Generate expected result */
/* Define expected result by manually aligning the raw bytes, and
* reading back with a normal pointer access. */
uint64_t raw_aligned_64;
uint16_t *raw_aligned_16 = (uint16_t *) &raw_aligned_64;
uint32_t *raw_aligned_32 = (uint32_t *) &raw_aligned_64;
memcpy(&raw_aligned_64, ((uint8_t *) &raw) + offset, size / 8);
/* Make a 16/32/64 byte read from the aligned location, and copy to expected */
uint64_t expected = 0;
for (uint8_t i = 0; i < 8; i++) {
uint8_t shift;
if (MBEDTLS_IS_BIG_ENDIAN) {
/*
* Similar to little-endian case described below, but the shift needs
* to be inverted
*/
shift = 7 - (i * 8);
} else {
/* example for offset == 1:
* expected = (( 1 + 0 ) << (0 * 8)) | (( 1 + 1 ) << (1 * 8)) | (( 1 + 2 ) << (2 * 8)))
* = (1 << 0) | (2 << 8) | (3 << 16) ...
* = 0x0807060504030201
* x = { 0, 1, 2, 3, ... }
* ie expected is the value that would be read from x on a LE system, when
* byte swapping is not performed
*/
shift = i * 8;
}
uint64_t b = offset + i;
expected |= b << shift;
}
/* Mask out excess bits from expected result */
switch (size) {
case 16:
expected &= 0xffff;
expected = *raw_aligned_16;
break;
case 32:
expected &= 0xffffffff;
expected = *raw_aligned_32;
break;
case 64:
expected = raw_aligned_64;
break;
}
TEST_EQUAL(r, expected);
/* Write sentinel to the part of the array we will testing writing to */
/* Write sentinel to the part of the array we will test writing to */
for (size_t i = 0; i < (size_t) (size / 8); i++) {
x[i + offset] = 0xff;
}
@ -122,7 +104,7 @@ void mbedtls_unaligned_access(int size, int offset)
/* BEGIN_CASE */
void mbedtls_byteswap(char *input_str, int size, char *expected_str)
{
uint64_t input, expected;
uint64_t input = 0, expected = 0;
TEST_ASSERT(parse_hex_string(input_str, &input));
TEST_ASSERT(parse_hex_string(expected_str, &expected));
@ -315,7 +297,7 @@ void unaligned_access_endian_aware(int size, int offset, int big_endian)
/* Verify read */
TEST_EQUAL(read, expected);
/* Test writing back to memory. First write sentiel */
/* Test writing back to memory. First write sentinel */
for (size_t i = 0; i < (size_t) (size / 8); i++) {
x[i + offset] = 0xff;
}

39
tests/suites/test_suite_bignum.function
View File

@ -133,7 +133,7 @@ void mpi_read_write_string(int radix_X, char *input_X, int radix_A,
TEST_ASSERT(sign_is_valid(&X));
TEST_ASSERT(mbedtls_mpi_write_string(&X, radix_A, str, output_size, &len) == result_write);
if (result_write == 0) {
TEST_ASSERT(strcasecmp(str, input_A) == 0);
TEST_ASSERT(strcmp(str, input_A) == 0);
TEST_ASSERT(str[len] == '!');
}
}
@ -923,47 +923,16 @@ exit:
/* END_CASE */
/* BEGIN_CASE */
void mpi_mod_int(char *input_X, char *input_Y,
char *input_A, int mod_result)
void mpi_mod_int(char *input_X, mbedtls_mpi_sint y,
mbedtls_mpi_sint a, int mod_result)
{
mbedtls_mpi X;
mbedtls_mpi Y;
mbedtls_mpi A;
int res;
mbedtls_mpi_uint r;
mbedtls_mpi_init(&X);
mbedtls_mpi_init(&Y);
mbedtls_mpi_init(&A);
/* We use MPIs to read Y and A since the test framework limits us to
* ints, so we can't have 64-bit values */
TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0);
TEST_EQUAL(mbedtls_test_read_mpi(&Y, input_Y), 0);
TEST_EQUAL(mbedtls_test_read_mpi(&A, input_A), 0);
TEST_EQUAL(Y.n, 1);
TEST_EQUAL(A.n, 1);
/* Convert the MPIs for Y and A to (signed) mbedtls_mpi_sints */
/* Since we're converting sign+magnitude to two's complement, we lose one
* bit of value in the output. This means there are some values we can't
* represent, e.g. (hex) -A0000000 on 32-bit systems. These are technically
* invalid test cases, so could be considered "won't happen", but they are
* easy to test for, and this helps guard against human error. */
mbedtls_mpi_sint y = (mbedtls_mpi_sint) Y.p[0];
TEST_ASSERT(y >= 0); /* If y < 0 here, we can't make negative y */
if (Y.s == -1) {
y = -y;
}
mbedtls_mpi_sint a = (mbedtls_mpi_sint) A.p[0];
TEST_ASSERT(a >= 0); /* Same goes for a */
if (A.s == -1) {
a = -a;
}
res = mbedtls_mpi_mod_int(&r, &X, y);
TEST_EQUAL(res, mod_result);
@ -973,8 +942,6 @@ void mpi_mod_int(char *input_X, char *input_Y,
exit:
mbedtls_mpi_free(&X);
mbedtls_mpi_free(&Y);
mbedtls_mpi_free(&A);
}
/* END_CASE */

36
tests/suites/test_suite_bignum.misc.data
View File

@ -56,10 +56,10 @@ Test mpi_read_write_string #5 (Illegal output radix)
mpi_read_write_string:16:"-23":17:"-23":4:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
Test mpi_read_write_string #6 (Output radix of 15)
mpi_read_write_string:10:"29":15:"1e":100:0:0
mpi_read_write_string:10:"29":15:"1E":100:0:0
Test mpi_read_write_string #7
mpi_read_write_string:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0:0
mpi_read_write_string:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"0941379D00FED1491FE15DF284DFDE4A142F68AA8D412023195CEE66883E6290FFE703F4EA5963BF212713CEE46B107C09182B5EDCD955ADAC418BF4918E2889AF48E1099D513830CEC85C26AC1E158B52620E33BA8692F893EFBB2F958B4424":200:0:0
Test mpi_read_write_string #8 (Empty MPI hex -> hex)
mpi_read_write_string:16:"":16:"":4:0:0
@ -1229,45 +1229,45 @@ Test mbedtls_mpi_mod_mpi: -0 (null) % -42
mpi_mod_mpi:"-":"-2a":"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
Base test mbedtls_mpi_mod_int #1
mpi_mod_int:"3e8":"d":"c":0
mpi_mod_int:"3e8":0xd:0xc:0
Base test mbedtls_mpi_mod_int #2 (Divide by zero)
mpi_mod_int:"3e8":"0":"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
mpi_mod_int:"3e8":0x0:0x0:MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
Base test mbedtls_mpi_mod_int #3
mpi_mod_int:"-3e8":"d":"1":0
mpi_mod_int:"-3e8":0xd:0x1:0
Base test mbedtls_mpi_mod_int #4 (Negative modulo)
mpi_mod_int:"3e8":"-d":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
mpi_mod_int:"3e8":-0xd:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
Base test mbedtls_mpi_mod_int #5 (Negative modulo)
mpi_mod_int:"-3e8":"-d":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
mpi_mod_int:"-3e8":-0xd:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
Base test mbedtls_mpi_mod_int #6 (By 1)
mpi_mod_int:"3e8":"1":"0":0
mpi_mod_int:"3e8":0x1:0x0:0
Base test mbedtls_mpi_mod_int #7 (By 2)
mpi_mod_int:"3e9":"2":"1":0
mpi_mod_int:"3e9":0x2:0x1:0
Base test mbedtls_mpi_mod_int #8 (By 2)
mpi_mod_int:"3e8":"2":"0":0
mpi_mod_int:"3e8":0x2:0x0:0
Test mbedtls_mpi_mod_int: 0 (null) % 1
mpi_mod_int:"":"1":"0":0
mpi_mod_int:"":0x1:0x0:0
Test mbedtls_mpi_mod_int: 0 (null) % 2
mpi_mod_int:"":"2":"0":0
mpi_mod_int:"":0x2:0x0:0
Test mbedtls_mpi_mod_int: 0 (null) % -1
mpi_mod_int:"":"-1":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
mpi_mod_int:"":-0x1:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
Test mbedtls_mpi_mod_int: 0 (null) % -2
mpi_mod_int:"":"-2":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
mpi_mod_int:"":-0x2:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
# CURRENTLY FAILS - SEE GITHUB ISSUE #6540
#Test mbedtls_mpi_mod_int: 230772460340063000000100500000300000010 % 5178236083361335880 -> 3386266129388798810
#depends_on:MBEDTLS_HAVE_INT64
#mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA4847DCCA48":"2EFE6F1A7D28035A":0
#mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":0x47DCCA4847DCCA48:0x2EFE6F1A7D28035A:0
Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000300000010 % 5178236083361335880 -> 3386266129388798810
mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA4847DCCA48":"2EFE6F1A7D28035A":0
@ -1275,7 +1275,7 @@ mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA4847DCCA48":"2EFE6F1A7D280
# CURRENTLY FAILS - SEE GITHUB ISSUE #6540
#Test mbedtls_mpi_mod_int: 230772460340062999996714233870911201200 % 5178236083361335880 -> 0
#depends_on:MBEDTLS_HAVE_INT64
#mpi_mod_int:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":"47DCCA4847DCCA48":"0":0
#mpi_mod_int:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":0x47DCCA4847DCCA48:0x0:0
Test mbedtls_mpi_mod_mpi: 230772460340062999996714233870911201200 % 5178236083361335880 -> 0
mpi_mod_mpi:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":"47DCCA4847DCCA48":"0":0
@ -1283,7 +1283,7 @@ mpi_mod_mpi:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":"47DCCA4847DCCA48":"0":0
# CURRENTLY FAILS WHEN MPIS ARE 32-BIT (ISSUE #6450): WHEN FIXED, REMOVE "depends_on" LINE
Test mbedtls_mpi_mod_int: 230772460340063000000100500000300000010 % 1205652040 -> 3644370
depends_on:MBEDTLS_HAVE_INT64
mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA48":"379BD2":0
mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":0x47DCCA48:0x379BD2:0
Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000300000010 % 1205652040 -> 3644370
mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA48":"379BD2":0
@ -1291,7 +1291,7 @@ mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA48":"379BD2":0
# CURRENTLY FAILS WHEN MPIS ARE 32-BIT (ISSUE #6450): WHEN FIXED, REMOVE "depends_on" LINE
Test mbedtls_mpi_mod_int: 230772460340063000000100500000296355640 % 1205652040 -> 0
depends_on:MBEDTLS_HAVE_INT64
mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980974738":"47DCCA48":"0":0
mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980974738":0x47DCCA48:0x0:0
Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000296355640 % 1205652040 -> 0
mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980974738":"47DCCA48":"0":0

