mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-29 11:41:15 +03:00
Merge branch 'development' into sha3
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
1
tests/.gitignore
vendored
1
tests/.gitignore
vendored
@ -18,6 +18,7 @@ include/alt-extra/psa/crypto_struct_alt.h
|
||||
include/test/instrument_record_status.h
|
||||
|
||||
src/*.o
|
||||
src/test_helpers/*.o
|
||||
src/drivers/*.o
|
||||
src/libmbed*
|
||||
|
||||
|
@ -237,7 +237,9 @@ function(add_test_suite suite_name)
|
||||
test_suite_${data_name}.datax
|
||||
)
|
||||
|
||||
add_executable(test_suite_${data_name} test_suite_${data_name}.c $<TARGET_OBJECTS:mbedtls_test>)
|
||||
add_executable(test_suite_${data_name} test_suite_${data_name}.c
|
||||
$<TARGET_OBJECTS:mbedtls_test>
|
||||
$<TARGET_OBJECTS:mbedtls_test_helpers>)
|
||||
add_dependencies(test_suite_${data_name} ${dependency})
|
||||
target_link_libraries(test_suite_${data_name} ${libs})
|
||||
# Include test-specific header files from ./include and private header
|
||||
|
@ -160,7 +160,7 @@ all: $(BINARIES)
|
||||
$(MBEDLIBS):
|
||||
$(MAKE) -C ../library
|
||||
|
||||
MBEDTLS_TEST_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c src/drivers/*.c))
|
||||
MBEDTLS_TEST_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c src/drivers/*.c src/test_helpers/*.c))
|
||||
|
||||
mbedtls_test: $(MBEDTLS_TEST_OBJS)
|
||||
|
||||
@ -181,6 +181,10 @@ src/drivers/%.o : src/drivers/%.c
|
||||
echo " CC $<"
|
||||
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
|
||||
|
||||
src/test_helpers/%.o : src/test_helpers/%.c
|
||||
echo " CC $<"
|
||||
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
|
||||
|
||||
C_FILES := $(addsuffix .c,$(APPS))
|
||||
c: $(C_FILES)
|
||||
|
||||
@ -217,7 +221,7 @@ $(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(TEST_OBJS_DEPS) $(MBEDTLS_TEST_OBJS)
|
||||
clean:
|
||||
ifndef WINDOWS
|
||||
rm -rf $(BINARIES) *.c *.datax
|
||||
rm -f src/*.o src/drivers/*.o src/libmbed*
|
||||
rm -f src/*.o src/drivers/*.o src/test_helpers/*.o src/libmbed*
|
||||
rm -f include/test/instrument_record_status.h
|
||||
rm -f include/alt-extra/*/*_alt.h
|
||||
rm -rf libtestdriver1
|
||||
@ -228,6 +232,7 @@ else
|
||||
if exist *.datax del /Q /F *.datax
|
||||
if exist src/*.o del /Q /F src/*.o
|
||||
if exist src/drivers/*.o del /Q /F src/drivers/*.o
|
||||
if exist src/test_helpers/*.o del /Q /F src/test_helpers/*.o
|
||||
if exist src/libmbed* del /Q /F src/libmed*
|
||||
if exist include/test/instrument_record_status.h del /Q /F include/test/instrument_record_status.h
|
||||
endif
|
||||
|
@ -337,6 +337,21 @@ server5-fan.crt: server5.key
|
||||
|
||||
server5-tricky-ip-san.crt: server5.key
|
||||
$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS Tricky IP SAN" -set_serial 77 -config $(test_ca_config_file) -extensions tricky_ip_san -days 3650 -sha256 -key server5.key -out $@
|
||||
|
||||
server5-directoryname.crt.der: server5.key
|
||||
$(OPENSSL) req -x509 -outform der -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS directoryName SAN" -set_serial 77 -config $(test_ca_config_file) -extensions directory_name_san -days 3650 -sha256 -key server5.key -out $@
|
||||
|
||||
server5-two-directorynames.crt.der: server5.key
|
||||
$(OPENSSL) req -x509 -outform der -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS directoryName SAN" -set_serial 77 -config $(test_ca_config_file) -extensions two_directorynames -days 3650 -sha256 -key server5.key -out $@
|
||||
|
||||
# directoryname sequence tag malformed
|
||||
server5-directoryname-seq-malformed.crt.der: server5-two-directorynames.crt.der
|
||||
hexdump -ve '1/1 "%.2X"' $< | sed "s/62A4473045310B/62A4473145310B/" | xxd -r -p > $@
|
||||
|
||||
# Second directoryname OID length malformed 03 -> 15
|
||||
server5-second-directoryname-oid-malformed.crt.der: server5-two-directorynames.crt.der
|
||||
hexdump -ve '1/1 "%.2X"' $< | sed "s/0355040A0C0A4D414C464F524D5F4D45/1555040A0C0A4D414C464F524D5F4D45/" | xxd -r -p > $@
|
||||
|
||||
all_final += server5-tricky-ip-san.crt
|
||||
|
||||
rsa_single_san_uri.crt.der: rsa_single_san_uri.key
|
||||
@ -920,6 +935,10 @@ ec_prv.pk8param.pem: ec_prv.pk8param.der
|
||||
$(OPENSSL) pkey -in $< -inform DER -out $@
|
||||
all_final += ec_prv.pk8param.pem
|
||||
|
||||
ec_pub.pem: ec_prv.sec1.der
|
||||
$(OPENSSL) pkey -in $< -inform DER -outform PEM -pubout -out $@
|
||||
all_final += ec_pub.pem
|
||||
|
||||
ec_prv.sec1.comp.pem: ec_prv.sec1.pem
|
||||
$(OPENSSL) ec -in $< -out $@ -conv_form compressed
|
||||
all_final += ec_prv.sec1.comp.pem
|
||||
@ -984,6 +1003,89 @@ ec_bp512_pub.comp.pem: ec_bp512_pub.pem
|
||||
$(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed
|
||||
all_final += ec_bp512_pub.comp.pem
|
||||
|
||||
ec_x25519_prv.der:
|
||||
$(OPENSSL) genpkey -algorithm X25519 -out $@ -outform DER
|
||||
all_final += ec_x25519_prv.der
|
||||
|
||||
ec_x25519_pub.der: ec_x25519_pub.der
|
||||
$(OPENSSL) pkey -in $< -inform DER -out $@ -outform DER
|
||||
all_final += ec_x25519_pub.der
|
||||
|
||||
ec_x25519_prv.pem: ec_x25519_prv.pem
|
||||
$(OPENSSL) pkey -in $< -inform DER -out $@
|
||||
all_final += ec_x25519_prv.pem
|
||||
|
||||
ec_x25519_pub.pem: ec_x25519_pub.pem
|
||||
$(OPENSSL) pkey -in $< -inform DER -out $@
|
||||
all_final += ec_x25519_pub.pem
|
||||
|
||||
ec_x448_prv.der:
|
||||
$(OPENSSL) genpkey -algorithm X448 -out $@ -outform DER
|
||||
all_final += ec_x448_prv.der
|
||||
|
||||
ec_x448_pub.der: ec_x448_pub.der
|
||||
$(OPENSSL) pkey -in $< -inform DER -out $@ -outform DER
|
||||
all_final += ec_x448_pub.der
|
||||
|
||||
ec_x448_prv.pem: ec_x448_prv.pem
|
||||
$(OPENSSL) pkey -in $< -inform DER -out $@
|
||||
all_final += ec_x448_prv.pem
|
||||
|
||||
ec_x448_pub.pem: ec_x448_pub.pem
|
||||
$(OPENSSL) pkey -in $< -inform DER -out $@
|
||||
all_final += ec_x448_pub.pem
|
||||
|
||||
################################################################
|
||||
#### Convert PEM keys to DER format
|
||||
################################################################
|
||||
server1.pubkey.der: server1.pubkey
|
||||
$(OPENSSL) pkey -pubin -in $< -out $@ -outform DER
|
||||
all_final += server1.pubkey.der
|
||||
|
||||
rsa4096_pub.der: rsa4096_pub.pem
|
||||
$(OPENSSL) pkey -pubin -in $< -out $@ -outform DER
|
||||
all_final += rsa4096_pub.der
|
||||
|
||||
ec_pub.der: ec_pub.pem
|
||||
$(OPENSSL) pkey -pubin -in $< -out $@ -outform DER
|
||||
all_final += ec_pub.der
|
||||
|
||||
ec_521_pub.der: ec_521_pub.pem
|
||||
$(OPENSSL) pkey -pubin -in $< -out $@ -outform DER
|
||||
all_final += ec_521_pub.der
|
||||
|
||||
ec_bp512_pub.der: ec_bp512_pub.pem
|
||||
$(OPENSSL) pkey -pubin -in $< -out $@ -outform DER
|
||||
all_final += ec_bp512_pub.der
|
||||
|
||||
server1.key.der: server1.key
|
||||
$(OPENSSL) pkey -in $< -out $@ -outform DER
|
||||
all_final += server1.key.der
|
||||
|
||||
rsa4096_prv.der: rsa4096_prv.pem
|
||||
$(OPENSSL) pkey -in $< -out $@ -outform DER
|
||||
all_final += rsa4096_prv.der
|
||||
|
||||
ec_prv.sec1.der: ec_prv.sec1.pem
|
||||
$(OPENSSL) pkey -in $< -out $@ -outform DER
|
||||
all_final += ec_prv.sec1.der
|
||||
|
||||
ec_256_long_prv.der: ec_256_long_prv.pem
|
||||
$(OPENSSL) pkey -in $< -out $@ -outform DER
|
||||
all_final += ec_256_long_prv.der
|
||||
|
||||
ec_521_prv.der: ec_521_prv.pem
|
||||
$(OPENSSL) pkey -in $< -out $@ -outform DER
|
||||
all_final += ec_521_prv.der
|
||||
|
||||
ec_521_short_prv.der: ec_521_short_prv.pem
|
||||
$(OPENSSL) pkey -in $< -out $@ -outform DER
|
||||
all_final += ec_521_short_prv.der
|
||||
|
||||
ec_bp512_prv.der: ec_bp512_prv.pem
|
||||
$(OPENSSL) pkey -in $< -out $@ -outform DER
|
||||
all_final += ec_bp512_prv.der
|
||||
|
||||
################################################################
|
||||
### Generate CSRs for X.509 write test suite
|
||||
################################################################
|
||||
@ -1006,7 +1108,7 @@ all_final += server1.req.sha256
|
||||
|
||||
server1.req.sha256.ext: server1.key
|
||||
# Generating this with OpenSSL as a comparison point to test we're getting the same result
|
||||
openssl req -new -out $@ -key $< -subj '/C=NL/O=PolarSSL/CN=PolarSSL Server 1' -sha256 -addext "extendedKeyUsage=serverAuth"
|
||||
openssl req -new -out $@ -key $< -subj '/C=NL/O=PolarSSL/CN=PolarSSL Server 1' -sha256 -addext "extendedKeyUsage=serverAuth" -addext "subjectAltName=URI:http://pki.example.com/,IP:127.1.1.0,DNS:example.com"
|
||||
all_final += server1.req.sha256.ext
|
||||
|
||||
server1.req.sha384: server1.key
|
||||
@ -1306,6 +1408,11 @@ pkcs7-rsa-expired.crt:
|
||||
$(FAKETIME) -f -3650d $(OPENSSL) req -x509 -subj="/C=NL/O=PKCS7/CN=PKCS7 Cert Expired" -sha256 -nodes -days 365 -newkey rsa:2048 -keyout pkcs7-rsa-expired.key -out pkcs7-rsa-expired.crt
|
||||
all_final += pkcs7-rsa-expired.crt
|
||||
|
||||
# File with an otherwise valid signature signed with an expired cert
|
||||
pkcs7_data_rsa_expired.der: pkcs7-rsa-expired.key pkcs7-rsa-expired.crt pkcs7_data.bin
|
||||
$(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -inkey pkcs7-rsa-expired.key -signer pkcs7-rsa-expired.crt -noattr -outform DER -out $@
|
||||
all_final += pkcs7_data_rsa_expired.der
|
||||
|
||||
# Convert signing certs to DER for testing PEM-free builds
|
||||
pkcs7-rsa-sha256-1.der: $(pkcs7_test_cert_1)
|
||||
$(OPENSSL) x509 -in pkcs7-rsa-sha256-1.crt -out $@ -outform DER
|
||||
@ -1315,6 +1422,10 @@ pkcs7-rsa-sha256-2.der: $(pkcs7_test_cert_2)
|
||||
$(OPENSSL) x509 -in pkcs7-rsa-sha256-2.crt -out $@ -outform DER
|
||||
all_final += pkcs7-rsa-sha256-2.der
|
||||
|
||||
pkcs7-rsa-expired.der: pkcs7-rsa-expired.crt
|
||||
$(OPENSSL) x509 -in pkcs7-rsa-expired.crt -out $@ -outform DER
|
||||
all_final += pkcs7-rsa-expired.der
|
||||
|
||||
# pkcs7 signature file over zero-len data
|
||||
pkcs7_zerolendata_detached.der: pkcs7_zerolendata.bin pkcs7-rsa-sha256-1.key pkcs7-rsa-sha256-1.crt
|
||||
$(OPENSSL) smime -sign -md sha256 -nocerts -noattr -in pkcs7_zerolendata.bin -inkey pkcs7-rsa-sha256-1.key -outform DER -binary -signer pkcs7-rsa-sha256-1.crt -out pkcs7_zerolendata_detached.der
|
||||
@ -1384,6 +1495,38 @@ pkcs7_signerInfo_2_invalid_tag.der: pkcs7_data_3_signed.der
|
||||
echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=810 conv=notrunc
|
||||
all_final += pkcs7_signerInfo_2_invalid_tag.der
|
||||
|
||||
# pkcs7 signature file with corrupted signer info[1]
|
||||
pkcs7_data_signed_badsigner1_badsize.der: pkcs7_data_3_signed.der
|
||||
cp pkcs7_data_3_signed.der $@
|
||||
echo '72' | xxd -p -r | dd of=$@ bs=1 seek=438 conv=notrunc
|
||||
all_final += pkcs7_data_signed_badsigner1_badsize.der
|
||||
|
||||
pkcs7_data_signed_badsigner1_badtag.der: pkcs7_data_3_signed.der
|
||||
cp pkcs7_data_3_signed.der $@
|
||||
echo 'a1' | xxd -p -r | dd of=$@ bs=1 seek=442 conv=notrunc
|
||||
all_final += pkcs7_data_signed_badsigner1_badtag.der
|
||||
|
||||
pkcs7_data_signed_badsigner1_fuzzbad.der: pkcs7_data_3_signed.der
|
||||
cp pkcs7_data_3_signed.der $@
|
||||
echo 'a1' | xxd -p -r | dd of=$@ bs=1 seek=550 conv=notrunc
|
||||
all_final += pkcs7_data_signed_badsigner1_fuzzbad.der
|
||||
|
||||
# pkcs7 signature file with corrupted signer info[2]
|
||||
pkcs7_data_signed_badsigner2_badsize.der: pkcs7_data_3_signed.der
|
||||
cp pkcs7_data_3_signed.der $@
|
||||
echo '72'| xxd -p -r | dd of=$@ bs=1 seek=813 conv=notrunc
|
||||
all_final += pkcs7_data_signed_badsigner2_badsize
|
||||
|
||||
pkcs7_data_signed_badsigner2_badtag.der: pkcs7_data_3_signed.der
|
||||
cp pkcs7_data_3_signed.der $@
|
||||
echo 'a1'| xxd -p -r | dd of=$@ bs=1 seek=817 conv=notrunc
|
||||
all_final += pkcs7_data_signed_badsigner2_badtag
|
||||
|
||||
pkcs7_data_signed_badsigner2_fuzzbad.der: pkcs7_data_3_signed.der
|
||||
cp pkcs7_data_3_signed.der $@
|
||||
echo 'a1'| xxd -p -r | dd of=$@ bs=1 seek=925 conv=notrunc
|
||||
all_final += pkcs7_data_signed_badsigner2_fuzzbad
|
||||
|
||||
# pkcs7 file with version 2
|
||||
pkcs7_data_cert_signed_v2.der: pkcs7_data_cert_signed_sha256.der
|
||||
cp pkcs7_data_cert_signed_sha256.der $@
|
||||
|
BIN
tests/data_files/ec_256_long_prv.der
Normal file
BIN
tests/data_files/ec_256_long_prv.der
Normal file
Binary file not shown.
BIN
tests/data_files/ec_521_prv.der
Normal file
BIN
tests/data_files/ec_521_prv.der
Normal file
Binary file not shown.
BIN
tests/data_files/ec_521_pub.der
Normal file
BIN
tests/data_files/ec_521_pub.der
Normal file
Binary file not shown.
BIN
tests/data_files/ec_521_short_prv.der
Normal file
BIN
tests/data_files/ec_521_short_prv.der
Normal file
Binary file not shown.
BIN
tests/data_files/ec_bp512_prv.der
Normal file
BIN
tests/data_files/ec_bp512_prv.der
Normal file
Binary file not shown.
BIN
tests/data_files/ec_bp512_pub.der
Normal file
BIN
tests/data_files/ec_bp512_pub.der
Normal file
Binary file not shown.