134
tests/suites/test_suite_bignum_core.function
View File

@ -309,6 +309,36 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
void mpi_core_clz(int leading_zeros, int trailing_zeros)
{
if ((size_t) (leading_zeros + trailing_zeros) >= (sizeof(mbedtls_mpi_uint) * 8)) {
// can't fit required number of leading and trailing zeros - skip test
goto exit;
}
// Construct a test input value where the count of leading zeros and
// trailing zeros is given in the test case, and we add ones to fill
// the gap.
mbedtls_mpi_uint x;
if ((leading_zeros + trailing_zeros) > 0) {
// some zero bits
uint32_t s = (sizeof(mbedtls_mpi_uint) * 8 - leading_zeros - trailing_zeros);
x = ((((mbedtls_mpi_uint) 1) << s) - 1) << trailing_zeros;
} else {
// all bits set
x = ~((mbedtls_mpi_uint) 0);
}
size_t n = mbedtls_mpi_core_clz(x);
TEST_EQUAL(n, leading_zeros);
exit:
;
}
/* END_CASE */
/* BEGIN_CASE */
void mpi_core_lt_ct(char *input_X, char *input_Y, int exp_ret)
{
@ -1057,7 +1087,71 @@ exit:
}
/* END_CASE */
/* BEGIN MERGE SLOT 1 */
/* BEGIN_CASE */
void mpi_core_mul(char *input_A,
char *input_B,
char *result)
{
mbedtls_mpi_uint *A = NULL;
mbedtls_mpi_uint *A_orig = NULL;
mbedtls_mpi_uint *B = NULL;
mbedtls_mpi_uint *B_orig = NULL;
mbedtls_mpi_uint *R = NULL;
mbedtls_mpi_uint *X = NULL;
size_t A_limbs, B_limbs, R_limbs;
TEST_EQUAL(mbedtls_test_read_mpi_core(&A, &A_limbs, input_A), 0);
TEST_EQUAL(mbedtls_test_read_mpi_core(&B, &B_limbs, input_B), 0);
TEST_EQUAL(mbedtls_test_read_mpi_core(&R, &R_limbs, result), 0);
TEST_EQUAL(R_limbs, A_limbs + B_limbs);
const size_t X_limbs = A_limbs + B_limbs;
const size_t X_bytes = X_limbs * sizeof(mbedtls_mpi_uint);
ASSERT_ALLOC(X, X_limbs);
const size_t A_bytes = A_limbs * sizeof(mbedtls_mpi_uint);
ASSERT_ALLOC(A_orig, A_limbs);
memcpy(A_orig, A, A_bytes);
const size_t B_bytes = B_limbs * sizeof(mbedtls_mpi_uint);
ASSERT_ALLOC(B_orig, B_limbs);
memcpy(B_orig, B, B_bytes);
/* Set result to something that is unlikely to be correct */
memset(X, '!', X_bytes);
/* 1. X = A * B - result should be correct, A and B unchanged */
mbedtls_mpi_core_mul(X, A, A_limbs, B, B_limbs);
ASSERT_COMPARE(X, X_bytes, R, X_bytes);
ASSERT_COMPARE(A, A_bytes, A_orig, A_bytes);
ASSERT_COMPARE(B, B_bytes, B_orig, B_bytes);
/* 2. A == B: alias A and B - result should be correct, A and B unchanged */
if (A_bytes == B_bytes && memcmp(A, B, A_bytes) == 0) {
memset(X, '!', X_bytes);
mbedtls_mpi_core_mul(X, A, A_limbs, A, A_limbs);
ASSERT_COMPARE(X, X_bytes, R, X_bytes);
ASSERT_COMPARE(A, A_bytes, A_orig, A_bytes);
}
/* 3. X = B * A - result should be correct, A and B unchanged */
else {
memset(X, '!', X_bytes);
mbedtls_mpi_core_mul(X, B, B_limbs, A, A_limbs);
ASSERT_COMPARE(X, X_bytes, R, X_bytes);
ASSERT_COMPARE(A, A_bytes, A_orig, A_bytes);
ASSERT_COMPARE(B, B_bytes, B_orig, B_bytes);
}
exit:
mbedtls_free(A);
mbedtls_free(A_orig);
mbedtls_free(B);
mbedtls_free(B_orig);
mbedtls_free(R);
mbedtls_free(X);
}
/* END_CASE */
/* BEGIN_CASE */
void mpi_core_exp_mod(char *input_N, char *input_A,
@ -1138,14 +1232,6 @@ exit:
}
/* END_CASE */
/* END MERGE SLOT 1 */
/* BEGIN MERGE SLOT 2 */
/* END MERGE SLOT 2 */
/* BEGIN MERGE SLOT 3 */
/* BEGIN_CASE */
void mpi_core_sub_int(char *input_A, char *input_B,
char *input_X, int borrow)
@ -1210,33 +1296,3 @@ exit:
mbedtls_free(X);
}
/* END_CASE */
/* END MERGE SLOT 3 */
/* BEGIN MERGE SLOT 4 */
/* END MERGE SLOT 4 */
/* BEGIN MERGE SLOT 5 */
/* END MERGE SLOT 5 */
/* BEGIN MERGE SLOT 6 */
/* END MERGE SLOT 6 */
/* BEGIN MERGE SLOT 7 */
/* END MERGE SLOT 7 */
/* BEGIN MERGE SLOT 8 */
/* END MERGE SLOT 8 */
/* BEGIN MERGE SLOT 9 */
/* END MERGE SLOT 9 */
/* BEGIN MERGE SLOT 10 */
/* END MERGE SLOT 10 */

51
tests/suites/test_suite_bignum_core.misc.data
View File

@ -491,42 +491,35 @@ mpi_core_fill_random:42:0:-1:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
Fill random core: 42 bytes, 5 missing limbs
mpi_core_fill_random:42:0:-5:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
# BEGIN MERGE SLOT 1
CLZ: 0 0: all ones
mpi_core_clz:0:0
# END MERGE SLOT 1
CLZ: 1 0
mpi_core_clz:1:0
# BEGIN MERGE SLOT 2
CLZ: 1 1
mpi_core_clz:1:1
# END MERGE SLOT 2
CLZ: 4 5
mpi_core_clz:4:5
# BEGIN MERGE SLOT 3
CLZ: 8 16
mpi_core_clz:8:16
# END MERGE SLOT 3
CLZ: 31 0
mpi_core_clz:31:0
# BEGIN MERGE SLOT 4
CLZ: 32 0
mpi_core_clz:32:0
# END MERGE SLOT 4
CLZ: 33 0
mpi_core_clz:33:0
# BEGIN MERGE SLOT 5
CLZ: 63 0
mpi_core_clz:63:0
# END MERGE SLOT 5
CLZ: 64 0
mpi_core_clz:64:0
# BEGIN MERGE SLOT 6
# END MERGE SLOT 6
# BEGIN MERGE SLOT 7
# END MERGE SLOT 7
# BEGIN MERGE SLOT 8
# END MERGE SLOT 8
# BEGIN MERGE SLOT 9
# END MERGE SLOT 9
# BEGIN MERGE SLOT 10
# END MERGE SLOT 10
CLZ: 100000 0: skip overly long input
mpi_core_clz:100000:0

34
tests/suites/test_suite_bignum_mod.function
View File

@ -96,12 +96,6 @@ exit:
}
/* END_CASE */
/* BEGIN MERGE SLOT 1 */
/* END MERGE SLOT 1 */
/* BEGIN MERGE SLOT 2 */
/* BEGIN_CASE */
void mpi_mod_mul(char *input_A,
char *input_B,
@ -238,9 +232,6 @@ exit:
}
/* END_CASE */
/* END MERGE SLOT 2 */
/* BEGIN MERGE SLOT 3 */
/* BEGIN_CASE */
void mpi_mod_sub(char *input_N,
char *input_A, char *input_B,
@ -440,13 +431,7 @@ exit:
mbedtls_free(X_raw);
}
/* END_CASE */
/* END MERGE SLOT 3 */
/* BEGIN MERGE SLOT 4 */
/* END MERGE SLOT 4 */
/* BEGIN MERGE SLOT 5 */
/* BEGIN_CASE */
void mpi_mod_add(char *input_N,
char *input_A, char *input_B,
@ -549,13 +534,7 @@ exit:
mbedtls_free(X_raw);
}
/* END_CASE */
/* END MERGE SLOT 5 */
/* BEGIN MERGE SLOT 6 */
/* END MERGE SLOT 6 */
/* BEGIN MERGE SLOT 7 */
/* BEGIN_CASE */
void mpi_residue_setup(char *input_N, char *input_R, int ret)
{
@ -762,16 +741,3 @@ exit:
mbedtls_free(obuf);
}
/* END_CASE */
/* END MERGE SLOT 7 */
/* BEGIN MERGE SLOT 8 */
/* END MERGE SLOT 8 */
/* BEGIN MERGE SLOT 9 */
/* END MERGE SLOT 9 */
/* BEGIN MERGE SLOT 10 */
/* END MERGE SLOT 10 */