@ -1,4 +1,4 @@
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MDEwEwYHKoZIzj0CAQYIKoZIzj0DAQEDGgACvHl9s65/COw9SWtPtBGz9iClWKUB
|
||||
4CIt
|
||||
MDEwEwYHKoZIzj0CAQYIKoZIzj0DAQEDGgADUXW83zCjcPOdU5PmEnKI2AFntfS0
|
||||
t3bG
|
||||
-----END PUBLIC KEY-----
|
||||
|
Binary file not shown.
@ -1,4 +1,4 @@
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEvHl9s65/COw9SWtPtBGz9iClWKUB
|
||||
4CItCM/g3Irsixp78kvpKVHMW6G+uyR0kJrg
|
||||
MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEUXW83zCjcPOdU5PmEnKI2AFntfS0
|
||||
t3bGdPfG81S30iQGLB9oVLWnrw/leOryWPAn
|
||||
-----END PUBLIC KEY-----
|
||||
|
BIN
tests/data_files/ec_x25519_prv.der
Normal file
BIN
tests/data_files/ec_x25519_prv.der
Normal file
Binary file not shown.
3
tests/data_files/ec_x25519_prv.pem
Normal file
3
tests/data_files/ec_x25519_prv.pem
Normal file
@ -0,0 +1,3 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MC4CAQAwBQYDK2VuBCIEILBtgpZVVDpRy6NuU1IrwKz9YK9ZRmVV+z4eeWhyqxpZ
|
||||
-----END PRIVATE KEY-----
|
BIN
tests/data_files/ec_x25519_pub.der
Normal file
BIN
tests/data_files/ec_x25519_pub.der
Normal file
Binary file not shown.
3
tests/data_files/ec_x25519_pub.pem
Normal file
3
tests/data_files/ec_x25519_pub.pem
Normal file
@ -0,0 +1,3 @@
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MCowBQYDK2VuAyEAm8Ow6T2CM/5qi6YTiUjMEqkTYtXC7YFYTbBatUGcnRE=
|
||||
-----END PUBLIC KEY-----
|
BIN
tests/data_files/ec_x448_prv.der
Normal file
BIN
tests/data_files/ec_x448_prv.der
Normal file
Binary file not shown.
4
tests/data_files/ec_x448_prv.pem
Normal file
4
tests/data_files/ec_x448_prv.pem
Normal file
@ -0,0 +1,4 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MEYCAQAwBQYDK2VvBDoEOGTpCDYD9atLDMYwDnjdwUTkjO4ZMB/uacXKw+4iUiED
|
||||
oe50tXsIxi5REqWe2YOoL7eD7npOGRPt
|
||||
-----END PRIVATE KEY-----
|
BIN
tests/data_files/ec_x448_pub.der
Normal file
BIN
tests/data_files/ec_x448_pub.der
Normal file
Binary file not shown.
4
tests/data_files/ec_x448_pub.pem
Normal file
4
tests/data_files/ec_x448_pub.pem
Normal file
@ -0,0 +1,4 @@
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MEIwBQYDK2VvAzkAlrVhn5KDNBt3nL38B9mqGKqrPwnah3ynJgaWQ5IcLzv6zZT+
|
||||
TIjhGQ1NFGWwgtOV8UqU2tO4pYQ=
|
||||
-----END PUBLIC KEY-----
|
BIN
tests/data_files/pkcs7-rsa-expired.der
Normal file
BIN
tests/data_files/pkcs7-rsa-expired.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_no_signers.der
Normal file
BIN
tests/data_files/pkcs7_data_no_signers.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_rsa_expired.der
Normal file
BIN
tests/data_files/pkcs7_data_rsa_expired.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_signed_badsigner1_badsize.der
Normal file
BIN
tests/data_files/pkcs7_data_signed_badsigner1_badsize.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_signed_badsigner1_badtag.der
Normal file
BIN
tests/data_files/pkcs7_data_signed_badsigner1_badtag.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_signed_badsigner1_fuzzbad.der
Normal file
BIN
tests/data_files/pkcs7_data_signed_badsigner1_fuzzbad.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_signed_badsigner2_badsize.der
Normal file
BIN
tests/data_files/pkcs7_data_signed_badsigner2_badsize.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_signed_badsigner2_badtag.der
Normal file
BIN
tests/data_files/pkcs7_data_signed_badsigner2_badtag.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_signed_badsigner2_fuzzbad.der
Normal file
BIN
tests/data_files/pkcs7_data_signed_badsigner2_fuzzbad.der
Normal file
Binary file not shown.
BIN
tests/data_files/rsa4096_prv.der
Normal file
BIN
tests/data_files/rsa4096_prv.der
Normal file
Binary file not shown.
BIN
tests/data_files/rsa4096_pub.der
Normal file
BIN
tests/data_files/rsa4096_pub.der
Normal file
Binary file not shown.
BIN
tests/data_files/server1.key.der
Normal file
BIN
tests/data_files/server1.key.der
Normal file
Binary file not shown.
BIN
tests/data_files/server1.pubkey.der
Normal file
BIN
tests/data_files/server1.pubkey.der
Normal file
Binary file not shown.
@ -1,17 +1,18 @@
|
||||
-----BEGIN CERTIFICATE REQUEST-----
|
||||
MIICpzCCAY8CAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
|
||||
MIIC3jCCAcYCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
|
||||
GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
||||
ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
|
||||
ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
|
||||
HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
|
||||
W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
|
||||
FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
|
||||
DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAmMCQGCSqGSIb3DQEJDjEX
|
||||
MBUwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggEBAHi0yEGu
|
||||
Fh5tuLiLuT95UrRnly55+lTY9xchFiKtlcoEdSheybYxqk3JHuSSqojOFKZBlRdk
|
||||
oG6Azg56/aMHPWyvtCMSRQX4b+FgjeQsm9IfhYNMquQOxyPxm62vjuU3MfZIofXH
|
||||
hKdI6Ci2CDF4Fyvw50KBWniV38eE9+kjsvDLdXD3ESZJGhjjuFl8ReUiA2wdBTcP
|
||||
XEZaXUIc6B4tUnlPeqn/2zp4GBqqWzNZx6TXBpApASGG3BEJnM52FVPC7E9p+8YZ
|
||||
qIGuiF5Cz/rYZkpwffBWIfS2zZakHLm5TB8FgZkWlyReJU9Ihk2Tl/sZ1kllFdYa
|
||||
xLPnLCL82KFL1Co=
|
||||
DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaBdMFsGCSqGSIb3DQEJDjFO
|
||||
MEwwEwYDVR0lBAwwCgYIKwYBBQUHAwEwNQYDVR0RBC4wLIYXaHR0cDovL3BraS5l
|
||||
eGFtcGxlLmNvbS+HBH8BAQCCC2V4YW1wbGUuY29tMA0GCSqGSIb3DQEBCwUAA4IB
|
||||
AQCGmTIXEUvTqwChkzRtxPIQDDchrMnCXgUrTSxre5nvUOpjVlcIIPGWAwxRovfe
|
||||
pW6OaGZ/3xD0dRAcOW08sTD6GRUazFrubPA1eZiNC7vYdWV59qm84N5yRR/s8Hm+
|
||||
okwI47m7W9C0pfaNXchgFUQBn16TrZxPXklbCpBJ/TFV+1ODY0sJPHYiCFpYI+Jz
|
||||
YuJmadP2BHucl8wv2RyVHywOmV1sDc74i9igVrBCAh8wu+kqImMtrnkGZDxrnj/L
|
||||
5P1eDfdqG2cN+s40RnMQMosh3UfqpNV/bTgAqBPP2uluT9L1KpWcjZeuvisOgVTq
|
||||
XwFI5s34fen2DUVw6MWNfbDK
|
||||
-----END CERTIFICATE REQUEST-----
|
||||
|
BIN
tests/data_files/server5-directoryname-seq-malformed.crt.der
Normal file
BIN
tests/data_files/server5-directoryname-seq-malformed.crt.der
Normal file
Binary file not shown.
BIN
tests/data_files/server5-directoryname.crt.der
Normal file
BIN
tests/data_files/server5-directoryname.crt.der
Normal file
Binary file not shown.
Binary file not shown.
BIN
tests/data_files/server5-two-directorynames.crt.der
Normal file
BIN
tests/data_files/server5-two-directorynames.crt.der
Normal file
Binary file not shown.
@ -99,3 +99,17 @@ nsCertType=server
|
||||
keyUsage = cRLSign
|
||||
subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:nonprintable_hw_module_name
|
||||
nsCertType=client
|
||||
|
||||
[directory_name_san]
|
||||
subjectAltName=dirName:dirname_sect
|
||||
|
||||
[bad_second_directory_name_san]
|
||||
subjectAltName=dirName:dirname_sect, dirName:dirname_sect_bad
|
||||
|
||||
[dirname_sect]
|
||||
C=UK
|
||||
O=Mbed TLS
|
||||
CN=Mbed TLS directoryName SAN
|
||||
|
||||
[two_directorynames]
|
||||
O=MALFORM_ME
|
||||
|
38
tests/include/test/arguments.h
Normal file
38
tests/include/test/arguments.h
Normal file
@ -0,0 +1,38 @@
|
||||
/**
|
||||
* \file arguments.h
|
||||
*
|
||||
* \brief Manipulation of test arguments.
|
||||
*
|
||||
* Much of the code is in host_test.function, to be migrated here later.
|
||||
*/
|
||||
|
||||
/*
|
||||
* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef TEST_ARGUMENTS_H
|
||||
#define TEST_ARGUMENTS_H
|
||||
|
||||
#include "mbedtls/build_info.h"
|
||||
#include <stdint.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
typedef union {
|
||||
size_t len;
|
||||
intmax_t sint;
|
||||
} mbedtls_test_argument_t;
|
||||
|
||||
#endif /* TEST_ARGUMENTS_H */
|
@ -39,6 +39,7 @@
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
|
||||
#define MBEDTLS_CTR_DRBG_C
|
||||
#define MBEDTLS_ENTROPY_C
|
||||
#define MBEDTLS_ENTROPY_FORCE_SHA256
|
||||
|
||||
/*
|
||||
* Configuration options that may need to be additionally enabled for the
|
||||
|
@ -158,6 +158,14 @@
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_JPAKE)
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE)
|
||||
#undef MBEDTLS_PSA_ACCEL_ALG_JPAKE
|
||||
#else
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_JPAKE 1
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_AES)
|
||||
#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
|
||||
#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_AES
|
||||
@ -206,6 +214,30 @@
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_TLS12_PRF)
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
|
||||
#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF
|
||||
#else
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF 1
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
|
||||
#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS
|
||||
#else
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS 1
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS)
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS)
|
||||
#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS
|
||||
#else
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS 1
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_CCM 1
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_CMAC 1
|
||||
@ -218,11 +250,10 @@
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP 1
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT 1
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER 1
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF 1
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS 1
|
||||
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) && \
|
||||
defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) && \
|
||||
defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE)
|
||||
#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 1
|
||||
#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 1
|
||||
#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 1
|
||||
@ -237,7 +268,6 @@
|
||||
#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 1
|
||||
#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 1
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE 1
|
||||
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC 1
|
||||
|
87
tests/include/test/drivers/pake.h
Normal file
87
tests/include/test/drivers/pake.h
Normal file
@ -0,0 +1,87 @@
|
||||
/*
|
||||
* Test driver for PAKE driver entry points.
|
||||
*/
|
||||
/* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PSA_CRYPTO_TEST_DRIVERS_PAKE_H
|
||||
#define PSA_CRYPTO_TEST_DRIVERS_PAKE_H
|
||||
|
||||
#include "mbedtls/build_info.h"
|
||||
|
||||
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#include <psa/crypto_driver_common.h>
|
||||
|
||||
typedef struct {
|
||||
/* If not PSA_SUCCESS, return this error code instead of processing the
|
||||
* function call. */
|
||||
psa_status_t forced_status;
|
||||
/* PAKE driver setup is executed on the first call to
|
||||
pake_output/pake_input (added to distinguish forced statuses). */
|
||||
psa_status_t forced_setup_status;
|
||||
/* Count the amount of times PAKE driver functions are called. */
|
||||
struct {
|
||||
unsigned long total;
|
||||
unsigned long setup;
|
||||
unsigned long input;
|
||||
unsigned long output;
|
||||
unsigned long implicit_key;
|
||||
unsigned long abort;
|
||||
} hits;
|
||||
/* Status returned by the last PAKE driver function call. */
|
||||
psa_status_t driver_status;
|
||||
/* Output returned by pake_output */
|
||||
void *forced_output;
|
||||
size_t forced_output_length;
|
||||
} mbedtls_test_driver_pake_hooks_t;
|
||||
|
||||
#define MBEDTLS_TEST_DRIVER_PAKE_INIT { PSA_SUCCESS, PSA_SUCCESS, { 0, 0, 0, 0, 0, 0 }, PSA_SUCCESS, \
|
||||
NULL, 0 }
|
||||
static inline mbedtls_test_driver_pake_hooks_t
|
||||
mbedtls_test_driver_pake_hooks_init(void)
|
||||
{
|
||||
const mbedtls_test_driver_pake_hooks_t v = MBEDTLS_TEST_DRIVER_PAKE_INIT;
|
||||
return v;
|
||||
}
|
||||
|
||||
extern mbedtls_test_driver_pake_hooks_t mbedtls_test_driver_pake_hooks;
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_setup(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
const psa_crypto_driver_pake_inputs_t *inputs);
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_output(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
psa_crypto_driver_pake_step_t step,
|
||||
uint8_t *output,
|
||||
size_t output_size,
|
||||
size_t *output_length);
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_input(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
psa_crypto_driver_pake_step_t step,
|
||||
const uint8_t *input,
|
||||
size_t input_length);
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_get_implicit_key(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
uint8_t *output, size_t output_size, size_t *output_length);
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_abort(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation);
|
||||
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
#endif /* PSA_CRYPTO_TEST_DRIVERS_PAKE_H */
|
@ -38,6 +38,7 @@
|
||||
#include "test/drivers/signature.h"
|
||||
#include "test/drivers/asymmetric_encryption.h"
|
||||
#include "test/drivers/key_agreement.h"
|
||||
#include "test/drivers/pake.h"
|
||||
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
#endif /* PSA_CRYPTO_TEST_DRIVER_H */
|
||||
|
@ -253,27 +253,4 @@
|
||||
*/
|
||||
#define MAX(x, y) ((x) > (y) ? (x) : (y))
|
||||
|
||||
/*
|
||||
* 32-bit integer manipulation macros (big endian)
|
||||
*/
|
||||
#ifndef GET_UINT32_BE
|
||||
#define GET_UINT32_BE(n, b, i) \
|
||||
{ \
|
||||
(n) = ((uint32_t) (b)[(i)] << 24) \
|
||||
| ((uint32_t) (b)[(i) + 1] << 16) \
|
||||
| ((uint32_t) (b)[(i) + 2] << 8) \
|
||||
| ((uint32_t) (b)[(i) + 3]); \
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef PUT_UINT32_BE
|
||||
#define PUT_UINT32_BE(n, b, i) \
|
||||
{ \
|
||||
(b)[(i)] = (unsigned char) ((n) >> 24); \
|
||||
(b)[(i) + 1] = (unsigned char) ((n) >> 16); \
|
||||
(b)[(i) + 2] = (unsigned char) ((n) >> 8); \
|
||||
(b)[(i) + 3] = (unsigned char) ((n)); \
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* TEST_MACROS_H */
|
||||
|
@ -24,15 +24,47 @@
|
||||
#include "test/helpers.h"
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||
|
||||
#include "test/psa_helpers.h"
|
||||
|
||||
#include <psa/crypto.h>
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#include "mbedtls/psa_util.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_MD_LIGHT)
|
||||
#include "mbedtls/md.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||
/** Initialize the PSA Crypto subsystem. */
|
||||
#define PSA_INIT() PSA_ASSERT(psa_crypto_init())
|
||||
|
||||
/** Shut down the PSA Crypto subsystem and destroy persistent keys.
|
||||
* Expect a clean shutdown, with no slots in use.
|
||||
*
|
||||
* If some key slots are still in use, record the test case as failed,
|
||||
* but continue executing. This macro is suitable (and primarily intended)
|
||||
* for use in the cleanup section of test functions.
|
||||
*
|
||||
* \note Persistent keys must be recorded with #TEST_USES_KEY_ID before
|
||||
* creating them.
|
||||
*/
|
||||
#define PSA_DONE() \
|
||||
do \
|
||||
{ \
|
||||
mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__); \
|
||||
mbedtls_test_psa_purge_key_storage(); \
|
||||
mbedtls_psa_crypto_free(); \
|
||||
} \
|
||||
while (0)
|
||||
#else /*MBEDTLS_PSA_CRYPTO_C */
|
||||
#define PSA_INIT() ((void) 0)
|
||||
#define PSA_DONE() ((void) 0)
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
|
||||
|
||||
/* Internal function for #TEST_USES_KEY_ID. Return 1 on success, 0 on failure. */
|
||||
@ -86,8 +118,6 @@ void mbedtls_test_psa_purge_key_cache(void);
|
||||
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
|
||||
|
||||
#define PSA_INIT() PSA_ASSERT(psa_crypto_init())
|
||||
|
||||
/** Check for things that have not been cleaned up properly in the
|
||||
* PSA subsystem.
|
||||
*
|
||||
@ -104,30 +134,11 @@ const char *mbedtls_test_helper_is_psa_leaking(void);
|
||||
* `TEST_ASSERT( ! mbedtls_test_helper_is_psa_leaking( ) )`
|
||||
* but with a more informative message.
|
||||
*/
|
||||
#define ASSERT_PSA_PRISTINE() \
|
||||
#define ASSERT_PSA_PRISTINE() \
|
||||
do \
|
||||
{ \
|
||||
if (test_fail_if_psa_leaking(__LINE__, __FILE__)) \
|
||||
goto exit; \
|
||||
} \
|
||||
while (0)
|
||||
|
||||
/** Shut down the PSA Crypto subsystem and destroy persistent keys.
|
||||
* Expect a clean shutdown, with no slots in use.
|
||||
*
|
||||
* If some key slots are still in use, record the test case as failed,
|
||||
* but continue executing. This macro is suitable (and primarily intended)
|
||||
* for use in the cleanup section of test functions.
|
||||
*
|
||||
* \note Persistent keys must be recorded with #TEST_USES_KEY_ID before
|
||||
* creating them.
|
||||
*/
|
||||
#define PSA_DONE() \
|
||||
do \
|
||||
{ \
|
||||
test_fail_if_psa_leaking(__LINE__, __FILE__); \
|
||||
mbedtls_test_psa_purge_key_storage(); \
|
||||
mbedtls_psa_crypto_free(); \
|
||||
if (mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__)) \
|
||||
goto exit; \
|
||||
} \
|
||||
while (0)
|
||||
|
||||
@ -193,6 +204,14 @@ psa_status_t mbedtls_test_record_status(psa_status_t status,
|
||||
*/
|
||||
psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags);
|
||||
|
||||
/** Check that no PSA Crypto key slots are in use.
|
||||
*
|
||||
* If any slots are in use, mark the current test as failed.
|
||||
*
|
||||
* \return 0 if the key store is empty, 1 otherwise.
|
||||
*/
|
||||
int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename);
|
||||
|
||||
/** Skip a test case if the given key is a 192 bits AES key and the AES
|
||||
* implementation is at least partially provided by an accelerator or
|
||||
* alternative implementation.
|
||||
@ -277,30 +296,24 @@ psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags)
|
||||
} \
|
||||
while (0)
|
||||
|
||||
#if !defined(MBEDTLS_MD_C)
|
||||
#define PSA_INIT_IF_NO_MD() PSA_INIT()
|
||||
#define PSA_DONE_IF_NO_MD() PSA_DONE()
|
||||
#endif
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
#define PSA_INIT_IF_NO_MD() ((void) 0)
|
||||
#define PSA_DONE_IF_NO_MD() ((void) 0)
|
||||
#endif
|
||||
/** \def USE_PSA_INIT
|
||||
*
|
||||
* Call this macro to initialize the PSA subsystem if #MBEDTLS_USE_PSA_CRYPTO
|
||||
* or #MBEDTLS_SSL_PROTO_TLS1_3 (In contrast to TLS 1.2 implementation, the
|
||||
* TLS 1.3 one uses PSA independently of the definition of
|
||||
* #MBEDTLS_USE_PSA_CRYPTO) is enabled and do nothing otherwise. If the
|
||||
* initialization fails, mark the test case as failed and jump to the \p exit
|
||||
* label.
|
||||
* #MBEDTLS_USE_PSA_CRYPTO) is enabled and do nothing otherwise.
|
||||
*
|
||||
* If the initialization fails, mark the test case as failed and jump to the
|
||||
* \p exit label.
|
||||
*/
|
||||
/** \def USE_PSA_DONE
|
||||
*
|
||||
* Call this macro at the end of a test case if you called #USE_PSA_INIT.
|
||||
* This is like #PSA_DONE, except that it does nothing if
|
||||
* #MBEDTLS_USE_PSA_CRYPTO is disabled.
|
||||
*
|
||||
* This is like #PSA_DONE except it does nothing under the same conditions as
|
||||
* #USE_PSA_INIT.
|
||||
*/
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
#define USE_PSA_INIT() PSA_INIT()
|
||||
@ -313,4 +326,52 @@ psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags)
|
||||
#define USE_PSA_DONE() ((void) 0)
|
||||
#endif /* !MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
|
||||
/** \def MD_PSA_INIT
|
||||
*
|
||||
* Call this macro to initialize the PSA subsystem if MD uses a driver,
|
||||
* and do nothing otherwise.
|
||||
*
|
||||
* If the initialization fails, mark the test case as failed and jump to the
|
||||
* \p exit label.
|
||||
*/
|
||||
/** \def MD_PSA_DONE
|
||||
*
|
||||
* Call this macro at the end of a test case if you called #MD_PSA_INIT.
|
||||
*
|
||||
* This is like #PSA_DONE except it does nothing under the same conditions as
|
||||
* #MD_PSA_INIT.
|
||||
*/
|
||||
#if defined(MBEDTLS_MD_SOME_PSA)
|
||||
#define MD_PSA_INIT() PSA_INIT()
|
||||
#define MD_PSA_DONE() PSA_DONE()
|
||||
#else /* MBEDTLS_MD_SOME_PSA */
|
||||
#define MD_PSA_INIT() ((void) 0)
|
||||
#define MD_PSA_DONE() ((void) 0)
|
||||
#endif /* MBEDTLS_MD_SOME_PSA */
|
||||
|
||||
/** \def MD_OR_USE_PSA_INIT
|
||||
*
|
||||
* Call this macro to initialize the PSA subsystem if MD uses a driver,
|
||||
* or if #MBEDTLS_USE_PSA_CRYPTO or #MBEDTLS_SSL_PROTO_TLS1_3 is enabled,
|
||||
* and do nothing otherwise.
|
||||
*
|
||||
* If the initialization fails, mark the test case as failed and jump to the
|
||||
* \p exit label.
|
||||
*/
|
||||
/** \def MD_OR_USE_PSA_DONE
|
||||
*
|
||||
* Call this macro at the end of a test case if you called #MD_OR_USE_PSA_INIT.
|
||||
*
|
||||
* This is like #PSA_DONE except it does nothing under the same conditions as
|
||||
* #MD_OR_USE_PSA_INIT.
|
||||
*/
|
||||
#if defined(MBEDTLS_MD_SOME_PSA) || \
|
||||
defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
#define MD_OR_USE_PSA_INIT() PSA_INIT()
|
||||
#define MD_OR_USE_PSA_DONE() PSA_DONE()
|
||||
#else
|
||||
#define MD_OR_USE_PSA_INIT() ((void) 0)
|
||||
#define MD_OR_USE_PSA_DONE() ((void) 0)
|
||||
#endif
|
||||
|
||||
#endif /* PSA_CRYPTO_HELPERS_H */
|
||||
|
@ -34,7 +34,7 @@
|
||||
*/
|
||||
#if defined(PSA_WANT_ALG_MD5)
|
||||
#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5
|
||||
/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of
|
||||
/* PSA_WANT_ALG_RIPEMD160 omitted. This is necessary for the sake of
|
||||
* exercise_signature_key() because Mbed TLS doesn't support RIPEMD160
|
||||
* in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be
|
||||
* implausible anyway. */
|
||||
|
620
tests/include/test/ssl_helpers.h
Normal file
620
tests/include/test/ssl_helpers.h
Normal file
@ -0,0 +1,620 @@
|
||||
/** \file ssl_helpers.h
|
||||
*
|
||||
* \brief This file contains helper functions to set up a TLS connection.
|
||||
*/
|
||||
|
||||
/*
|
||||
* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef SSL_HELPERS_H
|
||||
#define SSL_HELPERS_H
|
||||
|
||||
#include "mbedtls/build_info.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#include <test/helpers.h>
|
||||
#include <test/macros.h>
|
||||
#include <test/random.h>
|
||||
#include <test/psa_crypto_helpers.h>
|
||||
|
||||
#if defined(MBEDTLS_SSL_TLS_C)
|
||||
#include <ssl_misc.h>
|
||||
#include <mbedtls/timing.h>
|
||||
#include <mbedtls/debug.h>
|
||||
#include "hash_info.h"
|
||||
|
||||
#include "test/certs.h"
|
||||
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
#include "mbedtls/ssl_cache.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#define PSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
|
||||
psa_to_ssl_errors, \
|
||||
psa_generic_status_to_mbedtls)
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
#if defined(MBEDTLS_AES_C)
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
#define MBEDTLS_TEST_HAS_TLS1_3_AES_256_GCM_SHA384
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_GCM_SHA256
|
||||
#endif
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_MD_CAN_SHA256)
|
||||
#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_SHA256
|
||||
#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_8_SHA256
|
||||
#endif
|
||||
#endif /* MBEDTLS_AES_C */
|
||||
#if defined(MBEDTLS_CHACHAPOLY_C) && defined(MBEDTLS_MD_CAN_SHA256)
|
||||
#define MBEDTLS_TEST_HAS_TLS1_3_CHACHA20_POLY1305_SHA256
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_TEST_HAS_TLS1_3_AES_256_GCM_SHA384) || \
|
||||
defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_GCM_SHA256) || \
|
||||
defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_SHA256) || \
|
||||
defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_8_SHA256) || \
|
||||
defined(MBEDTLS_TEST_HAS_TLS1_3_CHACHA20_POLY1305_SHA256)
|
||||
#define MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
|
||||
#define MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
|
||||
#endif
|
||||
enum {
|
||||
#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \
|
||||
tls13_label_ ## name,
|
||||
MBEDTLS_SSL_TLS1_3_LABEL_LIST
|
||||
#undef MBEDTLS_SSL_TLS1_3_LABEL
|
||||
};
|
||||
|
||||
typedef struct mbedtls_test_ssl_log_pattern {
|
||||
const char *pattern;
|
||||
size_t counter;
|
||||
} mbedtls_test_ssl_log_pattern;
|
||||
|
||||
typedef struct mbedtls_test_handshake_test_options {
|
||||
const char *cipher;
|
||||
mbedtls_ssl_protocol_version client_min_version;
|
||||
mbedtls_ssl_protocol_version client_max_version;
|
||||
mbedtls_ssl_protocol_version server_min_version;
|
||||
mbedtls_ssl_protocol_version server_max_version;
|
||||
mbedtls_ssl_protocol_version expected_negotiated_version;
|
||||
int expected_handshake_result;
|
||||
int expected_ciphersuite;
|
||||
int pk_alg;
|
||||
int opaque_alg;
|
||||
int opaque_alg2;
|
||||
int opaque_usage;
|
||||
data_t *psk_str;
|
||||
int dtls;
|
||||
int srv_auth_mode;
|
||||
int serialize;
|
||||
int mfl;
|
||||
int cli_msg_len;
|
||||
int srv_msg_len;
|
||||
int expected_cli_fragments;
|
||||
int expected_srv_fragments;
|
||||
int renegotiate;
|
||||
int legacy_renegotiation;
|
||||
void *srv_log_obj;
|
||||
void *cli_log_obj;
|
||||
void (*srv_log_fun)(void *, int, const char *, int, const char *);
|
||||
void (*cli_log_fun)(void *, int, const char *, int, const char *);
|
||||
int resize_buffers;
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_cache_context *cache;
|
||||
#endif
|
||||
} mbedtls_test_handshake_test_options;
|
||||
|
||||
/*
|
||||
* Buffer structure for custom I/O callbacks.
|
||||
*/
|
||||
typedef struct mbedtls_test_ssl_buffer {
|
||||
size_t start;
|
||||
size_t content_length;
|
||||
size_t capacity;
|
||||
unsigned char *buffer;
|
||||
} mbedtls_test_ssl_buffer;
|
||||
|
||||
/*
|
||||
* Context for a message metadata queue (fifo) that is on top of the ring buffer.
|
||||
*/
|
||||
typedef struct mbedtls_test_ssl_message_queue {
|
||||
size_t *messages;
|
||||
int pos;
|
||||
int num;
|
||||
int capacity;
|
||||
} mbedtls_test_ssl_message_queue;
|
||||
|
||||
/*
|
||||
* Context for the I/O callbacks simulating network connection.
|
||||
*/
|
||||
|
||||
#define MBEDTLS_MOCK_SOCKET_CONNECTED 1
|
||||
|
||||
typedef struct mbedtls_test_mock_socket {
|
||||
int status;
|
||||
mbedtls_test_ssl_buffer *input;
|
||||
mbedtls_test_ssl_buffer *output;
|
||||
struct mbedtls_test_mock_socket *peer;
|
||||
} mbedtls_test_mock_socket;
|
||||
|
||||
/* Errors used in the message socket mocks */
|
||||
|
||||
#define MBEDTLS_TEST_ERROR_CONTEXT_ERROR -55
|
||||
#define MBEDTLS_TEST_ERROR_SEND_FAILED -66
|
||||
#define MBEDTLS_TEST_ERROR_RECV_FAILED -77
|
||||
|
||||
/*
|
||||
* Structure used as an addon, or a wrapper, around the mocked sockets.
|
||||
* Contains an input queue, to which the other socket pushes metadata,
|
||||
* and an output queue, to which this one pushes metadata. This context is
|
||||
* considered as an owner of the input queue only, which is initialized and
|
||||
* freed in the respective setup and free calls.
|
||||
*/
|
||||
typedef struct mbedtls_test_message_socket_context {
|
||||
mbedtls_test_ssl_message_queue *queue_input;
|
||||
mbedtls_test_ssl_message_queue *queue_output;
|
||||
mbedtls_test_mock_socket *socket;
|
||||
} mbedtls_test_message_socket_context;
|
||||
|
||||
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
|
||||
|
||||
/*
|
||||
* Structure with endpoint's certificates for SSL communication tests.
|
||||
*/
|
||||
typedef struct mbedtls_test_ssl_endpoint_certificate {
|
||||
mbedtls_x509_crt *ca_cert;
|
||||
mbedtls_x509_crt *cert;
|
||||
mbedtls_pk_context *pkey;
|
||||
} mbedtls_test_ssl_endpoint_certificate;
|
||||
|
||||
/*
|
||||
* Endpoint structure for SSL communication tests.
|
||||
*/
|
||||
typedef struct mbedtls_test_ssl_endpoint {
|
||||
const char *name;
|
||||
mbedtls_ssl_context ssl;
|
||||
mbedtls_ssl_config conf;
|
||||
mbedtls_test_mock_socket socket;
|
||||
mbedtls_test_ssl_endpoint_certificate cert;
|
||||
} mbedtls_test_ssl_endpoint;
|
||||
|
||||
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
|
||||
|
||||
/*
|
||||
* This function can be passed to mbedtls to receive output logs from it. In
|
||||
* this case, it will count the instances of a mbedtls_test_ssl_log_pattern
|
||||
* in the received logged messages.
|
||||
*/
|
||||
void mbedtls_test_ssl_log_analyzer(void *ctx, int level,
|
||||
const char *file, int line,
|
||||
const char *str);
|
||||
|
||||
void mbedtls_test_init_handshake_options(
|
||||
mbedtls_test_handshake_test_options *opts);
|
||||
|
||||
void mbedtls_test_free_handshake_options(
|
||||
mbedtls_test_handshake_test_options *opts);
|
||||
|
||||
/*
|
||||
* Initialises \p buf. After calling this function it is safe to call
|
||||
* `mbedtls_test_ssl_buffer_free()` on \p buf.
|
||||
*/
|
||||
void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf);
|
||||
|
||||
/*
|
||||
* Sets up \p buf. After calling this function it is safe to call
|
||||
* `mbedtls_test_ssl_buffer_put()` and `mbedtls_test_ssl_buffer_get()`
|
||||
* on \p buf.
|
||||
*/
|
||||
int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf,
|
||||
size_t capacity);
|
||||
|
||||
void mbedtls_test_ssl_buffer_free(mbedtls_test_ssl_buffer *buf);
|
||||
|
||||
/*
|
||||
* Puts \p input_len bytes from the \p input buffer into the ring buffer \p buf.
|
||||
*
|
||||
* \p buf must have been initialized and set up by calling
|
||||
* `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`.
|
||||
*
|
||||
* \retval \p input_len, if the data fits.
|
||||
* \retval 0 <= value < \p input_len, if the data does not fit.
|
||||
* \retval -1, if \p buf is NULL, it hasn't been set up or \p input_len is not
|
||||
* zero and \p input is NULL.
|
||||
*/
|
||||
int mbedtls_test_ssl_buffer_put(mbedtls_test_ssl_buffer *buf,
|
||||
const unsigned char *input, size_t input_len);
|
||||
|
||||
/*
|
||||
* Gets \p output_len bytes from the ring buffer \p buf into the
|
||||
* \p output buffer. The output buffer can be NULL, in this case a part of the
|
||||
* ring buffer will be dropped, if the requested length is available.
|
||||
*
|
||||
* \p buf must have been initialized and set up by calling
|
||||
* `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`.
|
||||
*
|
||||
* \retval \p output_len, if the data is available.
|
||||
* \retval 0 <= value < \p output_len, if the data is not available.
|
||||
* \retval -1, if \buf is NULL or it hasn't been set up.
|
||||
*/
|
||||
int mbedtls_test_ssl_buffer_get(mbedtls_test_ssl_buffer *buf,
|
||||
unsigned char *output, size_t output_len);
|
||||
|
||||
/*
|
||||
* Errors used in the message transport mock tests
|
||||
*/
|
||||
#define MBEDTLS_TEST_ERROR_ARG_NULL -11
|
||||
#define MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED -44
|
||||
|
||||
/*
|
||||
* Setup and free functions for the message metadata queue.