21
tests/suites/test_suite_bignum_mod.misc.data
View File

@ -7,11 +7,6 @@ mpi_mod_setup:MBEDTLS_MPI_MOD_REP_OPT_RED:0
Test mbedtls_mpi_mod_setup #7 (Montgomery representation)
mpi_mod_setup:MBEDTLS_MPI_MOD_REP_MONTGOMERY:0
# BEGIN MERGE SLOT 1
# END MERGE SLOT 1
# BEGIN MERGE SLOT 2
Test mpi_mod_mul #1 N->limbs != A->limbs
mpi_mod_mul_neg:"1":"00000000000000000000000000000000":"f0000000000000000000000000000000":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
@ -20,9 +15,6 @@ mpi_mod_mul_neg:"1234567890abcdef1234567890abcdef":"0":"f00000000000000000000000
Test mpi_mod_mul #3 N->limbs != X->limbs
mpi_mod_mul_neg:"1234567890abcdef1234567890abcdef":"00000000000000000000000000000000":"f0000000000000000000000000000000":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
# END MERGE SLOT 2
# BEGIN MERGE SLOT 3
mpi_mod_sub base case for negative testing (N, a, b all >= 1 limb)
mpi_mod_sub:"014320a022ccb75bdf470ddf25":"000000025a55a46e5da99c71c7":"00033b2e3c9fd0803ce8000f93":"013fe57440828b4a0008aa4159":0
@ -89,13 +81,6 @@ mbedtls_mpi_mod_inv 64-bit Mont. form - A too short
depends_on:MBEDTLS_HAVE_INT64
mpi_mod_inv_mont:"0000000000000000000000000000152d02c7e14af67fe0bf":"00000000000009545642424381c611fb":"000000000000000000000000000009545642424381c611fb":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
# END MERGE SLOT 3
# BEGIN MERGE SLOT 4
# END MERGE SLOT 4
# BEGIN MERGE SLOT 5
mpi_mod_add base case for negative testing (N, a, b all >= 1 limb)
mpi_mod_add:"014320a022ccb75bdf470ddf25":"000000025a55a46e5da99c71c7":"00033b2e3c9fd0803ce8000f93":"00033b3096f574ee9a919c815a":0
@ -116,13 +101,7 @@ mpi_mod_add:"014320a022ccb75bdf470ddf25":"a99c71c7":"00033b2e3c9fd0803ce8000f93"
mpi_mod_add with second input too short
mpi_mod_add:"014320a022ccb75bdf470ddf25":"000000025a55a46e5da99c71c7":"e8000f93":"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
# END MERGE SLOT 5
# BEGIN MERGE SLOT 6
# END MERGE SLOT 6
# BEGIN MERGE SLOT 7
Test mbedtls_mpi_residue_setup #1 m > r
mpi_residue_setup:"fe":"01":0

39
tests/suites/test_suite_bignum_mod_raw.data
View File

@ -179,42 +179,3 @@ mpi_mod_raw_cond_swap:"000000001111111122222222333333334444444455555555666666667
mbedtls_mpi_mod_raw_cond_swap: copy half of the limbs
mpi_mod_raw_cond_swap:"00000000FFFFFFFF55555555AAAAAAAA":"FEDCBA9876543210FEDCBA9876543210":8
# BEGIN MERGE SLOT 1
# END MERGE SLOT 1
# BEGIN MERGE SLOT 2
# END MERGE SLOT 2
# BEGIN MERGE SLOT 3
# END MERGE SLOT 3
# BEGIN MERGE SLOT 4
# END MERGE SLOT 4
# BEGIN MERGE SLOT 5
# END MERGE SLOT 5
# BEGIN MERGE SLOT 6
# END MERGE SLOT 6
# BEGIN MERGE SLOT 7
# END MERGE SLOT 7
# BEGIN MERGE SLOT 8
# END MERGE SLOT 8
# BEGIN MERGE SLOT 9
# END MERGE SLOT 9
# BEGIN MERGE SLOT 10
# END MERGE SLOT 10

36
tests/suites/test_suite_bignum_mod_raw.function
View File

@ -263,12 +263,6 @@ exit:
}
/* END_CASE */
/* BEGIN MERGE SLOT 1 */
/* END MERGE SLOT 1 */
/* BEGIN MERGE SLOT 2 */
/* BEGIN_CASE */
void mpi_mod_raw_sub(char *input_A,
char *input_B,
@ -482,10 +476,6 @@ exit:
}
/* END_CASE */
/* END MERGE SLOT 2 */
/* BEGIN MERGE SLOT 3 */
/* BEGIN_CASE */
void mpi_mod_raw_inv_prime(char *input_N, char *input_A, char *input_X)
{
@ -559,14 +549,6 @@ exit:
}
/* END_CASE */
/* END MERGE SLOT 3 */
/* BEGIN MERGE SLOT 4 */
/* END MERGE SLOT 4 */
/* BEGIN MERGE SLOT 5 */
/* BEGIN_CASE */
void mpi_mod_raw_add(char *input_N,
char *input_A, char *input_B,
@ -655,9 +637,7 @@ exit:
mbedtls_free(X);
}
/* END_CASE */
/* END MERGE SLOT 5 */
/* BEGIN MERGE SLOT 6 */
/* BEGIN_CASE */
void mpi_mod_raw_canonical_to_modulus_rep(const char *input_N, int rep,
const char *input_A,
@ -711,9 +691,7 @@ exit:
mbedtls_free(X);
}
/* END_CASE */
/* END MERGE SLOT 6 */
/* BEGIN MERGE SLOT 7 */
/* BEGIN_CASE */
void mpi_mod_raw_to_mont_rep(char *input_N, char *input_A, char *input_X)
{
@ -896,17 +874,3 @@ exit:
mbedtls_free(Z);
}
/* END_CASE */
/* END MERGE SLOT 7 */
/* BEGIN MERGE SLOT 8 */
/* END MERGE SLOT 8 */
/* BEGIN MERGE SLOT 9 */
/* END MERGE SLOT 9 */
/* BEGIN MERGE SLOT 10 */
/* END MERGE SLOT 10 */

8
tests/suites/test_suite_constant_time_hmac.data
View File

@ -1,15 +1,15 @@
Constant-flow HMAC: MD5
depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
depends_on:MBEDTLS_MD_CAN_MD5
ssl_cf_hmac:MBEDTLS_MD_MD5
Constant-flow HMAC: SHA1
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
depends_on:MBEDTLS_MD_CAN_SHA1
ssl_cf_hmac:MBEDTLS_MD_SHA1
Constant-flow HMAC: SHA256
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
depends_on:MBEDTLS_MD_CAN_SHA256
ssl_cf_hmac:MBEDTLS_MD_SHA256
Constant-flow HMAC: SHA384
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA
depends_on:MBEDTLS_MD_CAN_SHA384
ssl_cf_hmac:MBEDTLS_MD_SHA384

1
tests/suites/test_suite_constant_time_hmac.function
View File

@ -1,7 +1,6 @@
/* BEGIN_HEADER */
#include <mbedtls/constant_time.h>
#include <mbedtls/legacy_or_psa.h>
#include <mbedtls/md.h>
#include <constant_time_internal.h>
#include <hash_info.h>

4
tests/suites/test_suite_debug.data
View File

@ -59,9 +59,9 @@ Debug print mbedtls_mpi: 764 bits #2
mbedtls_debug_print_mpi:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
Debug print certificate #1 (RSA)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:!MBEDTLS_X509_REMOVE_INFO
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_X509_REMOVE_INFO
mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: 01\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using \: RSA with SHA1\nMyFile(0999)\: RSA key size \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\: a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\: 15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\: 43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\: dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\: 83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\: 70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\: 4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\: f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\: ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\: 24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\: ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\: 69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\: 73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\: db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\: 5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\: ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\: 01 00 01\n"
Debug print certificate #2 (EC)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:!MBEDTLS_X509_REMOVE_INFO
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_LIGHT:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO
mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n"

16
tests/suites/test_suite_debug.function
View File

@ -1,7 +1,6 @@
/* BEGIN_HEADER */
#include "mbedtls/debug.h"
#include "string.h"
#include "mbedtls/legacy_or_psa.h"
#include "mbedtls/pk.h"
struct buffer_data {
@ -59,6 +58,8 @@ void debug_print_msg_threshold(int threshold, int level, char *file,
mbedtls_ssl_config conf;
struct buffer_data buffer;
MD_PSA_INIT();
mbedtls_ssl_init(&ssl);
mbedtls_ssl_config_init(&conf);
memset(buffer.buf, 0, 2000);
@ -83,6 +84,7 @@ void debug_print_msg_threshold(int threshold, int level, char *file,
exit:
mbedtls_ssl_free(&ssl);
mbedtls_ssl_config_free(&conf);
MD_PSA_DONE();
}
/* END_CASE */
@ -94,6 +96,8 @@ void mbedtls_debug_print_ret(char *file, int line, char *text, int value,
mbedtls_ssl_config conf;
struct buffer_data buffer;
MD_PSA_INIT();
mbedtls_ssl_init(&ssl);
mbedtls_ssl_config_init(&conf);
memset(buffer.buf, 0, 2000);
@ -115,6 +119,7 @@ void mbedtls_debug_print_ret(char *file, int line, char *text, int value,
exit:
mbedtls_ssl_free(&ssl);
mbedtls_ssl_config_free(&conf);
MD_PSA_DONE();
}
/* END_CASE */
@ -126,6 +131,8 @@ void mbedtls_debug_print_buf(char *file, int line, char *text,
mbedtls_ssl_config conf;
struct buffer_data buffer;
MD_PSA_INIT();
mbedtls_ssl_init(&ssl);
mbedtls_ssl_config_init(&conf);
memset(buffer.buf, 0, 2000);
@ -147,6 +154,7 @@ void mbedtls_debug_print_buf(char *file, int line, char *text,
exit:
mbedtls_ssl_free(&ssl);
mbedtls_ssl_config_free(&conf);
MD_PSA_DONE();
}
/* END_CASE */
@ -159,6 +167,8 @@ void mbedtls_debug_print_crt(char *crt_file, char *file, int line,
mbedtls_ssl_config conf;
struct buffer_data buffer;
MD_PSA_INIT();
mbedtls_ssl_init(&ssl);
mbedtls_ssl_config_init(&conf);
mbedtls_x509_crt_init(&crt);
@ -183,6 +193,7 @@ exit:
mbedtls_x509_crt_free(&crt);
mbedtls_ssl_free(&ssl);
mbedtls_ssl_config_free(&conf);
MD_PSA_DONE();
}
/* END_CASE */
@ -195,6 +206,8 @@ void mbedtls_debug_print_mpi(char *value, char *file, int line,
struct buffer_data buffer;
mbedtls_mpi val;
MD_PSA_INIT();
mbedtls_ssl_init(&ssl);
mbedtls_ssl_config_init(&conf);
mbedtls_mpi_init(&val);
@ -220,5 +233,6 @@ exit:
mbedtls_mpi_free(&val);
mbedtls_ssl_free(&ssl);
mbedtls_ssl_config_free(&conf);
MD_PSA_DONE();
}
/* END_CASE */