|
||||
*
|
||||
* \p capacity describes the number of message metadata chunks that can be held
|
||||
* within the queue.
|
||||
*
|
||||
* \retval 0, if a metadata queue of a given length can be allocated.
|
||||
* \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation failed.
|
||||
*/
|
||||
int mbedtls_test_ssl_message_queue_setup(
|
||||
mbedtls_test_ssl_message_queue *queue, size_t capacity);
|
||||
|
||||
void mbedtls_test_ssl_message_queue_free(
|
||||
mbedtls_test_ssl_message_queue *queue);
|
||||
|
||||
/*
|
||||
* Push message length information onto the message metadata queue.
|
||||
* This will become the last element to leave it (fifo).
|
||||
*
|
||||
* \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
|
||||
* \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full.
|
||||
* \retval \p len, if the push was successful.
|
||||
*/
|
||||
int mbedtls_test_ssl_message_queue_push_info(
|
||||
mbedtls_test_ssl_message_queue *queue, size_t len);
|
||||
|
||||
/*
|
||||
* Pop information about the next message length from the queue. This will be
|
||||
* the oldest inserted message length(fifo). \p msg_len can be null, in which
|
||||
* case the data will be popped from the queue but not copied anywhere.
|
||||
*
|
||||
* \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
|
||||
* \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty.
|
||||
* \retval message length, if the pop was successful, up to the given
|
||||
\p buf_len.
|
||||
*/
|
||||
int mbedtls_test_ssl_message_queue_pop_info(
|
||||
mbedtls_test_ssl_message_queue *queue, size_t buf_len);
|
||||
|
||||
/*
|
||||
* Setup and teardown functions for mock sockets.
|
||||
*/
|
||||
void mbedtls_test_mock_socket_init(mbedtls_test_mock_socket *socket);
|
||||
|
||||
/*
|
||||
* Closes the socket \p socket.
|
||||
*
|
||||
* \p socket must have been previously initialized by calling
|
||||
* mbedtls_test_mock_socket_init().
|
||||
*
|
||||
* This function frees all allocated resources and both sockets are aware of the
|
||||
* new connection state.
|
||||
*
|
||||
* That is, this function does not simulate half-open TCP connections and the
|
||||
* phenomenon that when closing a UDP connection the peer is not aware of the
|
||||
* connection having been closed.
|
||||
*/
|
||||
void mbedtls_test_mock_socket_close(mbedtls_test_mock_socket *socket);
|
||||
|
||||
/*
|
||||
* Establishes a connection between \p peer1 and \p peer2.
|
||||
*
|
||||
* \p peer1 and \p peer2 must have been previously initialized by calling
|
||||
* mbedtls_test_mock_socket_init().
|
||||
*
|
||||
* The capacities of the internal buffers are set to \p bufsize. Setting this to
|
||||
* the correct value allows for simulation of MTU, sanity testing the mock
|
||||
* implementation and mocking TCP connections with lower memory cost.
|
||||
*/
|
||||
int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1,
|
||||
mbedtls_test_mock_socket *peer2,
|
||||
size_t bufsize);
|
||||
|
||||
|
||||
/*
|
||||
* Callbacks for simulating blocking I/O over connection-oriented transport.
|
||||
*/
|
||||
int mbedtls_test_mock_tcp_send_b(void *ctx,
|
||||
const unsigned char *buf, size_t len);
|
||||
|
||||
int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len);
|
||||
|
||||
/*
|
||||
* Callbacks for simulating non-blocking I/O over connection-oriented transport.
|
||||
*/
|
||||
int mbedtls_test_mock_tcp_send_nb(void *ctx,
|
||||
const unsigned char *buf, size_t len);
|
||||
|
||||
int mbedtls_test_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len);
|
||||
|
||||
void mbedtls_test_message_socket_init(
|
||||
mbedtls_test_message_socket_context *ctx);
|
||||
|
||||
/*
|
||||
* Setup a given message socket context including initialization of
|
||||
* input/output queues to a chosen capacity of messages. Also set the
|
||||
* corresponding mock socket.
|
||||
*
|
||||
* \retval 0, if everything succeeds.
|
||||
* \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message
|
||||
* queue failed.
|
||||
*/
|
||||
int mbedtls_test_message_socket_setup(
|
||||
mbedtls_test_ssl_message_queue *queue_input,
|
||||
mbedtls_test_ssl_message_queue *queue_output,
|
||||
size_t queue_capacity,
|
||||
mbedtls_test_mock_socket *socket,
|
||||
mbedtls_test_message_socket_context *ctx);
|
||||
|
||||
/*
|
||||
* Close a given message socket context, along with the socket itself. Free the
|
||||
* memory allocated by the input queue.
|
||||
*/
|
||||
void mbedtls_test_message_socket_close(
|
||||
mbedtls_test_message_socket_context *ctx);
|
||||
|
||||
/*
|
||||
* Send one message through a given message socket context.
|
||||
*
|
||||
* \retval \p len, if everything succeeds.
|
||||
* \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context
|
||||
* elements or the context itself is null.
|
||||
* \retval MBEDTLS_TEST_ERROR_SEND_FAILED if
|
||||
* mbedtls_test_mock_tcp_send_b failed.
|
||||
* \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the output queue is full.
|
||||
*
|
||||
* This function will also return any error from
|
||||
* mbedtls_test_ssl_message_queue_push_info.
|
||||
*/
|
||||
int mbedtls_test_mock_tcp_send_msg(void *ctx,
|
||||
const unsigned char *buf, size_t len);
|
||||
|
||||
/*
|
||||
* Receive one message from a given message socket context and return message
|
||||
* length or an error.
|
||||
*
|
||||
* \retval message length, if everything succeeds.
|
||||
* \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context
|
||||
* elements or the context itself is null.
|
||||
* \retval MBEDTLS_TEST_ERROR_RECV_FAILED if
|
||||
* mbedtls_test_mock_tcp_recv_b failed.
|
||||
*
|
||||
* This function will also return any error other than
|
||||
* MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from test_ssl_message_queue_peek_info.
|
||||
*/
|
||||
int mbedtls_test_mock_tcp_recv_msg(void *ctx,
|
||||
unsigned char *buf, size_t buf_len);
|
||||
|
||||
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
|
||||
|
||||
/*
|
||||
* Initializes \p ep_cert structure and assigns it to endpoint
|
||||
* represented by \p ep.
|
||||
*
|
||||
* \retval 0 on success, otherwise error code.
|
||||
*/
|
||||
int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep,
|
||||
int pk_alg,
|
||||
int opaque_alg, int opaque_alg2,
|
||||
int opaque_usage);
|
||||
|
||||
/*
|
||||
* Initializes \p ep structure. It is important to call
|
||||
* `mbedtls_test_ssl_endpoint_free()` after calling this function
|
||||
* even if it fails.
|
||||
*
|
||||
* \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or
|
||||
* MBEDTLS_SSL_IS_CLIENT.
|
||||
* \p pk_alg the algorithm to use, currently only MBEDTLS_PK_RSA and
|
||||
* MBEDTLS_PK_ECDSA are supported.
|
||||
* \p dtls_context - in case of DTLS - this is the context handling metadata.
|
||||
* \p input_queue - used only in case of DTLS.
|
||||
* \p output_queue - used only in case of DTLS.
|
||||
*
|
||||
* \retval 0 on success, otherwise error code.
|
||||
*/
|
||||
int mbedtls_test_ssl_endpoint_init(
|
||||
mbedtls_test_ssl_endpoint *ep, int endpoint_type,
|
||||
mbedtls_test_handshake_test_options *options,
|
||||
mbedtls_test_message_socket_context *dtls_context,
|
||||
mbedtls_test_ssl_message_queue *input_queue,
|
||||
mbedtls_test_ssl_message_queue *output_queue,
|
||||
uint16_t *group_list);
|
||||
|
||||
/*
|
||||
* Deinitializes endpoint represented by \p ep.
|
||||
*/
|
||||
void mbedtls_test_ssl_endpoint_free(
|
||||
mbedtls_test_ssl_endpoint *ep,
|
||||
mbedtls_test_message_socket_context *context);
|
||||
|
||||
/*
|
||||
* This function moves ssl handshake from \p ssl to prescribed \p state.
|
||||
* /p second_ssl is used as second endpoint and their sockets have to be
|
||||
* connected before calling this function.
|
||||
*
|
||||
* \retval 0 on success, otherwise error code.
|
||||
*/
|
||||
int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl,
|
||||
mbedtls_ssl_context *second_ssl,
|
||||
int state);
|
||||
|
||||
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
|
||||
|
||||
/*
|
||||
* Helper function setting up inverse record transformations
|
||||
* using given cipher, hash, EtM mode, authentication tag length,
|
||||
* and version.
|
||||
*/
|
||||
#define CHK(x) \
|
||||
do \
|
||||
{ \
|
||||
if (!(x)) \
|
||||
{ \
|
||||
ret = -1; \
|
||||
goto cleanup; \
|
||||
} \
|
||||
} while (0)
|
||||
|
||||
#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX
|
||||
#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_IN_LEN_MAX
|
||||
#else
|
||||
#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
|
||||
defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_AES_C)
|
||||
int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform,
|
||||
const unsigned char *iv,
|
||||
size_t iv_len,
|
||||
const unsigned char *input,
|
||||
size_t ilen,
|
||||
unsigned char *output,
|
||||
size_t *olen);
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_CIPHER_MODE_CBC &&
|
||||
MBEDTLS_AES_C */
|
||||
|
||||
int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in,
|
||||
mbedtls_ssl_transform *t_out,
|
||||
int cipher_type, int hash_id,
|
||||
int etm, int tag_mode,
|
||||
mbedtls_ssl_protocol_version tls_version,
|
||||
size_t cid0_len,
|
||||
size_t cid1_len);
|
||||
|
||||
/*
|
||||
* Populate a session structure for serialization tests.
|
||||
* Choose dummy values, mostly non-0 to distinguish from the init default.
|
||||
*/
|
||||
int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session,
|
||||
int ticket_len,
|
||||
const char *crt_file);
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session,
|
||||
int ticket_len,
|
||||
int endpoint_type);
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
|
||||
/*
|
||||
* Perform data exchanging between \p ssl_1 and \p ssl_2 and check if the
|
||||
* message was sent in the correct number of fragments.
|
||||
*
|
||||
* /p ssl_1 and /p ssl_2 Endpoints represented by mbedtls_ssl_context. Both
|
||||
* of them must be initialized and connected
|
||||
* beforehand.
|
||||
* /p msg_len_1 and /p msg_len_2 specify the size of the message to send.
|
||||
* /p expected_fragments_1 and /p expected_fragments_2 determine in how many
|
||||
* fragments the message should be sent.
|
||||
* expected_fragments is 0: can be used for DTLS testing while the message
|
||||
* size is larger than MFL. In that case the message
|
||||
* cannot be fragmented and sent to the second
|
||||
* endpoint.
|
||||
* This value can be used for negative tests.
|
||||
* expected_fragments is 1: can be used for TLS/DTLS testing while the
|
||||
* message size is below MFL
|
||||
* expected_fragments > 1: can be used for TLS testing while the message
|
||||
* size is larger than MFL
|
||||
*
|
||||
* \retval 0 on success, otherwise error code.
|
||||
*/
|
||||
int mbedtls_test_ssl_exchange_data(
|
||||
mbedtls_ssl_context *ssl_1,
|
||||
int msg_len_1, const int expected_fragments_1,
|
||||
mbedtls_ssl_context *ssl_2,
|
||||
int msg_len_2, const int expected_fragments_2);
|
||||
|
||||
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
|
||||
void mbedtls_test_ssl_perform_handshake(
|
||||
mbedtls_test_handshake_test_options *options);
|
||||
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_TEST_HOOKS)
|
||||
/*
|
||||
* Tweak vector lengths in a TLS 1.3 Certificate message
|
||||
*
|
||||
* \param[in] buf Buffer containing the Certificate message to tweak
|
||||
* \param[in]]out] end End of the buffer to parse
|
||||
* \param tweak Tweak identifier (from 1 to the number of tweaks).
|
||||
* \param[out] expected_result Error code expected from the parsing function
|
||||
* \param[out] args Arguments of the MBEDTLS_SSL_CHK_BUF_READ_PTR call that
|
||||
* is expected to fail. All zeroes if no
|
||||
* MBEDTLS_SSL_CHK_BUF_READ_PTR failure is expected.
|
||||
*/
|
||||
int mbedtls_test_tweak_tls13_certificate_msg_vector_len(
|
||||
unsigned char *buf, unsigned char **end, int tweak,
|
||||
int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args);
|
||||
#endif /* MBEDTLS_TEST_HOOKS */
|
||||
|
||||
#define ECJPAKE_TEST_PWD "bla"
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#define ECJPAKE_TEST_SET_PASSWORD(exp_ret_val) \
|
||||
ret = (use_opaque_arg) ? \
|
||||
mbedtls_ssl_set_hs_ecjpake_password_opaque(&ssl, pwd_slot) : \
|
||||
mbedtls_ssl_set_hs_ecjpake_password(&ssl, pwd_string, pwd_len); \
|
||||
TEST_EQUAL(ret, exp_ret_val)
|
||||
#else
|
||||
#define ECJPAKE_TEST_SET_PASSWORD(exp_ret_val) \
|
||||
ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl, \
|
||||
pwd_string, pwd_len); \
|
||||
TEST_EQUAL(ret, exp_ret_val)
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
#define TEST_AVAILABLE_ECC(tls_id_, group_id_, psa_family_, psa_bits_) \
|
||||
TEST_EQUAL(mbedtls_ssl_get_ecp_group_id_from_tls_id(tls_id_), \
|
||||
group_id_); \
|
||||
TEST_EQUAL(mbedtls_ssl_get_tls_id_from_ecp_group_id(group_id_), \
|
||||
tls_id_); \
|
||||
TEST_EQUAL(mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id_, \
|
||||
&psa_family, &psa_bits), PSA_SUCCESS); \
|
||||
TEST_EQUAL(psa_family_, psa_family); \
|
||||
TEST_EQUAL(psa_bits_, psa_bits);
|
||||
|
||||
#define TEST_UNAVAILABLE_ECC(tls_id_, group_id_, psa_family_, psa_bits_) \
|
||||
TEST_EQUAL(mbedtls_ssl_get_ecp_group_id_from_tls_id(tls_id_), \
|
||||
MBEDTLS_ECP_DP_NONE); \
|
||||
TEST_EQUAL(mbedtls_ssl_get_tls_id_from_ecp_group_id(group_id_), \
|
||||
0); \
|
||||
TEST_EQUAL(mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id_, \
|
||||
&psa_family, &psa_bits), \
|
||||
PSA_ERROR_NOT_SUPPORTED);
|
||||
|
||||
#endif /* MBEDTLS_SSL_TLS_C */
|
||||
|
||||
#endif /* SSL_HELPERS_H */
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -26,7 +26,7 @@ requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
|
||||
run_test "TLS 1.3: PSK: No valid ciphersuite. G->m" \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-CIPHER-ALL:+AES-256-GCM:+AEAD:+SHA384:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
|
||||
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
|
||||
localhost" \
|
||||
@ -45,7 +45,7 @@ requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
|
||||
run_test "TLS 1.3: PSK: No valid ciphersuite. O->m" \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -ciphersuites TLS_AES_256_GCM_SHA384\
|
||||
-psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
|
||||
1 \
|
||||
@ -59,8 +59,8 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Multiple PSKs: valid ticket, reconnect with ticket" \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8" \
|
||||
"$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
|
||||
"$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8" \
|
||||
"$P_CLI tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 2" \
|
||||
-s "sent selected_identity: 0" \
|
||||
@ -73,8 +73,8 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Multiple PSKs: invalid ticket, reconnect with PSK" \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=1" \
|
||||
"$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
|
||||
"$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=1" \
|
||||
"$P_CLI tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 2" \
|
||||
-s "sent selected_identity: 1" \
|
||||
@ -88,7 +88,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, ticket authentication failed." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=1" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=1" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -107,7 +107,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, ticket expired." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=2" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=2" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -126,7 +126,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, invalid start time." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=3" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=3" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -145,7 +145,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, ticket expired. too old" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=4" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=4" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -164,7 +164,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too young." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=5" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=5" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -183,7 +183,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too old." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=6" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=6" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -201,7 +201,7 @@ requires_gnutls_tls1_3
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
run_test "TLS 1.3: G->m: ephemeral_all/psk, fail, no common kex mode" \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
|
||||
"$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
|
||||
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
|
||||
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
|
||||
localhost" \
|
||||
@ -221,7 +221,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_
|
||||
requires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3: G->m: PSK: configured psk only, good." \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \
|
||||
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
|
||||
localhost" \
|
||||
@ -239,7 +239,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_
|
||||
requires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3: G->m: PSK: configured psk_ephemeral only, good." \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \
|
||||
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
|
||||
localhost" \
|
||||
@ -257,7 +257,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_
|
||||
requires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3: G->m: PSK: configured ephemeral only, good." \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \
|
||||
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
|
||||
localhost" \
|
||||
@ -317,7 +317,7 @@ requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
run_test "TLS 1.3, ext PSK, early data" \
|
||||
"$O_NEXT_SRV_EARLY_DATA -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
|
||||
"$P_CLI debug_level=5 force_version=tls13 tls13_kex_modes=psk early_data=1 psk=010203 psk_identity=0a0b0c" \
|
||||
"$P_CLI debug_level=5 tls13_kex_modes=psk early_data=1 psk=010203 psk_identity=0a0b0c" \
|
||||
1 \
|
||||
-c "Reconnecting with saved session" \
|
||||
-c "NewSessionTicket: early_data(42) extension received." \
|
||||
@ -330,7 +330,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/none." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=7" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=7" \
|
||||
"$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -346,7 +346,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=8" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=8" \
|
||||
"$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -358,7 +358,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk_ephemeral." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=9" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=9" \
|
||||
"$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -374,7 +374,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk_all." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=10" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=10" \
|
||||
"$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -386,7 +386,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/none." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=7" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=7" \
|
||||
"$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -402,7 +402,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=8" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=8" \
|
||||
"$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -418,7 +418,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk_ephemeral." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=9" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=9" \
|
||||
"$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -430,7 +430,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk_all." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=10" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=10" \
|
||||
"$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -443,7 +443,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/none." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=7" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=7" \
|
||||
"$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -460,7 +460,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=8" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=8" \
|
||||
"$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -473,7 +473,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk_ephemeral." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=9" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=9" \
|
||||
"$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
@ -486,7 +486,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk_all." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=10" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=10" \
|
||||
"$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -10,6 +10,8 @@ import argparse
|
||||
import sys
|
||||
import traceback
|
||||
import re
|
||||
import subprocess
|
||||
import os
|
||||
|
||||
import check_test_cases
|
||||
|
||||
@ -51,6 +53,26 @@ class TestCaseOutcomes:
|
||||
"""
|
||||
return len(self.successes) + len(self.failures)
|
||||
|
||||
def execute_reference_driver_tests(ref_component, driver_component, outcome_file):
|
||||
"""Run the tests specified in ref_component and driver_component. Results
|
||||
are stored in the output_file and they will be used for the following
|
||||
coverage analysis"""
|
||||
# If the outcome file already exists, we assume that the user wants to
|
||||
# perform the comparison analysis again without repeating the tests.
|
||||
if os.path.exists(outcome_file):
|
||||
Results.log("Outcome file (" + outcome_file + ") already exists. " + \
|
||||
"Tests will be skipped.")