108
tests/suites/test_suite_ecdsa.data
View File

@ -91,203 +91,203 @@ depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
ecdsa_write_read_random:MBEDTLS_ECP_DP_SECP521R1
ECDSA deterministic test vector rfc 6979 p192 sha1 [#1]
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA1
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA1:"8151325DCDBAE9E0FF95F9F9658432DBEDFDB209":"98C6BD12B23EAF5E2A2045132086BE3EB8EBD62ABF6698FF":"57A22B07DEA9530F8DE9471B1DC6624472E8E2844BC25B64"
ECDSA deterministic test vector rfc 6979 p192 sha224 [#1]
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA224_C
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA224:"9003E374BC726550C2C289447FD0533160F875709386DFA377BFD41C":"A1F00DAD97AEEC91C95585F36200C65F3C01812AA60378F5":"E07EC1304C7C6C9DEBBE980B9692668F81D4DE7922A0F97A"
ECDSA deterministic test vector rfc 6979 p192 sha256 [#1]
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA256
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA256:"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF":"4B0B8CE98A92866A2820E20AA6B75B56382E0F9BFD5ECB55":"CCDB006926EA9565CBADC840829D8C384E06DE1F1E381B85"
ECDSA deterministic test vector rfc 6979 p192 sha384 [#1]
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA384_C
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA384
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA384:"9A9083505BC92276AEC4BE312696EF7BF3BF603F4BBD381196A029F340585312313BCA4A9B5B890EFEE42C77B1EE25FE":"DA63BF0B9ABCF948FBB1E9167F136145F7A20426DCC287D5":"C3AA2C960972BD7A2003A57E1C4C77F0578F8AE95E31EC5E"
ECDSA deterministic test vector rfc 6979 p192 sha512 [#1]
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA512
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA512:"39A5E04AAFF7455D9850C605364F514C11324CE64016960D23D5DC57D3FFD8F49A739468AB8049BF18EEF820CDB1AD6C9015F838556BC7FAD4138B23FDF986C7":"4D60C5AB1996BD848343B31C00850205E2EA6922DAC2E4B8":"3F6E837448F027A1BF4B34E796E32A811CBB4050908D8F67"
ECDSA deterministic test vector rfc 6979 p192 sha1 [#2]
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA1
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA1:"A94A8FE5CCB19BA61C4C0873D391E987982FBBD3":"0F2141A0EBBC44D2E1AF90A50EBCFCE5E197B3B7D4DE036D":"EB18BC9E1F3D7387500CB99CF5F7C157070A8961E38700B7"
ECDSA deterministic test vector rfc 6979 p192 sha224 [#2]
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA224_C
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA224:"90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809":"6945A1C1D1B2206B8145548F633BB61CEF04891BAF26ED34":"B7FB7FDFC339C0B9BD61A9F5A8EAF9BE58FC5CBA2CB15293"
ECDSA deterministic test vector rfc 6979 p192 sha256 [#2]
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA256
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"3A718BD8B4926C3B52EE6BBE67EF79B18CB6EB62B1AD97AE":"5662E6848A4A19B1F1AE2F72ACD4B8BBE50F1EAC65D9124F"
ECDSA deterministic test vector rfc 6979 p192 sha384 [#2]
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA384_C
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA384
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA384:"768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9":"B234B60B4DB75A733E19280A7A6034BD6B1EE88AF5332367":"7994090B2D59BB782BE57E74A44C9A1C700413F8ABEFE77A"
ECDSA deterministic test vector rfc 6979 p192 sha512 [#2]
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA512
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA512:"EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF":"FE4F4AE86A58B6507946715934FE2D8FF9D95B6B098FE739":"74CF5605C98FBA0E1EF34D4B5A1577A7DCF59457CAE52290"
ECDSA deterministic test vector rfc 6979 p224 sha1 [#1]
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA1_C
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA1
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA1:"8151325DCDBAE9E0FF95F9F9658432DBEDFDB209":"22226F9D40A96E19C4A301CE5B74B115303C0F3A4FD30FC257FB57AC":"66D1CDD83E3AF75605DD6E2FEFF196D30AA7ED7A2EDF7AF475403D69"
ECDSA deterministic test vector rfc 6979 p224 sha224 [#1]
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA224_C
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA224:"9003E374BC726550C2C289447FD0533160F875709386DFA377BFD41C":"1CDFE6662DDE1E4A1EC4CDEDF6A1F5A2FB7FBD9145C12113E6ABFD3E":"A6694FD7718A21053F225D3F46197CA699D45006C06F871808F43EBC"
ECDSA deterministic test vector rfc 6979 p224 sha256 [#1]
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA256
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA256:"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF":"61AA3DA010E8E8406C656BC477A7A7189895E7E840CDFE8FF42307BA":"BC814050DAB5D23770879494F9E0A680DC1AF7161991BDE692B10101"
ECDSA deterministic test vector rfc 6979 p224 sha384 [#1]
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA384_C
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA384
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA384:"9A9083505BC92276AEC4BE312696EF7BF3BF603F4BBD381196A029F340585312313BCA4A9B5B890EFEE42C77B1EE25FE":"0B115E5E36F0F9EC81F1325A5952878D745E19D7BB3EABFABA77E953":"830F34CCDFE826CCFDC81EB4129772E20E122348A2BBD889A1B1AF1D"
ECDSA deterministic test vector rfc 6979 p224 sha512 [#1]
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA512
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA512:"39A5E04AAFF7455D9850C605364F514C11324CE64016960D23D5DC57D3FFD8F49A739468AB8049BF18EEF820CDB1AD6C9015F838556BC7FAD4138B23FDF986C7":"074BD1D979D5F32BF958DDC61E4FB4872ADCAFEB2256497CDAC30397":"A4CECA196C3D5A1FF31027B33185DC8EE43F288B21AB342E5D8EB084"
ECDSA deterministic test vector rfc 6979 p224 sha1 [#2]
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA1_C
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA1
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA1:"A94A8FE5CCB19BA61C4C0873D391E987982FBBD3":"DEAA646EC2AF2EA8AD53ED66B2E2DDAA49A12EFD8356561451F3E21C":"95987796F6CF2062AB8135271DE56AE55366C045F6D9593F53787BD2"
ECDSA deterministic test vector rfc 6979 p224 sha224 [#2]
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA224_C
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA224:"90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809":"C441CE8E261DED634E4CF84910E4C5D1D22C5CF3B732BB204DBEF019":"902F42847A63BDC5F6046ADA114953120F99442D76510150F372A3F4"
ECDSA deterministic test vector rfc 6979 p224 sha256 [#2]
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA256
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"AD04DDE87B84747A243A631EA47A1BA6D1FAA059149AD2440DE6FBA6":"178D49B1AE90E3D8B629BE3DB5683915F4E8C99FDF6E666CF37ADCFD"
ECDSA deterministic test vector rfc 6979 p224 sha384 [#2]
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA384_C
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA384
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA384:"768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9":"389B92682E399B26518A95506B52C03BC9379A9DADF3391A21FB0EA4":"414A718ED3249FF6DBC5B50C27F71F01F070944DA22AB1F78F559AAB"
ECDSA deterministic test vector rfc 6979 p224 sha512 [#2]
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA512
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA512:"EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF":"049F050477C5ADD858CAC56208394B5A55BAEBBE887FDF765047C17C":"077EB13E7005929CEFA3CD0403C7CDCC077ADF4E44F3C41B2F60ECFF"
ECDSA deterministic test vector rfc 6979 p256 sha1 [#1]
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA1
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA1:"8151325DCDBAE9E0FF95F9F9658432DBEDFDB209":"61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D32":"6D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB"
ECDSA deterministic test vector rfc 6979 p256 sha224 [#1]
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA224_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA224:"9003E374BC726550C2C289447FD0533160F875709386DFA377BFD41C":"53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F":"B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C"
ECDSA deterministic test vector rfc 6979 p256 sha256 [#1]
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF":"EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716":"F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8"
ECDSA deterministic test vector rfc 6979 p256 sha384 [#1]
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA384_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA384
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA384:"9A9083505BC92276AEC4BE312696EF7BF3BF603F4BBD381196A029F340585312313BCA4A9B5B890EFEE42C77B1EE25FE":"0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF7719":"4861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954"
ECDSA deterministic test vector rfc 6979 p256 sha512 [#1]
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA512
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA512:"39A5E04AAFF7455D9850C605364F514C11324CE64016960D23D5DC57D3FFD8F49A739468AB8049BF18EEF820CDB1AD6C9015F838556BC7FAD4138B23FDF986C7":"8496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F00":"2362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE"
ECDSA deterministic test vector rfc 6979 p256 sha1 [#2]
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA1
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA1:"A94A8FE5CCB19BA61C4C0873D391E987982FBBD3":"0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89":"01B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1"
ECDSA deterministic test vector rfc 6979 p256 sha224 [#2]
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA224_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA224:"90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809":"C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692":"C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D"
ECDSA deterministic test vector rfc 6979 p256 sha256 [#2]
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367":"019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083"
ECDSA deterministic test vector rfc 6979 p256 sha384 [#2]
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA384_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA384
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA384:"768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9":"83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB6":"8DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C"
ECDSA deterministic test vector rfc 6979 p256 sha512 [#2]
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA512
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA512:"EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF":"461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A04":"39AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55"
ECDSA deterministic test vector rfc 6979 p384 sha1 [#1]
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA1
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA1:"8151325DCDBAE9E0FF95F9F9658432DBEDFDB209":"EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2":"A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443"
ECDSA deterministic test vector rfc 6979 p384 sha224 [#1]
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA224_C
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA224:"9003E374BC726550C2C289447FD0533160F875709386DFA377BFD41C":"42356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE060122":"9DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D"
ECDSA deterministic test vector rfc 6979 p384 sha256 [#1]
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA256
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA256:"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF":"21B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CD":"F3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0"
ECDSA deterministic test vector rfc 6979 p384 sha384 [#1]
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA384_C
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA384
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA384:"9A9083505BC92276AEC4BE312696EF7BF3BF603F4BBD381196A029F340585312313BCA4A9B5B890EFEE42C77B1EE25FE":"94EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE46":"99EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8"
ECDSA deterministic test vector rfc 6979 p384 sha512 [#1]
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA512
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA512:"39A5E04AAFF7455D9850C605364F514C11324CE64016960D23D5DC57D3FFD8F49A739468AB8049BF18EEF820CDB1AD6C9015F838556BC7FAD4138B23FDF986C7":"ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD7882433709":"512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5"
ECDSA deterministic test vector rfc 6979 p384 sha1 [#2]
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA1
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA1:"A94A8FE5CCB19BA61C4C0873D391E987982FBBD3":"4BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7":"D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282"
ECDSA deterministic test vector rfc 6979 p384 sha224 [#2]
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA224_C
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA224:"90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809":"E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E72":"07041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66"
ECDSA deterministic test vector rfc 6979 p384 sha256 [#2]
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA256
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"6D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B":"2D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265"
ECDSA deterministic test vector rfc 6979 p384 sha384 [#2]
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA384_C
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA384
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA384:"768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9":"8203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DB":"DDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5"
ECDSA deterministic test vector rfc 6979 p384 sha512 [#2]
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA512
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA512:"EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF":"A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277":"976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736"
ECDSA deterministic test vector rfc 6979 p521 sha1 [#1]
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA1_C
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA1
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA1:"8151325DCDBAE9E0FF95F9F9658432DBEDFDB209":"0343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D":"0E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16"
ECDSA deterministic test vector rfc 6979 p521 sha224 [#1]
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA224_C
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA224:"9003E374BC726550C2C289447FD0533160F875709386DFA377BFD41C":"1776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E":"050CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F"
ECDSA deterministic test vector rfc 6979 p521 sha256 [#1]
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA256
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA256:"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF":"1511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A7":"04A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC"
ECDSA deterministic test vector rfc 6979 p521 sha384 [#1]
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA384_C
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA384
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA384:"9A9083505BC92276AEC4BE312696EF7BF3BF603F4BBD381196A029F340585312313BCA4A9B5B890EFEE42C77B1EE25FE":"1EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C67451":"1F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61"
ECDSA deterministic test vector rfc 6979 p521 sha512 [#1]
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA512
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA512:"39A5E04AAFF7455D9850C605364F514C11324CE64016960D23D5DC57D3FFD8F49A739468AB8049BF18EEF820CDB1AD6C9015F838556BC7FAD4138B23FDF986C7":"0C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA":"0617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A"
ECDSA deterministic test vector rfc 6979 p521 sha1 [#2]
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA1_C
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA1
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA1:"A94A8FE5CCB19BA61C4C0873D391E987982FBBD3":"13BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D0367":"1E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF"
ECDSA deterministic test vector rfc 6979 p521 sha224 [#2]
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA224_C
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA224:"90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809":"1C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB":"177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4"
ECDSA deterministic test vector rfc 6979 p521 sha256 [#2]
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA256
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"00E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA8":"0CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86"
ECDSA deterministic test vector rfc 6979 p521 sha384 [#2]
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA384_C
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA384
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA384:"768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9":"14BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C":"133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979"
ECDSA deterministic test vector rfc 6979 p521 sha512 [#2]
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA512
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA512:"EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF":"13E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D":"1FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3"
ECDSA restartable read-verify: max_ops=0 (disabled)
@ -307,19 +307,19 @@ depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
ecdsa_read_restart:MBEDTLS_ECP_DP_SECP256R1:"04e8f573412a810c5f81ecd2d251bb94387e72f28af70dced90ebe75725c97a6428231069c2b1ef78509a22c59044319f6ed3cb750dfe64c2a282b35967a458ad6":"dee9d4d8b0e40a034602d6e638197998060f6e9f353ae1d10c94cd56476d3c92":"304502210098a5a1392abe29e4b0a4da3fefe9af0f8c32e5b839ab52ba6a05da9c3b7edd0f0220596f0e195ae1e58c1e53e9e7f0f030b274348a8c11232101778d89c4943f5ad2":250:4:64
ECDSA restartable sign-write: secp256r1 max_ops=0 (disabled)
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":0:0:0
ECDSA restartable sign-write: secp256r1 restart max_ops=1
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":1:1:10000
ECDSA restartable sign-write: secp256r1 restart max_ops=10000
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":10000:0:0
ECDSA restartable sign-write: secp256r1 restart max_ops=250
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:32
ECDSA zero private parameter p192