|
||||
return
|
||||
|
||||
shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \
|
||||
" " + ref_component + " " + driver_component
|
||||
Results.log("Running: " + shell_command)
|
||||
ret_val = subprocess.run(shell_command.split(), check=False).returncode
|
||||
|
||||
if ret_val != 0:
|
||||
Results.log("Error: failed to run reference/driver components")
|
||||
sys.exit(ret_val)
|
||||
|
||||
def analyze_coverage(results, outcomes):
|
||||
"""Check that all available test cases are executed at least once."""
|
||||
available = check_test_cases.collect_available_test_cases()
|
||||
@ -82,7 +104,7 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver,
|
||||
full_test_suite = key.split(';')[0] # retrieve full test suite name
|
||||
test_string = key.split(';')[1] # retrieve the text string of this test
|
||||
test_suite = full_test_suite.split('.')[0] # retrieve main part of test suite name
|
||||
if test_suite in ignored_suites:
|
||||
if test_suite in ignored_suites or full_test_suite in ignored_suites:
|
||||
continue
|
||||
if ((full_test_suite in ignored_test) and
|
||||
(test_string in ignored_test[full_test_suite])):
|
||||
@ -96,7 +118,7 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver,
|
||||
if component_ref in entry:
|
||||
reference_test_passed = True
|
||||
if(reference_test_passed and not driver_test_passed):
|
||||
print(key)
|
||||
Results.log(key)
|
||||
result = False
|
||||
return result
|
||||
|
||||
@ -131,16 +153,19 @@ def do_analyze_coverage(outcome_file, args):
|
||||
"""Perform coverage analysis."""
|
||||
del args # unused
|
||||
outcomes = read_outcome_file(outcome_file)
|
||||
print("\n*** Analyze coverage ***\n")
|
||||
Results.log("\n*** Analyze coverage ***\n")
|
||||
results = analyze_outcomes(outcomes)
|
||||
return results.error_count == 0
|
||||
|
||||
def do_analyze_driver_vs_reference(outcome_file, args):
|
||||
"""Perform driver vs reference analyze."""
|
||||
execute_reference_driver_tests(args['component_ref'], \
|
||||
args['component_driver'], outcome_file)
|
||||
|
||||
ignored_suites = ['test_suite_' + x for x in args['ignored_suites']]
|
||||
|
||||
outcomes = read_outcome_file(outcome_file)
|
||||
print("\n*** Analyze driver {} vs reference {} ***\n".format(
|
||||
Results.log("\n*** Analyze driver {} vs reference {} ***\n".format(
|
||||
args['component_driver'], args['component_ref']))
|
||||
return analyze_driver_vs_reference(outcomes, args['component_ref'],
|
||||
args['component_driver'], ignored_suites,
|
||||
@ -152,9 +177,12 @@ TASKS = {
|
||||
'test_function': do_analyze_coverage,
|
||||
'args': {}
|
||||
},
|
||||
# How to use analyze_driver_vs_reference_xxx locally:
|
||||
# 1. tests/scripts/all.sh --outcome-file "$PWD/out.csv" <component_ref> <component_driver>
|
||||
# 2. tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx
|
||||
# There are 2 options to use analyze_driver_vs_reference_xxx locally:
|
||||
# 1. Run tests and then analysis:
|
||||
# - tests/scripts/all.sh --outcome-file "$PWD/out.csv" <component_ref> <component_driver>
|
||||
# - tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx
|
||||
# 2. Let this script run both automatically:
|
||||
# - tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx
|
||||
'analyze_driver_vs_reference_hash': {
|
||||
'test_function': do_analyze_driver_vs_reference,
|
||||
'args': {
|
||||
@ -162,24 +190,99 @@ TASKS = {
|
||||
'component_driver': 'test_psa_crypto_config_accel_hash_use_psa',
|
||||
'ignored_suites': [
|
||||
'shax', 'mdx', # the software implementations that are being excluded
|
||||
'md', # the legacy abstraction layer that's being excluded
|
||||
'md.psa', # purposefully depends on whether drivers are present
|
||||
],
|
||||
'ignored_tests': {
|
||||
}
|
||||
}
|
||||
},
|
||||
'analyze_driver_vs_reference_ecdsa': {
|
||||
'analyze_driver_vs_reference_all_ec_algs': {
|
||||
'test_function': do_analyze_driver_vs_reference,
|
||||
'args': {
|
||||
'component_ref': 'test_psa_crypto_config_reference_ecdsa_use_psa',
|
||||
'component_driver': 'test_psa_crypto_config_accel_ecdsa_use_psa',
|
||||
'component_ref': 'test_psa_crypto_config_reference_all_ec_algs_use_psa',
|
||||
'component_driver': 'test_psa_crypto_config_accel_all_ec_algs_use_psa',
|
||||
'ignored_suites': [
|
||||
'ecdsa', # the software implementation that's excluded
|
||||
'ecdsa',
|
||||
'ecdh',
|
||||
'ecjpake',
|
||||
],
|
||||
'ignored_tests': {
|
||||
'test_suite_random': [
|
||||
'PSA classic wrapper: ECDSA signature (SECP256R1)',
|
||||
],
|
||||
# In the accelerated test ECP_C is not set (only ECP_LIGHT is)
|
||||
# so we must ignore disparities in the tests for which ECP_C
|
||||
# is required.
|
||||
'test_suite_ecp': [
|
||||
'ECP check public-private #1 (OK)',
|
||||
'ECP check public-private #2 (group none)',
|
||||
'ECP check public-private #3 (group mismatch)',
|
||||
'ECP check public-private #4 (Qx mismatch)',
|
||||
'ECP check public-private #5 (Qy mismatch)',
|
||||
'ECP check public-private #6 (wrong Qx)',
|
||||
'ECP check public-private #7 (wrong Qy)',
|
||||
'ECP gen keypair [#1]',
|
||||
'ECP gen keypair [#2]',
|
||||
'ECP gen keypair [#3]',
|
||||
'ECP gen keypair wrapper',
|
||||
'ECP point muladd secp256r1 #1',
|
||||
'ECP point muladd secp256r1 #2',
|
||||
'ECP point multiplication Curve25519 (element of order 2: origin) #3',
|
||||
'ECP point multiplication Curve25519 (element of order 4: 1) #4',
|
||||
'ECP point multiplication Curve25519 (element of order 8) #5',
|
||||
'ECP point multiplication Curve25519 (normalized) #1',
|
||||
'ECP point multiplication Curve25519 (not normalized) #2',
|
||||
'ECP point multiplication rng fail Curve25519',
|
||||
'ECP point multiplication rng fail secp256r1',
|
||||
'ECP test vectors Curve25519',
|
||||
'ECP test vectors Curve448 (RFC 7748 6.2, after decodeUCoordinate)',
|
||||
'ECP test vectors brainpoolP256r1 rfc 7027',
|
||||
'ECP test vectors brainpoolP384r1 rfc 7027',
|
||||
'ECP test vectors brainpoolP512r1 rfc 7027',
|
||||
'ECP test vectors secp192k1',
|
||||
'ECP test vectors secp192r1 rfc 5114',
|
||||
'ECP test vectors secp224k1',
|
||||
'ECP test vectors secp224r1 rfc 5114',
|
||||
'ECP test vectors secp256k1',
|
||||
'ECP test vectors secp256r1 rfc 5114',
|
||||
'ECP test vectors secp384r1 rfc 5114',
|
||||
'ECP test vectors secp521r1 rfc 5114',
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
'analyze_driver_vs_reference_all_ec_algs_no_ecp': {
|
||||
'test_function': do_analyze_driver_vs_reference,
|
||||
'args': {
|
||||
'component_ref': 'test_psa_crypto_full_reference_all_ec_algs_no_ecp_use_psa',
|
||||
'component_driver': 'test_psa_crypto_full_accel_all_ec_algs_no_ecp_use_psa',
|
||||
'ignored_suites': [
|
||||
# Ignore test suites for the modules that are disabled in the
|
||||
# accelerated test case.
|
||||
'ecp',
|
||||
'ecdsa',
|
||||
'ecdh',
|
||||
'ecjpake',
|
||||
],
|
||||
'ignored_tests': {
|
||||
'test_suite_random': [
|
||||
'PSA classic wrapper: ECDSA signature (SECP256R1)',
|
||||
],
|
||||
'test_suite_psa_crypto': [
|
||||
'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1',
|
||||
'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)',
|
||||
'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA',
|
||||
'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1',
|
||||
'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0',
|
||||
'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1',
|
||||
'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)',
|
||||
'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)',
|
||||
'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)',
|
||||
'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)',
|
||||
'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)',
|
||||
'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)',
|
||||
'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)',
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
@ -201,7 +304,7 @@ def main():
|
||||
|
||||
if options.list:
|
||||
for task in TASKS:
|
||||
print(task)
|
||||
Results.log(task)
|
||||
sys.exit(0)
|
||||
|
||||
result = True
|
||||
@ -213,7 +316,7 @@ def main():
|
||||
|
||||
for task in tasks:
|
||||
if task not in TASKS:
|
||||
print('Error: invalid task: {}'.format(task))
|
||||
Results.log('Error: invalid task: {}'.format(task))
|
||||
sys.exit(1)
|
||||
|
||||
for task in TASKS:
|
||||
@ -223,7 +326,7 @@ def main():
|
||||
|
||||
if result is False:
|
||||
sys.exit(1)
|
||||
print("SUCCESS :-)")
|
||||
Results.log("SUCCESS :-)")
|
||||
except Exception: # pylint: disable=broad-except
|
||||
# Print the backtrace and exit explicitly with our chosen status.
|
||||
traceback.print_exc()
|
||||
|
@ -277,7 +277,7 @@ REVERSE_DEPENDENCIES = {
|
||||
# if a given define is the only one enabled from an exclusive group.
|
||||
EXCLUSIVE_GROUPS = {
|
||||
'MBEDTLS_SHA512_C': ['-MBEDTLS_SSL_COOKIE_C',
|
||||
'-MBEDTLS_SSL_PROTO_TLS1_3'],
|
||||
'-MBEDTLS_SSL_TLS_C'],
|
||||
'MBEDTLS_ECP_DP_CURVE448_ENABLED': ['-MBEDTLS_ECDSA_C',
|
||||
'-MBEDTLS_ECDSA_DETERMINISTIC',
|
||||
'-MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
|
||||
|
@ -49,7 +49,7 @@ class TestData:
|
||||
Take in test_suite_pkcs7.data file.
|
||||
Allow for new tests to be added.
|
||||
"""
|
||||
mandatory_dep = "MBEDTLS_SHA256_C"
|
||||
mandatory_dep = "MBEDTLS_MD_CAN_SHA256"
|
||||
test_name = "PKCS7 Parse Failure Invalid ASN1"
|
||||
test_function = "pkcs7_asn1_fail:"
|
||||
def __init__(self, file_name):
|
||||
|
@ -171,6 +171,28 @@ import string
|
||||
import argparse
|
||||
|
||||
|
||||
# Types recognized as signed integer arguments in test functions.
|
||||
SIGNED_INTEGER_TYPES = frozenset([
|
||||
'char',
|
||||
'short',
|
||||
'short int',
|
||||
'int',
|
||||
'int8_t',
|
||||
'int16_t',
|
||||
'int32_t',
|
||||
'int64_t',
|
||||
'intmax_t',
|
||||
'long',
|
||||
'long int',
|
||||
'long long int',
|
||||
'mbedtls_mpi_sint',
|
||||
'psa_status_t',
|
||||
])
|
||||
# Types recognized as string arguments in test functions.
|
||||
STRING_TYPES = frozenset(['char*', 'const char*', 'char const*'])
|
||||
# Types recognized as hex data arguments in test functions.
|
||||
DATA_TYPES = frozenset(['data_t*', 'const data_t*', 'data_t const*'])
|
||||
|
||||
BEGIN_HEADER_REGEX = r'/\*\s*BEGIN_HEADER\s*\*/'
|
||||
END_HEADER_REGEX = r'/\*\s*END_HEADER\s*\*/'
|
||||
|
||||
@ -192,9 +214,6 @@ CONDITION_REGEX = r'({})(?:\s*({})\s*({}))?$'.format(C_IDENTIFIER_REGEX,
|
||||
CONDITION_OPERATOR_REGEX,
|
||||
CONDITION_VALUE_REGEX)
|
||||
TEST_FUNCTION_VALIDATION_REGEX = r'\s*void\s+(?P<func_name>\w+)\s*\('
|
||||
INT_CHECK_REGEX = r'int\s+.*'
|
||||
CHAR_CHECK_REGEX = r'char\s*\*\s*.*'
|
||||
DATA_T_CHECK_REGEX = r'data_t\s*\*\s*.*'
|
||||
FUNCTION_ARG_LIST_END_REGEX = r'.*\)'
|
||||
EXIT_LABEL_REGEX = r'^exit:'
|
||||
|
||||
@ -303,7 +322,7 @@ def gen_function_wrapper(name, local_vars, args_dispatch):
|
||||
:param name: Test function name
|
||||
:param local_vars: Local variables declaration code
|
||||
:param args_dispatch: List of dispatch arguments.
|
||||
Ex: ['(char *)params[0]', '*((int *)params[1])']
|
||||
Ex: ['(char *) params[0]', '*((int *) params[1])']
|
||||
:return: Test function wrapper.
|
||||
"""
|
||||
# Then create the wrapper
|
||||
@ -444,6 +463,49 @@ def parse_function_dependencies(line):
|
||||
return dependencies
|
||||
|
||||
|
||||
ARGUMENT_DECLARATION_REGEX = re.compile(r'(.+?) ?(?:\bconst\b)? ?(\w+)\Z', re.S)
|
||||
def parse_function_argument(arg, arg_idx, args, local_vars, args_dispatch):
|
||||
"""
|
||||
Parses one test function's argument declaration.
|
||||
|
||||
:param arg: argument declaration.
|
||||
:param arg_idx: current wrapper argument index.
|
||||
:param args: accumulator of arguments' internal types.
|
||||
:param local_vars: accumulator of internal variable declarations.
|
||||
:param args_dispatch: accumulator of argument usage expressions.
|
||||
:return: the number of new wrapper arguments,
|
||||
or None if the argument declaration is invalid.
|
||||
"""
|
||||
# Normalize whitespace
|
||||
arg = arg.strip()
|
||||
arg = re.sub(r'\s*\*\s*', r'*', arg)
|
||||
arg = re.sub(r'\s+', r' ', arg)
|
||||
# Extract name and type
|
||||
m = ARGUMENT_DECLARATION_REGEX.search(arg)
|
||||
if not m:
|
||||
# E.g. "int x[42]"
|
||||
return None
|
||||
typ, _ = m.groups()
|
||||
if typ in SIGNED_INTEGER_TYPES:
|
||||
args.append('int')
|
||||
args_dispatch.append('((mbedtls_test_argument_t *) params[%d])->sint' % arg_idx)
|
||||
return 1
|
||||
if typ in STRING_TYPES:
|
||||
args.append('char*')
|
||||
args_dispatch.append('(char *) params[%d]' % arg_idx)
|
||||
return 1
|
||||
if typ in DATA_TYPES:
|
||||
args.append('hex')
|
||||
# create a structure
|
||||
pointer_initializer = '(uint8_t *) params[%d]' % arg_idx
|
||||
len_initializer = '((mbedtls_test_argument_t *) params[%d])->len' % (arg_idx+1)
|
||||
local_vars.append(' data_t data%d = {%s, %s};\n' %
|
||||
(arg_idx, pointer_initializer, len_initializer))
|
||||
args_dispatch.append('&data%d' % arg_idx)
|
||||
return 2
|
||||
return None
|
||||
|
||||
ARGUMENT_LIST_REGEX = re.compile(r'\((.*?)\)', re.S)
|
||||
def parse_function_arguments(line):
|
||||
"""
|
||||
Parses test function signature for validation and generates
|
||||
@ -455,42 +517,27 @@ def parse_function_arguments(line):
|
||||
:return: argument list, local variables for
|
||||
wrapper function and argument dispatch code.
|
||||
"""
|
||||
args = []
|
||||
local_vars = ''
|
||||
args_dispatch = []
|
||||
arg_idx = 0
|
||||
# Remove characters before arguments
|
||||
line = line[line.find('(') + 1:]
|
||||
# Process arguments, ex: <type> arg1, <type> arg2 )
|
||||
# This script assumes that the argument list is terminated by ')'
|
||||
# i.e. the test functions will not have a function pointer
|
||||
# argument.
|
||||
for arg in line[:line.find(')')].split(','):
|
||||
arg = arg.strip()
|
||||
if arg == '':
|
||||
continue
|
||||
if re.search(INT_CHECK_REGEX, arg.strip()):
|
||||
args.append('int')
|
||||
args_dispatch.append('*( (int *) params[%d] )' % arg_idx)
|
||||
elif re.search(CHAR_CHECK_REGEX, arg.strip()):
|
||||
args.append('char*')
|
||||
args_dispatch.append('(char *) params[%d]' % arg_idx)
|
||||
elif re.search(DATA_T_CHECK_REGEX, arg.strip()):
|
||||
args.append('hex')
|
||||
# create a structure
|
||||
pointer_initializer = '(uint8_t *) params[%d]' % arg_idx
|
||||
len_initializer = '*( (uint32_t *) params[%d] )' % (arg_idx+1)
|
||||
local_vars += """ data_t data%d = {%s, %s};
|
||||
""" % (arg_idx, pointer_initializer, len_initializer)
|
||||
|
||||
args_dispatch.append('&data%d' % arg_idx)
|
||||
arg_idx += 1
|
||||
else:
|
||||
m = ARGUMENT_LIST_REGEX.search(line)
|
||||
arg_list = m.group(1).strip()
|
||||
if arg_list in ['', 'void']:
|
||||
return [], '', []
|
||||
args = []
|
||||
local_vars = []
|
||||
args_dispatch = []
|
||||
arg_idx = 0
|
||||
for arg in arg_list.split(','):
|
||||
indexes = parse_function_argument(arg, arg_idx,
|
||||
args, local_vars, args_dispatch)
|
||||
if indexes is None:
|
||||
raise ValueError("Test function arguments can only be 'int', "
|
||||
"'char *' or 'data_t'\n%s" % line)
|
||||
arg_idx += 1
|
||||
arg_idx += indexes
|
||||
|
||||
return args, local_vars, args_dispatch
|
||||
return args, ''.join(local_vars), args_dispatch
|
||||
|
||||
|
||||
def generate_function_code(name, code, local_vars, args_dispatch,
|
||||
@ -705,7 +752,7 @@ def parse_test_data(data_f):
|
||||
execution.
|
||||
|
||||
:param data_f: file object of the data file.
|
||||
:return: Generator that yields test name, function name,
|
||||
:return: Generator that yields line number, test name, function name,
|
||||
dependency list and function argument list.
|
||||
"""
|
||||
__state_read_name = 0
|
||||
@ -748,7 +795,7 @@ def parse_test_data(data_f):
|
||||
parts = escaped_split(line, ':')
|
||||
test_function = parts[0]
|
||||
args = parts[1:]
|
||||
yield name, test_function, dependencies, args
|
||||
yield data_f.line_no, name, test_function, dependencies, args
|
||||
dependencies = []
|
||||
state = __state_read_name
|
||||
if state == __state_read_args:
|
||||
@ -846,6 +893,14 @@ def write_dependencies(out_data_f, test_dependencies, unique_dependencies):
|
||||
return dep_check_code
|
||||
|
||||
|
||||
INT_VAL_REGEX = re.compile(r'-?(\d+|0x[0-9a-f]+)$', re.I)
|
||||
def val_is_int(val: str) -> bool:
|
||||
"""Whether val is suitable as an 'int' parameter in the .datax file."""
|
||||
if not INT_VAL_REGEX.match(val):
|
||||
return False
|
||||
# Limit the range to what is guaranteed to get through strtol()
|
||||
return abs(int(val, 0)) <= 0x7fffffff
|
||||
|
||||
def write_parameters(out_data_f, test_args, func_args, unique_expressions):
|
||||
"""
|
||||
Writes test parameters to the intermediate data file, replacing
|
||||
@ -864,9 +919,9 @@ def write_parameters(out_data_f, test_args, func_args, unique_expressions):
|
||||
typ = func_args[i]
|
||||
val = test_args[i]
|
||||
|
||||
# check if val is a non literal int val (i.e. an expression)
|
||||
if typ == 'int' and not re.match(r'(\d+|0x[0-9a-f]+)$',
|
||||
val, re.I):
|
||||
# Pass small integer constants literally. This reduces the size of
|
||||
# the C code. Register anything else as an expression.
|
||||
if typ == 'int' and not val_is_int(val):
|
||||
typ = 'exp'
|
||||
if val not in unique_expressions:
|
||||
unique_expressions.append(val)
|
||||
@ -909,6 +964,24 @@ def gen_suite_dep_checks(suite_dependencies, dep_check_code, expression_code):
|
||||
return dep_check_code, expression_code
|
||||
|
||||
|
||||
def get_function_info(func_info, function_name, line_no):
|
||||
"""Look up information about a test function by name.
|
||||
|
||||
Raise an informative expression if function_name is not found.
|
||||
|
||||
:param func_info: dictionary mapping function names to their information.
|
||||
:param function_name: the function name as written in the .function and
|
||||
.data files.
|
||||
:param line_no: line number for error messages.
|
||||
:return Function information (id, args).
|
||||
"""
|
||||
test_function_name = 'test_' + function_name
|
||||
if test_function_name not in func_info:
|
||||
raise GeneratorInputError("%d: Function %s not found!" %
|
||||
(line_no, test_function_name))
|
||||
return func_info[test_function_name]
|
||||
|
||||
|
||||
def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies):
|
||||
"""
|
||||
This function reads test case name, dependencies and test vectors
|
||||
@ -931,7 +1004,7 @@ def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies):
|
||||
unique_expressions = []
|
||||
dep_check_code = ''
|
||||
expression_code = ''
|
||||
for test_name, function_name, test_dependencies, test_args in \
|
||||
for line_no, test_name, function_name, test_dependencies, test_args in \
|
||||
parse_test_data(data_f):
|
||||
out_data_f.write(test_name + '\n')
|
||||
|
||||
@ -940,18 +1013,15 @@ def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies):
|
||||
unique_dependencies)
|
||||
|
||||
# Write test function name
|
||||
test_function_name = 'test_' + function_name
|
||||
if test_function_name not in func_info:
|
||||
raise GeneratorInputError("Function %s not found!" %
|
||||
test_function_name)
|
||||
func_id, func_args = func_info[test_function_name]
|
||||
func_id, func_args = \
|
||||
get_function_info(func_info, function_name, line_no)
|
||||
out_data_f.write(str(func_id))
|
||||
|
||||
# Write parameters
|
||||
if len(test_args) != len(func_args):
|
||||
raise GeneratorInputError("Invalid number of arguments in test "
|
||||
raise GeneratorInputError("%d: Invalid number of arguments in test "
|
||||
"%s. See function %s signature." %
|
||||
(test_name, function_name))
|
||||
(line_no, test_name, function_name))
|
||||
expression_code += write_parameters(out_data_f, test_args, func_args,
|
||||
unique_expressions)
|
||||
|
||||
|
@ -352,7 +352,6 @@ class MbedTLSBase(TLSProgram):
|
||||
if self._named_groups:
|
||||
named_groups = ','.join(self._named_groups)
|
||||
ret += ["curves={named_groups}".format(named_groups=named_groups)]
|
||||
ret += ['force_version=tls13']
|
||||
return ret
|
||||
|
||||
def pre_checks(self):
|
||||
|
@ -485,9 +485,10 @@ class ParseFuncSignature(TestCase):
|
||||
args, local, arg_dispatch = parse_function_arguments(line)
|
||||
self.assertEqual(args, ['char*', 'int', 'int'])
|
||||
self.assertEqual(local, '')
|
||||
self.assertEqual(arg_dispatch, ['(char *) params[0]',
|
||||
'*( (int *) params[1] )',
|
||||
'*( (int *) params[2] )'])
|
||||
self.assertEqual(arg_dispatch,
|
||||
['(char *) params[0]',
|
||||
'((mbedtls_test_argument_t *) params[1])->sint',
|
||||
'((mbedtls_test_argument_t *) params[2])->sint'])
|
||||
|
||||
def test_hex_params(self):
|
||||
"""
|
||||
@ -499,22 +500,22 @@ class ParseFuncSignature(TestCase):
|
||||
self.assertEqual(args, ['char*', 'hex', 'int'])
|
||||
self.assertEqual(local,
|
||||
' data_t data1 = {(uint8_t *) params[1], '
|
||||
'*( (uint32_t *) params[2] )};\n')
|
||||
'((mbedtls_test_argument_t *) params[2])->len};\n')
|
||||
self.assertEqual(arg_dispatch, ['(char *) params[0]',
|
||||
'&data1',
|
||||
'*( (int *) params[3] )'])
|
||||
'((mbedtls_test_argument_t *) params[3])->sint'])
|
||||
|
||||
def test_unsupported_arg(self):
|
||||
"""
|
||||
Test unsupported arguments (not among int, char * and data_t)
|
||||
Test unsupported argument type
|
||||
:return:
|
||||
"""
|
||||
line = 'void entropy_threshold( char * a, data_t * h, char result )'
|
||||
line = 'void entropy_threshold( char * a, data_t * h, unknown_t result )'
|
||||
self.assertRaises(ValueError, parse_function_arguments, line)
|
||||
|
||||
def test_no_params(self):
|
||||
def test_empty_params(self):
|
||||
"""
|
||||
Test no parameters.
|
||||
Test no parameters (nothing between parentheses).
|
||||
:return:
|
||||
"""
|
||||
line = 'void entropy_threshold()'
|
||||
@ -523,6 +524,39 @@ class ParseFuncSignature(TestCase):
|
||||
self.assertEqual(local, '')
|
||||
self.assertEqual(arg_dispatch, [])
|
||||
|
||||
def test_blank_params(self):
|
||||
"""
|
||||
Test no parameters (space between parentheses).
|
||||
:return:
|
||||
"""
|
||||
line = 'void entropy_threshold( )'
|
||||
args, local, arg_dispatch = parse_function_arguments(line)
|
||||
self.assertEqual(args, [])
|
||||
self.assertEqual(local, '')
|
||||
self.assertEqual(arg_dispatch, [])
|
||||
|
||||
def test_void_params(self):
|
||||
"""
|
||||
Test no parameters (void keyword).
|
||||
:return:
|
||||
"""
|
||||
line = 'void entropy_threshold(void)'
|
||||
args, local, arg_dispatch = parse_function_arguments(line)
|
||||
self.assertEqual(args, [])
|
||||
self.assertEqual(local, '')
|
||||
self.assertEqual(arg_dispatch, [])
|
||||
|
||||
def test_void_space_params(self):
|
||||
"""
|
||||
Test no parameters (void with spaces).
|
||||
:return:
|
||||
"""
|
||||
line = 'void entropy_threshold( void )'
|
||||
args, local, arg_dispatch = parse_function_arguments(line)
|
||||
self.assertEqual(args, [])
|
||||
self.assertEqual(local, '')
|
||||
self.assertEqual(arg_dispatch, [])
|
||||
|
||||
|
||||
class ParseFunctionCode(TestCase):
|
||||
"""
|
||||
@ -1264,29 +1298,33 @@ dhm_selftest:
|
||||
# List of (name, function_name, dependencies, args)
|
||||
tests = list(parse_test_data(stream))
|
||||
test1, test2, test3, test4 = tests
|
||||
self.assertEqual(test1[0], 'Diffie-Hellman full exchange #1')
|
||||
self.assertEqual(test1[1], 'dhm_do_dhm')
|
||||
self.assertEqual(test1[2], [])
|
||||
self.assertEqual(test1[3], ['10', '"23"', '10', '"5"'])
|
||||
self.assertEqual(test1[0], 3)
|
||||
self.assertEqual(test1[1], 'Diffie-Hellman full exchange #1')
|
||||
self.assertEqual(test1[2], 'dhm_do_dhm')
|
||||
self.assertEqual(test1[3], [])
|
||||
self.assertEqual(test1[4], ['10', '"23"', '10', '"5"'])
|
||||
|
||||
self.assertEqual(test2[0], 'Diffie-Hellman full exchange #2')
|
||||
self.assertEqual(test2[1], 'dhm_do_dhm')
|
||||
self.assertEqual(test2[2], [])
|
||||
self.assertEqual(test2[3], ['10', '"93450983094850938450983409623"',
|
||||
self.assertEqual(test2[0], 6)
|
||||
self.assertEqual(test2[1], 'Diffie-Hellman full exchange #2')
|
||||
self.assertEqual(test2[2], 'dhm_do_dhm')
|
||||
self.assertEqual(test2[3], [])
|
||||
self.assertEqual(test2[4], ['10', '"93450983094850938450983409623"',
|
||||
'10', '"9345098304850938450983409622"'])
|
||||
|
||||
self.assertEqual(test3[0], 'Diffie-Hellman full exchange #3')
|
||||
self.assertEqual(test3[1], 'dhm_do_dhm')
|
||||
self.assertEqual(test3[2], [])
|
||||
self.assertEqual(test3[3], ['10',
|
||||
self.assertEqual(test3[0], 9)
|
||||
self.assertEqual(test3[1], 'Diffie-Hellman full exchange #3')
|
||||
self.assertEqual(test3[2], 'dhm_do_dhm')
|
||||
self.assertEqual(test3[3], [])
|
||||
self.assertEqual(test3[4], ['10',
|
||||
'"9345098382739712938719287391879381271"',
|
||||
'10',
|
||||
'"9345098792137312973297123912791271"'])
|
||||
|
||||
self.assertEqual(test4[0], 'Diffie-Hellman selftest')
|
||||
self.assertEqual(test4[1], 'dhm_selftest')
|
||||
self.assertEqual(test4[2], [])
|
||||
self.assertEqual(test4[0], 12)
|
||||
self.assertEqual(test4[1], 'Diffie-Hellman selftest')
|
||||
self.assertEqual(test4[2], 'dhm_selftest')
|
||||
self.assertEqual(test4[3], [])
|
||||
self.assertEqual(test4[4], [])
|
||||
|
||||
def test_with_dependencies(self):
|
||||
"""
|
||||
@ -1306,15 +1344,17 @@ dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622"
|
||||
# List of (name, function_name, dependencies, args)
|
||||
tests = list(parse_test_data(stream))
|
||||
test1, test2 = tests
|
||||
self.assertEqual(test1[0], 'Diffie-Hellman full exchange #1')
|
||||
self.assertEqual(test1[1], 'dhm_do_dhm')
|
||||
self.assertEqual(test1[2], ['YAHOO'])
|
||||
self.assertEqual(test1[3], ['10', '"23"', '10', '"5"'])
|
||||
self.assertEqual(test1[0], 4)
|
||||
self.assertEqual(test1[1], 'Diffie-Hellman full exchange #1')
|
||||
self.assertEqual(test1[2], 'dhm_do_dhm')
|
||||
self.assertEqual(test1[3], ['YAHOO'])
|
||||
self.assertEqual(test1[4], ['10', '"23"', '10', '"5"'])
|
||||
|
||||
self.assertEqual(test2[0], 'Diffie-Hellman full exchange #2')
|
||||
self.assertEqual(test2[1], 'dhm_do_dhm')
|
||||
self.assertEqual(test2[2], [])
|
||||
self.assertEqual(test2[3], ['10', '"93450983094850938450983409623"',
|
||||
self.assertEqual(test2[0], 7)
|
||||
self.assertEqual(test2[1], 'Diffie-Hellman full exchange #2')
|
||||
self.assertEqual(test2[2], 'dhm_do_dhm')
|
||||
self.assertEqual(test2[3], [])
|
||||
self.assertEqual(test2[4], ['10', '"93450983094850938450983409623"',
|
||||
'10', '"9345098304850938450983409622"'])
|
||||
|
||||
def test_no_args(self):
|
||||
@ -1335,7 +1375,7 @@ dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622"
|
||||
stream = StringIOWrapper('test_suite_ut.function', data)
|
||||
err = None
|
||||
try:
|
||||
for _, _, _, _ in parse_test_data(stream):
|
||||
for _, _, _, _, _ in parse_test_data(stream):
|
||||
pass
|
||||
except GeneratorInputError as err:
|
||||
self.assertEqual(type(err), GeneratorInputError)
|
||||
@ -1353,7 +1393,7 @@ depends_on:YAHOO
|
||||
stream = StringIOWrapper('test_suite_ut.function', data)
|
||||
err = None
|
||||
try:
|
||||
for _, _, _, _ in parse_test_data(stream):
|
||||
for _, _, _, _, _ in parse_test_data(stream):
|
||||
pass
|
||||
except GeneratorInputError as err:
|
||||
self.assertEqual(type(err), GeneratorInputError)
|
||||
|
@ -23,8 +23,6 @@
|
||||
|
||||
#include "mbedtls/build_info.h"
|
||||
|
||||
#include "mbedtls/legacy_or_psa.h"
|
||||
|
||||
#include "mbedtls/pk.h"
|
||||
|
||||
/*
|
||||
@ -1569,13 +1567,13 @@ const size_t mbedtls_test_cli_crt_ec_len =
|
||||
* Dispatch between SHA-1 and SHA-256
|
||||
*/
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
#define TEST_CA_CRT_RSA TEST_CA_CRT_RSA_SHA256
|
||||
#define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA256
|
||||
#else
|
||||
#define TEST_CA_CRT_RSA TEST_CA_CRT_RSA_SHA1
|
||||
#define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA1
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256 */
|
||||
|
||||
const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA;
|
||||
const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA;
|
||||