21
tests/suites/test_suite_ecdsa.function
View File

@ -1,11 +1,6 @@
/* BEGIN_HEADER */
#include "mbedtls/ecdsa.h"
#include "hash_info.h"
#include "mbedtls/legacy_or_psa.h"
#if (defined(MBEDTLS_ECDSA_DETERMINISTIC) && defined(MBEDTLS_SHA256_C)) || \
(!defined(MBEDTLS_ECDSA_DETERMINISTIC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA))
#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_IF_DETERMINISTIC
#endif
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@ -203,6 +198,8 @@ void ecdsa_det_test_vectors(int id, char *d_str, int md_alg, data_t *hash,
mbedtls_ecp_group grp;
mbedtls_mpi d, r, s, r_check, s_check;
MD_PSA_INIT();
mbedtls_ecp_group_init(&grp);
mbedtls_mpi_init(&d); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s);
mbedtls_mpi_init(&r_check); mbedtls_mpi_init(&s_check);
@ -226,10 +223,11 @@ exit:
mbedtls_ecp_group_free(&grp);
mbedtls_mpi_free(&d); mbedtls_mpi_free(&r); mbedtls_mpi_free(&s);
mbedtls_mpi_free(&r_check); mbedtls_mpi_free(&s_check);
MD_PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_IF_DETERMINISTIC */
/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256 */
void ecdsa_write_read_zero(int id)
{
mbedtls_ecdsa_context ctx;
@ -238,6 +236,8 @@ void ecdsa_write_read_zero(int id)
unsigned char sig[200];
size_t sig_len, i;
MD_PSA_INIT();
mbedtls_ecdsa_init(&ctx);
memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
memset(hash, 0, sizeof(hash));
@ -288,10 +288,11 @@ void ecdsa_write_read_zero(int id)
exit:
mbedtls_ecdsa_free(&ctx);
MD_PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_IF_DETERMINISTIC */
/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256 */
void ecdsa_write_read_random(int id)
{
mbedtls_ecdsa_context ctx;
@ -300,6 +301,8 @@ void ecdsa_write_read_random(int id)
unsigned char sig[200];
size_t sig_len, i;
MD_PSA_INIT();
mbedtls_ecdsa_init(&ctx);
memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
memset(hash, 0, sizeof(hash));
@ -354,6 +357,7 @@ void ecdsa_write_read_random(int id)
exit:
mbedtls_ecdsa_free(&ctx);
MD_PSA_DONE();
}
/* END_CASE */
@ -433,6 +437,8 @@ void ecdsa_write_restart(int id, char *d_str, int md_alg,
unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
size_t slen;
MD_PSA_INIT();
mbedtls_ecdsa_restart_init(&rs_ctx);
mbedtls_ecdsa_init(&ctx);
memset(sig, 0, sizeof(sig));
@ -483,6 +489,7 @@ void ecdsa_write_restart(int id, char *d_str, int md_alg,
exit:
mbedtls_ecdsa_restart_free(&rs_ctx);
mbedtls_ecdsa_free(&ctx);
MD_PSA_DONE();
}
/* END_CASE */

34
tests/suites/test_suite_ecjpake.function
View File

@ -1,8 +1,7 @@
/* BEGIN_HEADER */
#include "mbedtls/ecjpake.h"
#include "mbedtls/legacy_or_psa.h"
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA)
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && defined(MBEDTLS_MD_CAN_SHA256)
static const unsigned char ecjpake_test_x1[] = {
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
@ -91,7 +90,7 @@ cleanup:
}
#define ADD_SIZE(x) x, sizeof(x)
#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA */
#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED && MBEDTLS_MD_CAN_SHA256 */
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@ -109,6 +108,8 @@ void ecjpake_invalid_param()
mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256;
mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP256R1;
MD_PSA_INIT();
mbedtls_ecjpake_init(&ctx);
TEST_EQUAL(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
@ -118,18 +119,23 @@ void ecjpake_invalid_param()
valid_group,
buf, len));
exit:
return;
MD_PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void ecjpake_selftest()
{
MD_PSA_INIT();
TEST_ASSERT(mbedtls_ecjpake_self_test(1) == 0);
exit:
MD_PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 */
void read_bad_md(data_t *msg)
{
mbedtls_ecjpake_context corrupt_ctx;
@ -137,6 +143,8 @@ void read_bad_md(data_t *msg)
const size_t pw_len = 0;
int any_role = MBEDTLS_ECJPAKE_CLIENT;
MD_PSA_INIT();
mbedtls_ecjpake_init(&corrupt_ctx);
TEST_ASSERT(mbedtls_ecjpake_setup(&corrupt_ctx, any_role,
MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw,
@ -148,16 +156,19 @@ void read_bad_md(data_t *msg)
exit:
mbedtls_ecjpake_free(&corrupt_ctx);
MD_PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 */
void read_round_one(int role, data_t *msg, int ref_ret)
{
mbedtls_ecjpake_context ctx;
const unsigned char *pw = NULL;
const size_t pw_len = 0;
MD_PSA_INIT();
mbedtls_ecjpake_init(&ctx);
TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, role,
@ -168,16 +179,19 @@ void read_round_one(int role, data_t *msg, int ref_ret)
exit:
mbedtls_ecjpake_free(&ctx);
MD_PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 */
void read_round_two_cli(data_t *msg, int ref_ret)
{
mbedtls_ecjpake_context ctx;
const unsigned char *pw = NULL;
const size_t pw_len = 0;
MD_PSA_INIT();
mbedtls_ecjpake_init(&ctx);
TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, MBEDTLS_ECJPAKE_CLIENT,
@ -194,16 +208,19 @@ void read_round_two_cli(data_t *msg, int ref_ret)
exit:
mbedtls_ecjpake_free(&ctx);
MD_PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 */
void read_round_two_srv(data_t *msg, int ref_ret)
{
mbedtls_ecjpake_context ctx;
const unsigned char *pw = NULL;
const size_t pw_len = 0;
MD_PSA_INIT();
mbedtls_ecjpake_init(&ctx);
TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, MBEDTLS_ECJPAKE_SERVER,
@ -220,5 +237,6 @@ void read_round_two_srv(data_t *msg, int ref_ret)
exit:
mbedtls_ecjpake_free(&ctx);
MD_PSA_DONE();
}
/* END_CASE */

124
tests/suites/test_suite_ecp.data
View File

@ -855,130 +855,6 @@ ECP restartable muladd secp256r1 max_ops=250
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":250:4:64
ECP fix_negative: 0, -1, 224
fix_negative:"00":-1:224
ECP fix_negative: 1, -1, 224
fix_negative:"01":-1:224
ECP fix_negative: 2^32-1, -1, 224
fix_negative:"ffffffff":-1:224
ECP fix_negative: 2^32, -1, 224
fix_negative:"0100000000":-1:224
ECP fix_negative: 2^64-1, -1, 224
fix_negative:"ffffffffffffffff":-1:224
ECP fix_negative: 2^64, -1, 224
fix_negative:"010000000000000000":-1:224
ECP fix_negative: 2^128-1, -1, 224
fix_negative:"ffffffffffffffffffffffffffffffff":-1:224
ECP fix_negative: 2^128, -1, 224
fix_negative:"0100000000000000000000000000000000":-1:224
ECP fix_negative: 2^128+1, -1, 224
fix_negative:"0100000000000000000000000000000001":-1:224
ECP fix_negative: 2^224-1, -1, 224
fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-1:224
ECP fix_negative: 0, -2, 224
fix_negative:"00":-2:224
ECP fix_negative: 1, -2, 224
fix_negative:"01":-2:224
ECP fix_negative: 2^32-1, -2, 224
fix_negative:"ffffffff":-2:224
ECP fix_negative: 2^32, -2, 224
fix_negative:"0100000000":-2:224
ECP fix_negative: 2^64-1, -2, 224
fix_negative:"ffffffffffffffff":-2:224
ECP fix_negative: 2^64, -2, 224
fix_negative:"010000000000000000":-2:224
ECP fix_negative: 2^128-1, -2, 224
fix_negative:"ffffffffffffffffffffffffffffffff":-2:224
ECP fix_negative: 2^128, -2, 224
fix_negative:"0100000000000000000000000000000000":-2:224
ECP fix_negative: 2^128+1, -2, 224
fix_negative:"0100000000000000000000000000000001":-2:224
ECP fix_negative: 2^224-1, -2, 224
fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-2:224
ECP fix_negative: 0, -1, 256
fix_negative:"00":-1:256
ECP fix_negative: 1, -1, 256
fix_negative:"01":-1:256
ECP fix_negative: 2^32-1, -1, 256
fix_negative:"ffffffff":-1:256
ECP fix_negative: 2^32, -1, 256
fix_negative:"0100000000":-1:256
ECP fix_negative: 2^64-1, -1, 256
fix_negative:"ffffffffffffffff":-1:256
ECP fix_negative: 2^64, -1, 256
fix_negative:"010000000000000000":-1:256
ECP fix_negative: 2^128-1, -1, 256
fix_negative:"ffffffffffffffffffffffffffffffff":-1:256
ECP fix_negative: 2^128, -1, 256
fix_negative:"0100000000000000000000000000000000":-1:256
ECP fix_negative: 2^128+1, -1, 256
fix_negative:"0100000000000000000000000000000001":-1:256
ECP fix_negative: 2^256-1, -1, 256
fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-1:256
ECP fix_negative: 0, -2, 256
fix_negative:"00":-2:256
ECP fix_negative: 1, -2, 256
fix_negative:"01":-2:256
ECP fix_negative: 2^32-1, -2, 256
fix_negative:"ffffffff":-2:256
ECP fix_negative: 2^32, -2, 256
fix_negative:"0100000000":-2:256
ECP fix_negative: 2^64-1, -2, 256
fix_negative:"ffffffffffffffff":-2:256
ECP fix_negative: 2^64, -2, 256
fix_negative:"010000000000000000":-2:256
ECP fix_negative: 2^128-1, -2, 256
fix_negative:"ffffffffffffffffffffffffffffffff":-2:256
ECP fix_negative: 2^128, -2, 256
fix_negative:"0100000000000000000000000000000000":-2:256
ECP fix_negative: 2^128+1, -2, 256
fix_negative:"0100000000000000000000000000000001":-2:256
ECP fix_negative: 2^256-1, -2, 256
fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-2:256
# The first call to fix_negative in the test case of issue #4296.
ECP fix_negative: #4296.1
fix_negative:"8A4DD4C8B42C5EAED15FE4F4579F4CE513EC90A94010BF000000000000000000":-1:256
ECP export key parameters #1 (OK)
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
ecp_export:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":0:0