@ -1674,10 +1672,10 @@ const size_t mbedtls_test_cli_crt_len =
|
||||
|
||||
/* List of CAs in PEM or DER, depending on config */
|
||||
const char *mbedtls_test_cas[] = {
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA1)
|
||||
mbedtls_test_ca_crt_rsa_sha1,
|
||||
#endif
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256)
|
||||
mbedtls_test_ca_crt_rsa_sha256,
|
||||
#endif
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
|
||||
@ -1686,10 +1684,10 @@ const char *mbedtls_test_cas[] = {
|
||||
NULL
|
||||
};
|
||||
const size_t mbedtls_test_cas_len[] = {
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA1)
|
||||
sizeof(mbedtls_test_ca_crt_rsa_sha1),
|
||||
#endif
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256)
|
||||
sizeof(mbedtls_test_ca_crt_rsa_sha256),
|
||||
#endif
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
|
||||
@ -1701,12 +1699,12 @@ const size_t mbedtls_test_cas_len[] = {
|
||||
/* List of all available CA certificates in DER format */
|
||||
const unsigned char *mbedtls_test_cas_der[] = {
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
mbedtls_test_ca_crt_rsa_sha256_der,
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA1)
|
||||
mbedtls_test_ca_crt_rsa_sha1_der,
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA1 */
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
|
||||
mbedtls_test_ca_crt_ec_der,
|
||||
@ -1716,12 +1714,12 @@ const unsigned char *mbedtls_test_cas_der[] = {
|
||||
|
||||
const size_t mbedtls_test_cas_der_len[] = {
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
sizeof(mbedtls_test_ca_crt_rsa_sha256_der),
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA1)
|
||||
sizeof(mbedtls_test_ca_crt_rsa_sha1_der),
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA1 */
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
|
||||
sizeof(mbedtls_test_ca_crt_ec_der),
|
||||
@ -1733,12 +1731,12 @@ const size_t mbedtls_test_cas_der_len[] = {
|
||||
#if defined(MBEDTLS_PEM_PARSE_C)
|
||||
const char mbedtls_test_cas_pem[] =
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
TEST_CA_CRT_RSA_SHA256_PEM
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA1)
|
||||
TEST_CA_CRT_RSA_SHA1_PEM
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA1 */
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
|
||||
TEST_CA_CRT_EC_PEM
|
||||
|
@ -19,7 +19,7 @@
|
||||
|
||||
#include <test/helpers.h>
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#include "psa_crypto_hash.h"
|
||||
|
||||
#include "test/drivers/hash.h"
|
||||
@ -208,4 +208,4 @@ psa_status_t mbedtls_test_transparent_hash_abort(
|
||||
|
||||
return mbedtls_test_driver_hash_hooks.driver_status;
|
||||
}
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
|
@ -19,7 +19,7 @@
|
||||
|
||||
#include <test/helpers.h>
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#include "psa_crypto_aead.h"
|
||||
#include "psa_crypto_core.h"
|
||||
|
||||
@ -469,4 +469,4 @@ psa_status_t mbedtls_test_transparent_aead_abort(
|
||||
return mbedtls_test_driver_aead_hooks.driver_status;
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
|
@ -19,7 +19,7 @@
|
||||
|
||||
#include <test/helpers.h>
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#include "psa/crypto.h"
|
||||
#include "mbedtls/rsa.h"
|
||||
#include "psa_crypto_rsa.h"
|
||||
@ -160,4 +160,4 @@ psa_status_t mbedtls_test_opaque_asymmetric_decrypt(
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
|
@ -20,7 +20,7 @@
|
||||
|
||||
#include <test/helpers.h>
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#include "psa/crypto.h"
|
||||
#include "psa_crypto_cipher.h"
|
||||
#include "psa_crypto_core.h"
|
||||
@ -433,4 +433,4 @@ psa_status_t mbedtls_test_opaque_cipher_finish(
|
||||
(void) output_length;
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
|
@ -19,7 +19,7 @@
|
||||
|
||||
#include <test/helpers.h>
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
|
||||
#include "psa/crypto.h"
|
||||
#include "psa_crypto_core.h"
|
||||
@ -123,4 +123,4 @@ psa_status_t mbedtls_test_opaque_key_agreement(
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
|
@ -20,7 +20,7 @@
|
||||
|
||||
#include <test/helpers.h>
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#include "psa/crypto.h"
|
||||
#include "psa_crypto_core.h"
|
||||
#include "psa_crypto_ecp.h"
|
||||
@ -748,4 +748,4 @@ psa_status_t mbedtls_test_opaque_copy_key(
|
||||
return PSA_SUCCESS;
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
|
@ -19,7 +19,7 @@
|
||||
|
||||
#include <test/helpers.h>
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#include "psa_crypto_mac.h"
|
||||
|
||||
#include "test/drivers/mac.h"
|
||||
@ -431,4 +431,4 @@ psa_status_t mbedtls_test_opaque_mac_abort(
|
||||
return mbedtls_test_driver_mac_hooks.driver_status;
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
|
212
tests/src/drivers/test_driver_pake.c
Normal file
212
tests/src/drivers/test_driver_pake.c
Normal file
@ -0,0 +1,212 @@
|
||||
/*
|
||||
* Test driver for MAC entry points.
|
||||
*/
|
||||
/* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include <test/helpers.h>
|
||||
|
||||
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#include "psa_crypto_pake.h"
|
||||
|
||||
#include "test/drivers/pake.h"
|
||||
#include "string.h"
|
||||
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
|
||||
#include "libtestdriver1/library/psa_crypto_pake.h"
|
||||
#endif
|
||||
|
||||
mbedtls_test_driver_pake_hooks_t mbedtls_test_driver_pake_hooks =
|
||||
MBEDTLS_TEST_DRIVER_PAKE_INIT;
|
||||
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_setup(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
const psa_crypto_driver_pake_inputs_t *inputs)
|
||||
{
|
||||
mbedtls_test_driver_pake_hooks.hits.total++;
|
||||
mbedtls_test_driver_pake_hooks.hits.setup++;
|
||||
|
||||
if (mbedtls_test_driver_pake_hooks.forced_setup_status != PSA_SUCCESS) {
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_test_driver_pake_hooks.forced_setup_status;
|
||||
} else {
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
|
||||
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
libtestdriver1_mbedtls_psa_pake_setup(
|
||||
operation, (const libtestdriver1_psa_crypto_driver_pake_inputs_t *) inputs);
|
||||
#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_psa_pake_setup(
|
||||
operation, inputs);
|
||||
#else
|
||||
(void) operation;
|
||||
(void) inputs;
|
||||
mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
|
||||
#endif
|
||||
}
|
||||
|
||||
return mbedtls_test_driver_pake_hooks.driver_status;
|
||||
}
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_output(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
psa_crypto_driver_pake_step_t step,
|
||||
uint8_t *output,
|
||||
size_t output_size,
|
||||
size_t *output_length)
|
||||
{
|
||||
mbedtls_test_driver_pake_hooks.hits.total++;
|
||||
mbedtls_test_driver_pake_hooks.hits.output++;
|
||||
|
||||
if (mbedtls_test_driver_pake_hooks.forced_output != NULL) {
|
||||
if (output_size < mbedtls_test_driver_pake_hooks.forced_output_length) {
|
||||
return PSA_ERROR_BUFFER_TOO_SMALL;
|
||||
}
|
||||
|
||||
memcpy(output,
|
||||
mbedtls_test_driver_pake_hooks.forced_output,
|
||||
mbedtls_test_driver_pake_hooks.forced_output_length);
|
||||
*output_length = mbedtls_test_driver_pake_hooks.forced_output_length;
|
||||
|
||||
return mbedtls_test_driver_pake_hooks.forced_status;
|
||||
}
|
||||
|
||||
if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) {
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_test_driver_pake_hooks.forced_status;
|
||||
} else {
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
|
||||
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
libtestdriver1_mbedtls_psa_pake_output(
|
||||
operation, step, output, output_size, output_length);
|
||||
#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_psa_pake_output(
|
||||
operation, step, output, output_size, output_length);
|
||||
#else
|
||||
(void) operation;
|
||||
(void) step;
|
||||
(void) output;
|
||||
(void) output_size;
|
||||
(void) output_length;
|
||||
mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
|
||||
#endif
|
||||
}
|
||||
|
||||
return mbedtls_test_driver_pake_hooks.driver_status;
|
||||
}
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_input(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
psa_crypto_driver_pake_step_t step,
|
||||
const uint8_t *input,
|
||||
size_t input_length)
|
||||
{
|
||||
mbedtls_test_driver_pake_hooks.hits.total++;
|
||||
mbedtls_test_driver_pake_hooks.hits.input++;
|
||||
|
||||
if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) {
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_test_driver_pake_hooks.forced_status;
|
||||
} else {
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
|
||||
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
libtestdriver1_mbedtls_psa_pake_input(
|
||||
operation, step, input, input_length);
|
||||
#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_psa_pake_input(
|
||||
operation, step, input, input_length);
|
||||
#else
|
||||
(void) operation;
|
||||
(void) step;
|
||||
(void) input;
|
||||
(void) input_length;
|
||||
mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
|
||||
#endif
|
||||
}
|
||||
|
||||
return mbedtls_test_driver_pake_hooks.driver_status;
|
||||
}
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_get_implicit_key(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
uint8_t *output, size_t output_size, size_t *output_length)
|
||||
{
|
||||
mbedtls_test_driver_pake_hooks.hits.total++;
|
||||
mbedtls_test_driver_pake_hooks.hits.implicit_key++;
|
||||
|
||||
if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) {
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_test_driver_pake_hooks.forced_status;
|
||||
} else {
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
|
||||
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
libtestdriver1_mbedtls_psa_pake_get_implicit_key(
|
||||
operation, output, output_size, output_length);
|
||||
#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_psa_pake_get_implicit_key(
|
||||
operation, output, output_size, output_length);
|
||||
#else
|
||||
(void) operation;
|
||||
(void) output;
|
||||
(void) output_size;
|
||||
(void) output_length;
|
||||
mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
|
||||
#endif
|
||||
}
|
||||
|
||||
return mbedtls_test_driver_pake_hooks.driver_status;
|
||||
}
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_abort(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation)
|
||||
{
|
||||
mbedtls_test_driver_pake_hooks.hits.total++;
|
||||
mbedtls_test_driver_pake_hooks.hits.abort++;
|
||||
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
|
||||
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
libtestdriver1_mbedtls_psa_pake_abort(
|
||||
operation);
|
||||
#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_psa_pake_abort(
|
||||
operation);
|
||||
#else
|
||||
(void) operation;
|
||||
mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
|
||||
#endif
|
||||
|
||||
|
||||
if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS &&
|
||||
mbedtls_test_driver_pake_hooks.driver_status == PSA_SUCCESS) {
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_test_driver_pake_hooks.forced_status;
|
||||
}
|
||||
|
||||
|
||||
return mbedtls_test_driver_pake_hooks.driver_status;
|
||||
}
|
||||
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
@ -21,7 +21,7 @@
|
||||
|
||||
#include <test/helpers.h>
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#include "psa/crypto.h"
|
||||
#include "psa_crypto_core.h"
|
||||
#include "psa_crypto_ecp.h"
|
||||
@ -414,4 +414,4 @@ psa_status_t mbedtls_test_opaque_signature_verify_hash(
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
|
@ -138,4 +138,15 @@ psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags)
|
||||
return updated_usage;
|
||||
}
|
||||
|
||||
int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename)
|
||||
{
|
||||
const char *msg = mbedtls_test_helper_is_psa_leaking();
|
||||
if (msg == NULL) {
|
||||
return 0;
|
||||
} else {
|
||||
mbedtls_test_fail(msg, line_no, filename);
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
||||
|
@ -727,14 +727,12 @@ int mbedtls_test_psa_exported_key_sanity_check(
|
||||
} else
|
||||
#endif /* MBEDTLS_ASN1_PARSE_C */
|
||||
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) {
|
||||
/* Just the secret value */
|
||||
TEST_EQUAL(exported_length, PSA_BITS_TO_BYTES(bits));
|
||||
|
||||
TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE);
|
||||
} else
|
||||
#endif /* MBEDTLS_ECP_C */
|
||||
|
||||
#if defined(MBEDTLS_ASN1_PARSE_C)
|
||||
if (type == PSA_KEY_TYPE_RSA_PUBLIC_KEY) {
|
||||
@ -766,7 +764,6 @@ int mbedtls_test_psa_exported_key_sanity_check(
|
||||
} else
|
||||
#endif /* MBEDTLS_ASN1_PARSE_C */
|
||||
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)) {
|
||||
|
||||
TEST_ASSERT(exported_length <=
|
||||
@ -778,6 +775,10 @@ int mbedtls_test_psa_exported_key_sanity_check(
|
||||
/* The representation of an ECC Montgomery public key is
|
||||
* the raw compressed point */
|
||||
TEST_EQUAL(PSA_BITS_TO_BYTES(bits), exported_length);
|
||||
} else if (PSA_KEY_TYPE_ECC_GET_FAMILY(type) == PSA_ECC_FAMILY_TWISTED_EDWARDS) {
|
||||
/* The representation of an ECC Edwards public key is
|
||||
* the raw compressed point */
|
||||
TEST_EQUAL(PSA_BITS_TO_BYTES(bits + 1), exported_length);
|
||||
} else {
|
||||
/* The representation of an ECC Weierstrass public key is:
|
||||
* - The byte 0x04;
|
||||
@ -788,10 +789,7 @@ int mbedtls_test_psa_exported_key_sanity_check(
|
||||
TEST_EQUAL(1 + 2 * PSA_BITS_TO_BYTES(bits), exported_length);
|
||||
TEST_EQUAL(exported[0], 4);
|
||||
}
|
||||
} else
|
||||
#endif /* MBEDTLS_ECP_C */
|
||||
|
||||
{
|
||||
} else {
|
||||
(void) exported;
|
||||
TEST_ASSERT(!"Sanity check not implemented for this key type");
|
||||
}
|
||||
|
@ -36,6 +36,7 @@
|
||||
#include <string.h>
|
||||
|
||||
#include <mbedtls/entropy.h>
|
||||
#include "../../library/alignment.h"
|
||||
|
||||
int mbedtls_test_rnd_std_rand(void *rng_state,
|
||||
unsigned char *output,
|
||||
@ -137,7 +138,7 @@ int mbedtls_test_rnd_pseudo_rand(void *rng_state,
|
||||
+ info->v0) ^ (sum + k[(sum>>11) & 3]);
|
||||
}
|
||||
|
||||
PUT_UINT32_BE(info->v0, result, 0);
|
||||
MBEDTLS_PUT_UINT32_BE(info->v0, result, 0);
|
||||
memcpy(out, result, use_len);
|
||||
len -= use_len;
|
||||
out += 4;
|
||||
|
2240
tests/src/test_helpers/ssl_helpers.c
Normal file
2240
tests/src/test_helpers/ssl_helpers.c
Normal file
File diff suppressed because it is too large
Load Diff
1432
tests/ssl-opt.sh
1432
tests/ssl-opt.sh
File diff suppressed because it is too large
Load Diff
@ -2,13 +2,18 @@
|
||||
/*----------------------------------------------------------------------------*/
|
||||
/* Headers */
|
||||
|
||||
#include <test/arguments.h>
|
||||
#include <test/helpers.h>
|
||||
#include <test/macros.h>
|
||||
#include <test/random.h>
|
||||
#include <test/bignum_helpers.h>
|
||||
#include <test/psa_crypto_helpers.h>
|
||||
|
||||
#include <errno.h>
|
||||
#include <limits.h>
|
||||
#include <stdint.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#if defined(MBEDTLS_ERROR_C)
|
||||
#include "mbedtls/error.h"
|
||||
@ -19,23 +24,6 @@
|
||||
#include "mbedtls/memory_buffer_alloc.h"
|
||||
#endif
|
||||
|
||||
#ifdef _MSC_VER
|
||||
#include <basetsd.h>
|
||||
typedef UINT8 uint8_t;
|
||||
typedef INT32 int32_t;
|
||||
typedef UINT32 uint32_t;
|
||||
#define strncasecmp _strnicmp
|
||||
#define strcasecmp _stricmp
|
||||
#else
|
||||
#include <stdint.h>
|
||||
#endif
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) || defined(__MINGW32__)
|
||||
#include <strings.h>
|
||||
#endif
|
||||
|
||||
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
|
||||
#include <unistd.h>
|
||||
#endif
|
||||
@ -76,25 +64,6 @@ typedef UINT32 uint32_t;
|
||||
/*----------------------------------------------------------------------------*/
|
||||
/* Helper Functions */
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||
/** Check that no PSA Crypto key slots are in use.