298
tests/suites/test_suite_ecp.function
View File

@ -8,13 +8,6 @@
#include "ecp_invasive.h"
#include "bignum_mod_raw_invasive.h"
#if defined(MBEDTLS_TEST_HOOKS) && \
(defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED))
#define HAVE_FIX_NEGATIVE
#endif
#define ECP_PF_UNKNOWN -1
#define ECP_PT_RESET(x) \
@ -77,7 +70,7 @@ inline static int mbedtls_ecp_group_cmp(mbedtls_ecp_group *grp1,
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:MBEDTLS_ECP_C
* depends_on:MBEDTLS_ECP_LIGHT
* END_DEPENDENCIES
*/
@ -325,7 +318,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
void ecp_test_vect(int id, char *dA_str, char *xA_str, char *yA_str,
char *dB_str, char *xB_str, char *yB_str,
char *xZ_str, char *yZ_str)
@ -382,7 +375,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
void ecp_test_vec_x(int id, char *dA_hex, char *xA_hex, char *dB_hex,
char *xB_hex, char *xS_hex)
{
@ -435,7 +428,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
void ecp_test_mul(int id, data_t *n_hex,
data_t *Px_hex, data_t *Py_hex, data_t *Pz_hex,
data_t *nPx_hex, data_t *nPy_hex, data_t *nPz_hex,
@ -484,7 +477,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
void ecp_test_mul_rng(int id, data_t *d_hex)
{
mbedtls_ecp_group grp;
@ -510,7 +503,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED:MBEDTLS_ECP_C */
void ecp_muladd(int id,
data_t *u1_bin, data_t *P1_bin,
data_t *u2_bin, data_t *P2_bin,
@ -962,7 +955,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
void mbedtls_ecp_check_pub_priv(int id_pub, char *Qx_pub, char *Qy_pub,
int id, char *d, char *Qx, char *Qy,
int ret)
@ -994,7 +987,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
void mbedtls_ecp_gen_keypair(int id)
{
mbedtls_ecp_group grp;
@ -1023,7 +1016,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
void mbedtls_ecp_gen_key(int id)
{
mbedtls_ecp_keypair key;
@ -1093,37 +1086,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:HAVE_FIX_NEGATIVE */
void fix_negative(data_t *N_bin, int c, int bits)
{
mbedtls_mpi C, M, N;
mbedtls_mpi_init(&C);
mbedtls_mpi_init(&M);
mbedtls_mpi_init(&N);
/* C = - c * 2^bits (positive since c is negative) */
TEST_EQUAL(0, mbedtls_mpi_lset(&C, -c));
TEST_EQUAL(0, mbedtls_mpi_shift_l(&C, bits));
TEST_EQUAL(0, mbedtls_mpi_read_binary(&N, N_bin->x, N_bin->len));
TEST_EQUAL(0, mbedtls_mpi_grow(&N, C.n));
/* M = N - C = - ( C - N ) (expected result of fix_negative) */
TEST_EQUAL(0, mbedtls_mpi_sub_mpi(&M, &N, &C));
mbedtls_ecp_fix_negative(&N, c, bits);
TEST_EQUAL(0, mbedtls_mpi_cmp_mpi(&N, &M));
exit:
mbedtls_mpi_free(&C);
mbedtls_mpi_free(&M);
mbedtls_mpi_free(&N);
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_MONTGOMERY_ENABLED */
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_MONTGOMERY_ENABLED:MBBEDTLS_ECP_C */
void genkey_mx_known_answer(int bits, data_t *seed, data_t *expected)
{
mbedtls_test_rnd_buf_info rnd_info;
@ -1304,9 +1267,10 @@ exit:
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
void ecp_mod_p192_raw(char *input_N,
char *input_X,
char *result)
void ecp_mod_p_generic_raw(int curve_id,
char *input_N,
char *input_X,
char *result)
{
mbedtls_mpi_uint *X = NULL;
mbedtls_mpi_uint *N = NULL;
@ -1315,25 +1279,70 @@ void ecp_mod_p192_raw(char *input_N,
size_t limbs_N;
size_t limbs_res;
size_t bytes;
size_t limbs;
size_t curve_bits;
int (*curve_func)(mbedtls_mpi_uint *X, size_t X_limbs);
mbedtls_mpi_mod_modulus m;
mbedtls_mpi_mod_modulus_init(&m);
TEST_EQUAL(mbedtls_test_read_mpi_core(&X, &limbs_X, input_X), 0);
TEST_EQUAL(mbedtls_test_read_mpi_core(&N, &limbs_N, input_N), 0);
TEST_EQUAL(mbedtls_test_read_mpi_core(&res, &limbs_res, result), 0);
bytes = limbs_N * sizeof(mbedtls_mpi_uint);
size_t limbs = limbs_N;
size_t bytes = limbs * sizeof(mbedtls_mpi_uint);
switch (curve_id) {
#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
case MBEDTLS_ECP_DP_SECP192R1:
limbs = 2 * limbs_N;
curve_bits = 192;
curve_func = &mbedtls_ecp_mod_p192_raw;
break;
#endif
#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
case MBEDTLS_ECP_DP_SECP224R1:
limbs = 448 / biL;
curve_bits = 224;
curve_func = &mbedtls_ecp_mod_p224_raw;
break;
#endif
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
case MBEDTLS_ECP_DP_SECP256R1:
limbs = 2 * limbs_N;
curve_bits = 256;
curve_func = &mbedtls_ecp_mod_p256_raw;
break;
#endif
#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
case MBEDTLS_ECP_DP_SECP384R1:
limbs = 2 * limbs_N;
curve_bits = 384;
curve_func = &mbedtls_ecp_mod_p384_raw;
break;
#endif
#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
case MBEDTLS_ECP_DP_SECP521R1:
limbs = 2 * limbs_N;
curve_bits = 522;
curve_func = &mbedtls_ecp_mod_p521_raw;
break;
#endif
default:
mbedtls_test_fail("Unsupported curve_id", __LINE__, __FILE__);
goto exit;
}
TEST_EQUAL(limbs_X, 2 * limbs);
TEST_EQUAL(limbs_res, limbs);
TEST_EQUAL(limbs_X, limbs);
TEST_EQUAL(limbs_res, limbs_N);
TEST_EQUAL(mbedtls_mpi_mod_modulus_setup(
&m, N, limbs,
MBEDTLS_MPI_MOD_REP_MONTGOMERY), 0);
&m, N, limbs_N,
MBEDTLS_MPI_MOD_REP_OPT_RED), 0);
TEST_EQUAL(mbedtls_ecp_mod_p192_raw(X, limbs_X), 0);
TEST_LE_U(mbedtls_mpi_core_bitlen(X, limbs_X), 192);
TEST_EQUAL((*curve_func)(X, limbs_X), 0);
TEST_LE_U(mbedtls_mpi_core_bitlen(X, limbs_X), curve_bits);
mbedtls_mpi_mod_raw_fix_quasi_reduction(X, &m);
ASSERT_COMPARE(X, bytes, res, bytes);
@ -1346,46 +1355,159 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
void ecp_mod_p521_raw(char *input_N,
char *input_X,
char *result)
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_DP_SECP192K1_ENABLED */
void ecp_mod_p192k1(char *input_N,
char *input_X,
char *result)
{
mbedtls_mpi_uint *X = NULL;
mbedtls_mpi_uint *N = NULL;
mbedtls_mpi_uint *res = NULL;
size_t limbs_X;
size_t limbs_N;
size_t limbs_res;
mbedtls_mpi X;
mbedtls_mpi N;
mbedtls_mpi res;
mbedtls_mpi_mod_modulus m;
mbedtls_mpi_mod_modulus_init(&m);
mbedtls_mpi_init(&X);
mbedtls_mpi_init(&N);
mbedtls_mpi_init(&res);
TEST_EQUAL(mbedtls_test_read_mpi_core(&X, &limbs_X, input_X), 0);
TEST_EQUAL(mbedtls_test_read_mpi_core(&N, &limbs_N, input_N), 0);
TEST_EQUAL(mbedtls_test_read_mpi_core(&res, &limbs_res, result), 0);
TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0);
TEST_EQUAL(mbedtls_test_read_mpi(&N, input_N), 0);
TEST_EQUAL(mbedtls_test_read_mpi(&res, result), 0);
size_t limbs = limbs_N;
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, X.p, X.n));
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, N.p, N.n));
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, res.p, res.n));
size_t limbs = N.n;
size_t bytes = limbs * sizeof(mbedtls_mpi_uint);
TEST_EQUAL(limbs_X, 2 * limbs);
TEST_EQUAL(limbs_res, limbs);
TEST_EQUAL(X.n, 2 * limbs);
TEST_EQUAL(res.n, limbs);
TEST_EQUAL(mbedtls_mpi_mod_modulus_setup(
&m, N, limbs,
MBEDTLS_MPI_MOD_REP_MONTGOMERY), 0);
TEST_EQUAL(mbedtls_ecp_mod_p521_raw(X, limbs_X), 0);
TEST_LE_U(mbedtls_mpi_core_bitlen(X, limbs_X), 522);
mbedtls_mpi_mod_raw_fix_quasi_reduction(X, &m);
ASSERT_COMPARE(X, bytes, res, bytes);
TEST_EQUAL(mbedtls_ecp_mod_p192k1(&X), 0);
TEST_EQUAL(mbedtls_mpi_mod_mpi(&X, &X, &N), 0);
TEST_LE_U(mbedtls_mpi_core_bitlen(X.p, X.n), 192);
ASSERT_COMPARE(X.p, bytes, res.p, bytes);
exit:
mbedtls_free(X);
mbedtls_free(res);
mbedtls_mpi_free(&X);
mbedtls_mpi_free(&N);
mbedtls_mpi_free(&res);
}
/* END_CASE */
mbedtls_mpi_mod_modulus_free(&m);
mbedtls_free(N);
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_DP_SECP224K1_ENABLED */
void ecp_mod_p224k1(char *input_N,
char *input_X,
char *result)
{
mbedtls_mpi X;
mbedtls_mpi N;
mbedtls_mpi res;
mbedtls_mpi_init(&X);
mbedtls_mpi_init(&N);
mbedtls_mpi_init(&res);
TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0);
TEST_EQUAL(mbedtls_test_read_mpi(&N, input_N), 0);
TEST_EQUAL(mbedtls_test_read_mpi(&res, result), 0);
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, X.p, X.n));
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, N.p, N.n));
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, res.p, res.n));
size_t limbs = N.n;
size_t bytes = limbs * sizeof(mbedtls_mpi_uint);
TEST_LE_U(X.n, 448 / biL);
TEST_EQUAL(res.n, limbs);
TEST_EQUAL(mbedtls_ecp_mod_p224k1(&X), 0);
TEST_EQUAL(mbedtls_mpi_mod_mpi(&X, &X, &N), 0);
TEST_LE_U(mbedtls_mpi_core_bitlen(X.p, X.n), 224);
ASSERT_COMPARE(X.p, bytes, res.p, bytes);
exit:
mbedtls_mpi_free(&X);
mbedtls_mpi_free(&N);
mbedtls_mpi_free(&res);
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_DP_SECP256K1_ENABLED */
void ecp_mod_p256k1(char *input_N,
char *input_X,
char *result)
{
mbedtls_mpi X;
mbedtls_mpi N;
mbedtls_mpi res;
mbedtls_mpi_init(&X);
mbedtls_mpi_init(&N);
mbedtls_mpi_init(&res);
TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0);
TEST_EQUAL(mbedtls_test_read_mpi(&N, input_N), 0);
TEST_EQUAL(mbedtls_test_read_mpi(&res, result), 0);
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, X.p, X.n));
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, N.p, N.n));
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, res.p, res.n));
size_t limbs = N.n;
size_t bytes = limbs * sizeof(mbedtls_mpi_uint);
TEST_LE_U(X.n, 2 * limbs);
TEST_EQUAL(res.n, limbs);
TEST_EQUAL(mbedtls_ecp_mod_p256k1(&X), 0);
TEST_EQUAL(mbedtls_mpi_mod_mpi(&X, &X, &N), 0);
TEST_LE_U(mbedtls_mpi_core_bitlen(X.p, X.n), 256);
ASSERT_COMPARE(X.p, bytes, res.p, bytes);
exit:
mbedtls_mpi_free(&X);
mbedtls_mpi_free(&N);
mbedtls_mpi_free(&res);
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_DP_CURVE448_ENABLED */
void ecp_mod_p448(char *input_N,
char *input_X,
char *result)
{
mbedtls_mpi X;
mbedtls_mpi N;
mbedtls_mpi res;
mbedtls_mpi_init(&X);
mbedtls_mpi_init(&N);
mbedtls_mpi_init(&res);
TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0);
TEST_EQUAL(mbedtls_test_read_mpi(&N, input_N), 0);
TEST_EQUAL(mbedtls_test_read_mpi(&res, result), 0);
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, X.p, X.n));
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, N.p, N.n));
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, res.p, res.n));
size_t limbs = N.n;
size_t bytes = limbs * sizeof(mbedtls_mpi_uint);
TEST_LE_U(X.n, 2 * limbs);
TEST_EQUAL(res.n, limbs);
TEST_EQUAL(mbedtls_ecp_mod_p448(&X), 0);
TEST_EQUAL(mbedtls_mpi_mod_mpi(&X, &X, &N), 0);
TEST_LE_U(mbedtls_mpi_core_bitlen(X.p, X.n), 448);
ASSERT_COMPARE(X.p, bytes, res.p, bytes);
exit:
mbedtls_mpi_free(&X);
mbedtls_mpi_free(&N);
mbedtls_mpi_free(&res);
}
/* END_CASE */

26
tests/suites/test_suite_entropy.function
View File

@ -167,6 +167,8 @@ void entropy_seed_file(char *path, int ret)
{
mbedtls_entropy_context ctx;
MD_PSA_INIT();
mbedtls_entropy_init(&ctx);
TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, path) == ret);
@ -174,6 +176,7 @@ void entropy_seed_file(char *path, int ret)
exit:
mbedtls_entropy_free(&ctx);
MD_PSA_DONE();
}
/* END_CASE */
@ -182,6 +185,8 @@ void entropy_write_base_seed_file(int ret)
{
mbedtls_entropy_context ctx;
MD_PSA_INIT();
mbedtls_entropy_init(&ctx);
TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE) == ret);
@ -189,6 +194,7 @@ void entropy_write_base_seed_file(int ret)
exit:
mbedtls_entropy_free(&ctx);
MD_PSA_DONE();
}
/* END_CASE */
@ -243,6 +249,8 @@ void entropy_func_len(int len, int ret)
unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE + 10] = { 0 };
size_t i, j;
MD_PSA_INIT();
mbedtls_entropy_init(&ctx);
/*
@ -267,6 +275,7 @@ void entropy_func_len(int len, int ret)
exit:
mbedtls_entropy_free(&ctx);
MD_PSA_DONE();
}
/* END_CASE */
@ -277,6 +286,8 @@ void entropy_source_fail(char *path)
unsigned char buf[16];
entropy_dummy_context dummy = { DUMMY_FAIL, 0, 0 };
MD_PSA_INIT();
mbedtls_entropy_init(&ctx);
TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source,
@ -299,6 +310,7 @@ void entropy_source_fail(char *path)
exit:
mbedtls_entropy_free(&ctx);
MD_PSA_DONE();
}
/* END_CASE */
@ -312,6 +324,8 @@ void entropy_threshold(int threshold, int chunk_size, int result)
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
int ret;
MD_PSA_INIT();
mbedtls_entropy_init(&ctx);
entropy_clear_sources(&ctx);
@ -340,6 +354,7 @@ void entropy_threshold(int threshold, int chunk_size, int result)
exit:
mbedtls_entropy_free(&ctx);
MD_PSA_DONE();
}
/* END_CASE */
@ -359,6 +374,8 @@ void entropy_calls(int strength1, int strength2,
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
int ret;
MD_PSA_INIT();
mbedtls_entropy_init(&ctx);
entropy_clear_sources(&ctx);
@ -385,6 +402,7 @@ void entropy_calls(int strength1, int strength2,
exit:
mbedtls_entropy_free(&ctx);
MD_PSA_DONE();
}
/* END_CASE */
@ -455,6 +473,8 @@ void entropy_nv_seed(data_t *read_seed)
unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
unsigned char check_entropy[MBEDTLS_ENTROPY_BLOCK_SIZE];
MD_PSA_INIT();
memset(entropy, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
memset(empty, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
@ -523,12 +543,18 @@ exit:
mbedtls_entropy_free(&ctx);
mbedtls_nv_seed_read = original_mbedtls_nv_seed_read;
mbedtls_nv_seed_write = original_mbedtls_nv_seed_write;
MD_PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG:MBEDTLS_SELF_TEST */
void entropy_selftest(int result)
{
MD_PSA_INIT();
TEST_ASSERT(mbedtls_entropy_self_test(1) == result);
exit:
MD_PSA_DONE();
}
/* END_CASE */

42
tests/suites/test_suite_hkdf.data
View File

@ -14,85 +14,85 @@ HKDF expand fails with okm_len / hash_len > 255
test_hkdf_expand_ret:32:32:8192:MBEDTLS_ERR_HKDF_BAD_INPUT_DATA
HKDF RFC5869 Test Vector #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_CAN_SHA256
test_hkdf:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
HKDF RFC5869 Test Vector #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_CAN_SHA256
test_hkdf:MBEDTLS_MD_SHA256:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"
HKDF RFC5869 Test Vector #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_CAN_SHA256
test_hkdf:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8"
HKDF RFC5869 Test Vector #4
depends_on:MBEDTLS_SHA1_C
depends_on:MBEDTLS_MD_CAN_SHA1
test_hkdf:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896"
HKDF RFC5869 Test Vector #5
depends_on:MBEDTLS_SHA1_C
depends_on:MBEDTLS_MD_CAN_SHA1
test_hkdf:MBEDTLS_MD_SHA1:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4"
HKDF RFC5869 Test Vector #6
depends_on:MBEDTLS_SHA1_C
depends_on:MBEDTLS_MD_CAN_SHA1
test_hkdf:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918"
HKDF RFC5869 Test Vector #7
depends_on:MBEDTLS_SHA1_C
depends_on:MBEDTLS_MD_CAN_SHA1
test_hkdf:MBEDTLS_MD_SHA1:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48"
HKDF RFC5869 Test Vector #1 Extract
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_CAN_SHA256
test_hkdf_extract:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5"
HKDF RFC5869 Test Vector #2 Extract
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_CAN_SHA256
test_hkdf_extract:MBEDTLS_MD_SHA256:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244"
HKDF RFC5869 Test Vector #3 Extract
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_CAN_SHA256
test_hkdf_extract:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04"
HKDF RFC5869 Test Vector #4 Extract
depends_on:MBEDTLS_SHA1_C
depends_on:MBEDTLS_MD_CAN_SHA1
test_hkdf_extract:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243"
HKDF RFC5869 Test Vector #5 Extract
depends_on:MBEDTLS_SHA1_C
depends_on:MBEDTLS_MD_CAN_SHA1
test_hkdf_extract:MBEDTLS_MD_SHA1:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"8adae09a2a307059478d309b26c4115a224cfaf6"
HKDF RFC5869 Test Vector #6 Extract
depends_on:MBEDTLS_SHA1_C
depends_on:MBEDTLS_MD_CAN_SHA1
test_hkdf_extract:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01"
HKDF RFC5869 Test Vector #7 Extract
depends_on:MBEDTLS_SHA1_C
depends_on:MBEDTLS_MD_CAN_SHA1
test_hkdf_extract:MBEDTLS_MD_SHA1:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"2adccada18779e7c2077ad2eb19d3f3e731385dd"
HKDF RFC5869 Test Vector #1 Expand
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_CAN_SHA256
test_hkdf_expand:MBEDTLS_MD_SHA256:"f0f1f2f3f4f5f6f7f8f9":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
HKDF RFC5869 Test Vector #2 Expand
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_CAN_SHA256
test_hkdf_expand:MBEDTLS_MD_SHA256:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"
HKDF RFC5869 Test Vector #3 Expand
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_CAN_SHA256
test_hkdf_expand:MBEDTLS_MD_SHA256:"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8"
HKDF RFC5869 Test Vector #4 Expand
depends_on:MBEDTLS_SHA1_C
depends_on:MBEDTLS_MD_CAN_SHA1
test_hkdf_expand:MBEDTLS_MD_SHA1:"f0f1f2f3f4f5f6f7f8f9":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896"
HKDF RFC5869 Test Vector #5 Expand
depends_on:MBEDTLS_SHA1_C
depends_on:MBEDTLS_MD_CAN_SHA1
test_hkdf_expand:MBEDTLS_MD_SHA1:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"8adae09a2a307059478d309b26c4115a224cfaf6":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4"
HKDF RFC5869 Test Vector #6 Expand
depends_on:MBEDTLS_SHA1_C
depends_on:MBEDTLS_MD_CAN_SHA1
test_hkdf_expand:MBEDTLS_MD_SHA1:"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918"
HKDF RFC5869 Test Vector #7 Expand
depends_on:MBEDTLS_SHA1_C
depends_on:MBEDTLS_MD_CAN_SHA1
test_hkdf_expand:MBEDTLS_MD_SHA1:"":"2adccada18779e7c2077ad2eb19d3f3e731385dd":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48"

11
tests/suites/test_suite_hkdf.function
View File

@ -15,6 +15,8 @@ void test_hkdf(int md_alg, data_t *ikm, data_t *salt, data_t *info,
int ret;
unsigned char okm[128] = { '\0' };
MD_PSA_INIT();
const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg);
TEST_ASSERT(md != NULL);
@ -26,6 +28,9 @@ void test_hkdf(int md_alg, data_t *ikm, data_t *salt, data_t *info,
ASSERT_COMPARE(okm, expected_okm->len,
expected_okm->x, expected_okm->len);
exit:
MD_PSA_DONE();
}
/* END_CASE */
@ -39,6 +44,8 @@ void test_hkdf_extract(int md_alg,
unsigned char *output_prk = NULL;
size_t output_prk_len;
MD_PSA_INIT();
const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg);
TEST_ASSERT(md != NULL);
@ -53,6 +60,7 @@ void test_hkdf_extract(int md_alg,
exit:
mbedtls_free(output_prk);
MD_PSA_DONE();
}
/* END_CASE */
@ -66,6 +74,8 @@ void test_hkdf_expand(int md_alg,
int ret;
unsigned char *output_okm = NULL;
MD_PSA_INIT();
const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg);
TEST_ASSERT(md != NULL);
@ -82,6 +92,7 @@ void test_hkdf_expand(int md_alg,
exit:
mbedtls_free(output_okm);
MD_PSA_DONE();
}
/* END_CASE */

Some files were not shown because too many files have changed in this diff Show More