|
||||
*
|
||||
* If any slots are in use, mark the current test as failed.
|
||||
*
|
||||
* \return 0 if the key store is empty, 1 otherwise.
|
||||
*/
|
||||
int test_fail_if_psa_leaking(int line_no, const char *filename)
|
||||
{
|
||||
const char *msg = mbedtls_test_helper_is_psa_leaking();
|
||||
if (msg == NULL) {
|
||||
return 0;
|
||||
} else {
|
||||
mbedtls_test_fail(msg, line_no, filename);
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
#endif /* defined(MBEDTLS_PSA_CRYPTO_C) */
|
||||
|
||||
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
|
||||
static int redirect_output(FILE *out_stream, const char *path)
|
||||
{
|
||||
|
@ -28,50 +28,28 @@ int verify_string(char **str)
|
||||
* integer value.
|
||||
*
|
||||
* \param str Input string.
|
||||
* \param value Pointer to int for output value.
|
||||
* \param p_value Pointer to output value.
|
||||
*
|
||||
* \return 0 if success else 1
|
||||
*/
|
||||
int verify_int(char *str, int32_t *value)
|
||||
int verify_int(char *str, intmax_t *p_value)
|
||||
{
|
||||
size_t i;
|
||||
int minus = 0;
|
||||
int digits = 1;
|
||||
int hex = 0;
|
||||
|
||||
for (i = 0; i < strlen(str); i++) {
|
||||
if (i == 0 && str[i] == '-') {
|
||||
minus = 1;
|
||||
continue;
|
||||
}
|
||||
|
||||
if (((minus && i == 2) || (!minus && i == 1)) &&
|
||||
str[i - 1] == '0' && (str[i] == 'x' || str[i] == 'X')) {
|
||||
hex = 1;
|
||||
continue;
|
||||
}
|
||||
|
||||
if (!((str[i] >= '0' && str[i] <= '9') ||
|
||||
(hex && ((str[i] >= 'a' && str[i] <= 'f') ||
|
||||
(str[i] >= 'A' && str[i] <= 'F'))))) {
|
||||
digits = 0;
|
||||
break;
|
||||
}
|
||||
char *end = NULL;
|
||||
errno = 0;
|
||||
/* Limit the range to long: for large integers, the test framework will
|
||||
* use expressions anyway. */
|
||||
long value = strtol(str, &end, 0);
|
||||
if (errno == EINVAL || *end != '\0') {
|
||||
mbedtls_fprintf(stderr,
|
||||
"Expected integer for parameter and got: %s\n", str);
|
||||
return KEY_VALUE_MAPPING_NOT_FOUND;
|
||||
}
|
||||
|
||||
if (digits) {
|
||||
if (hex) {
|
||||
*value = strtol(str, NULL, 16);
|
||||
} else {
|
||||
*value = strtol(str, NULL, 10);
|
||||
}
|
||||
|
||||
return 0;
|
||||
if (errno == ERANGE) {
|
||||
mbedtls_fprintf(stderr, "Integer out of range: %s\n", str);
|
||||
return KEY_VALUE_MAPPING_NOT_FOUND;
|
||||
}
|
||||
|
||||
mbedtls_fprintf(stderr,
|
||||
"Expected integer for parameter and got: %s\n", str);
|
||||
return KEY_VALUE_MAPPING_NOT_FOUND;
|
||||
*p_value = value;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -180,24 +158,24 @@ static int parse_arguments(char *buf, size_t len, char **params,
|
||||
p++;
|
||||
}
|
||||
|
||||
/* Replace newlines, question marks and colons in strings */
|
||||
/* Replace backslash escapes in strings */
|
||||
for (i = 0; i < cnt; i++) {
|
||||
p = params[i];
|
||||
q = params[i];
|
||||
|
||||
while (*p != '\0') {
|
||||
if (*p == '\\' && *(p + 1) == 'n') {
|
||||
p += 2;
|
||||
*(q++) = '\n';
|
||||
} else if (*p == '\\' && *(p + 1) == ':') {
|
||||
p += 2;
|
||||
*(q++) = ':';
|
||||
} else if (*p == '\\' && *(p + 1) == '?') {
|
||||
p += 2;
|
||||
*(q++) = '?';
|
||||
} else {
|
||||
*(q++) = *(p++);
|
||||
if (*p == '\\') {
|
||||
++p;
|
||||
switch (*p) {
|
||||
case 'n':
|
||||
*p = '\n';
|
||||
break;
|
||||
default:
|
||||
// Fall through to copying *p
|
||||
break;
|
||||
}
|
||||
}
|
||||
*(q++) = *(p++);
|
||||
}
|
||||
*q = '\0';
|
||||
}
|
||||
@ -223,7 +201,8 @@ static int parse_arguments(char *buf, size_t len, char **params,
|
||||
*
|
||||
* \return 0 for success else 1
|
||||
*/
|
||||
static int convert_params(size_t cnt, char **params, int32_t *int_params_store)
|
||||
static int convert_params(size_t cnt, char **params,
|
||||
mbedtls_test_argument_t *int_params_store)
|
||||
{
|
||||
char **cur = params;
|
||||
char **out = params;
|
||||
@ -241,7 +220,7 @@ static int convert_params(size_t cnt, char **params, int32_t *int_params_store)
|
||||
break;
|
||||
}
|
||||
} else if (strcmp(type, "int") == 0) {
|
||||
if (verify_int(val, int_params_store) == 0) {
|
||||
if (verify_int(val, &int_params_store->sint) == 0) {
|
||||
*out++ = (char *) int_params_store++;
|
||||
} else {
|
||||
ret = (DISPATCH_INVALID_TEST_DATA);
|
||||
@ -255,7 +234,7 @@ static int convert_params(size_t cnt, char **params, int32_t *int_params_store)
|
||||
mbedtls_test_unhexify((unsigned char *) val, strlen(val),
|
||||
val, &len) == 0);
|
||||
|
||||
*int_params_store = len;
|
||||
int_params_store->len = len;
|
||||
*out++ = val;
|
||||
*out++ = (char *) (int_params_store++);
|
||||
} else {
|
||||
@ -264,7 +243,7 @@ static int convert_params(size_t cnt, char **params, int32_t *int_params_store)
|
||||
}
|
||||
} else if (strcmp(type, "exp") == 0) {
|
||||
int exp_id = strtol(val, NULL, 10);
|
||||
if (get_expression(exp_id, int_params_store) == 0) {
|
||||
if (get_expression(exp_id, &int_params_store->sint) == 0) {
|
||||
*out++ = (char *) int_params_store++;
|
||||
} else {
|
||||
ret = (DISPATCH_INVALID_TEST_DATA);
|
||||
@ -483,7 +462,7 @@ int execute_tests(int argc, const char **argv)
|
||||
char buf[5000];
|
||||
char *params[50];
|
||||
/* Store for processed integer params. */
|
||||
int32_t int_params[50];
|
||||
mbedtls_test_argument_t int_params[50];
|
||||
void *pointer;
|
||||
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
|
||||
int stdout_fd = -1;
|
||||
|
@ -69,7 +69,7 @@ __MBEDTLS_TEST_TEMPLATE__FUNCTIONS_CODE
|
||||
*
|
||||
* \return 0 if exp_id is found. 1 otherwise.
|
||||
*/
|
||||
int get_expression(int32_t exp_id, int32_t *out_value)
|
||||
int get_expression(int32_t exp_id, intmax_t *out_value)
|
||||
{
|
||||
int ret = KEY_VALUE_MAPPING_FOUND;
|
||||
|
||||
|
@ -229,5 +229,11 @@ aes_decrypt_ecb:"000000000000000000000000000000000000000000000000000000000000000
|
||||
AES-256-ECB Decrypt NIST KAT #12
|
||||
aes_decrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"9b80eefb7ebe2d2b16247aa0efc72f5d":"e0000000000000000000000000000000":0
|
||||
|
||||
AES-256-ECB Copy Context NIST KAT #1
|
||||
aes_ecb_copy_context:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"00000000000000000000000000000000"
|
||||
AES-128-ECB Copy context
|
||||
aes_ecb_copy_context:"000102030405060708090a0b0c0d0e0f"
|
||||
|
||||
AES-192-ECB Copy context
|
||||
aes_ecb_copy_context:"000102030405060708090a0b0c0d0e0f1011121314151617"
|
||||
|
||||
AES-256-ECB Copy context
|
||||
aes_ecb_copy_context:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"
|
||||
|
@ -1,5 +1,61 @@
|
||||
/* BEGIN_HEADER */
|
||||
#include "mbedtls/aes.h"
|
||||
|
||||
/* Test AES with a copied context.
|
||||
*
|
||||
* master, enc and dec must be AES context objects. They don't need to
|
||||
* be initialized, and are left freed.
|
||||
*/
|
||||
static int test_copy(const data_t *key,
|
||||
mbedtls_aes_context *master,
|
||||
mbedtls_aes_context *enc,
|
||||
mbedtls_aes_context *dec)
|
||||
{
|
||||
unsigned char plaintext[16] = {
|
||||
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
|
||||
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
|
||||
};
|
||||
unsigned char ciphertext[16];
|
||||
unsigned char output[16];
|
||||
|
||||
// Set key and encrypt with original context
|
||||
mbedtls_aes_init(master);
|
||||
TEST_ASSERT(mbedtls_aes_setkey_enc(master, key->x,
|
||||
key->len * 8) == 0);
|
||||
TEST_ASSERT(mbedtls_aes_crypt_ecb(master, MBEDTLS_AES_ENCRYPT,
|
||||
plaintext, ciphertext) == 0);
|
||||
*enc = *master;
|
||||
|
||||
// Set key for decryption with original context
|
||||
mbedtls_aes_init(master);
|
||||
TEST_ASSERT(mbedtls_aes_setkey_dec(master, key->x,
|
||||
key->len * 8) == 0);
|
||||
*dec = *master;
|
||||
|
||||
// Wipe the original context to make sure nothing from it is used
|
||||
memset(master, 0, sizeof(*master));
|
||||
|
||||
// Encrypt with copied context
|
||||
TEST_ASSERT(mbedtls_aes_crypt_ecb(enc, MBEDTLS_AES_ENCRYPT,
|
||||
plaintext, output) == 0);
|
||||
ASSERT_COMPARE(ciphertext, 16, output, 16);
|
||||
mbedtls_aes_free(enc);
|
||||
|
||||
// Decrypt with copied context
|
||||
TEST_ASSERT(mbedtls_aes_crypt_ecb(dec, MBEDTLS_AES_DECRYPT,
|
||||
ciphertext, output) == 0);
|
||||
ASSERT_COMPARE(plaintext, 16, output, 16);
|
||||
mbedtls_aes_free(dec);
|
||||
|
||||
return 1;
|
||||
|
||||
exit:
|
||||
/* Bug: we may be leaving something unfreed. This is harmless
|
||||
* in our built-in implementations, but might cause a memory leak
|
||||
* with alternative implementations. */
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_DEPENDENCIES
|
||||
@ -468,32 +524,89 @@ void aes_misc_params()
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void aes_ecb_copy_context(data_t *key_str, data_t *src_str)
|
||||
void aes_ecb_copy_context(data_t *key)
|
||||
{
|
||||
unsigned char output1[16], output2[16], plain[16];
|
||||
mbedtls_aes_context ctx1, ctx2, ctx3;
|
||||
/* We test context copying multiple times, with different alignments
|
||||
* of the original and of the copies. */
|
||||
|
||||
// Set key and encrypt with original context
|
||||
mbedtls_aes_init(&ctx1);
|
||||
TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx1, key_str->x,
|
||||
key_str->len * 8) == 0);
|
||||
TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx1, MBEDTLS_AES_ENCRYPT,
|
||||
src_str->x, output1) == 0);
|
||||
struct align0 {
|
||||
mbedtls_aes_context ctx;
|
||||
};
|
||||
struct align0 *src0 = NULL;
|
||||
struct align0 *enc0 = NULL;
|
||||
struct align0 *dec0 = NULL;
|
||||
|
||||
ctx2 = ctx1;
|
||||
TEST_ASSERT(mbedtls_aes_setkey_dec(&ctx1, key_str->x,
|
||||
key_str->len * 8) == 0);
|
||||
ctx3 = ctx1;
|
||||
memset(&ctx1, 0, sizeof(ctx1));
|
||||
struct align1 {
|
||||
char bump;
|
||||
mbedtls_aes_context ctx;
|
||||
};
|
||||
struct align1 *src1 = NULL;
|
||||
struct align1 *enc1 = NULL;
|
||||
struct align1 *dec1 = NULL;
|
||||
|
||||
// Encrypt and decrypt with copied context
|
||||
TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx2, MBEDTLS_AES_ENCRYPT,
|
||||
src_str->x, output2) == 0);
|
||||
TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx3, MBEDTLS_AES_DECRYPT,
|
||||
output1, plain) == 0);
|
||||
/* All peak alignment */
|
||||
ASSERT_ALLOC(src0, 1);
|
||||
ASSERT_ALLOC(enc0, 1);
|
||||
ASSERT_ALLOC(dec0, 1);
|
||||
if (!test_copy(key, &src0->ctx, &enc0->ctx, &dec0->ctx)) {
|
||||
goto exit;
|
||||
}
|
||||
mbedtls_free(src0);
|
||||
src0 = NULL;
|
||||
mbedtls_free(enc0);
|
||||
enc0 = NULL;
|
||||
mbedtls_free(dec0);
|
||||
dec0 = NULL;
|
||||
|
||||
TEST_ASSERT(mbedtls_test_hexcmp(output1, output2, 16, 16) == 0);
|
||||
TEST_ASSERT(mbedtls_test_hexcmp(src_str->x, plain, src_str->len, 16) == 0);
|
||||
/* Original shifted */
|
||||
ASSERT_ALLOC(src1, 1);
|
||||
ASSERT_ALLOC(enc0, 1);
|
||||
ASSERT_ALLOC(dec0, 1);
|
||||
if (!test_copy(key, &src1->ctx, &enc0->ctx, &dec0->ctx)) {
|
||||
goto exit;
|
||||
}
|
||||
mbedtls_free(src1);
|
||||
src1 = NULL;
|
||||
mbedtls_free(enc0);
|
||||
enc0 = NULL;
|
||||
mbedtls_free(dec0);
|
||||
dec0 = NULL;
|
||||
|
||||
/* Copies shifted */
|
||||
ASSERT_ALLOC(src0, 1);
|
||||
ASSERT_ALLOC(enc1, 1);
|
||||
ASSERT_ALLOC(dec1, 1);
|
||||
if (!test_copy(key, &src0->ctx, &enc1->ctx, &dec1->ctx)) {
|
||||
goto exit;
|
||||
}
|
||||
mbedtls_free(src0);
|
||||
src0 = NULL;
|
||||
mbedtls_free(enc1);
|
||||
enc1 = NULL;
|
||||
mbedtls_free(dec1);
|
||||
dec1 = NULL;
|
||||
|
||||
/* Source and copies shifted */
|
||||
ASSERT_ALLOC(src1, 1);
|
||||
ASSERT_ALLOC(enc1, 1);
|
||||
ASSERT_ALLOC(dec1, 1);
|
||||
if (!test_copy(key, &src1->ctx, &enc1->ctx, &dec1->ctx)) {
|
||||
goto exit;
|
||||
}
|
||||
mbedtls_free(src1);
|
||||
src1 = NULL;
|
||||
mbedtls_free(enc1);
|
||||
enc1 = NULL;
|
||||
mbedtls_free(dec1);
|
||||
dec1 = NULL;
|
||||
|
||||
exit:
|
||||
mbedtls_free(src0);
|
||||
mbedtls_free(enc0);
|
||||
mbedtls_free(dec0);
|
||||
mbedtls_free(src1);
|
||||
mbedtls_free(enc1);
|
||||
mbedtls_free(dec1);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
|
@ -12,18 +12,15 @@
|
||||
*/
|
||||
int parse_hex_string(char *hex_string, uint64_t *result)
|
||||
{
|
||||
uint8_t raw[8];
|
||||
uint8_t raw[8] = { 0 };
|
||||
size_t olen;
|
||||
if (mbedtls_test_unhexify(raw, sizeof(raw), hex_string, &olen) != 0) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
*result = 0;
|
||||
for (size_t i = 0; i < olen; i++) {
|
||||
if (MBEDTLS_IS_BIG_ENDIAN) {
|
||||
*result |= ((uint64_t) raw[i]) << (i * 8);
|
||||
} else {
|
||||
*result |= ((uint64_t) raw[i]) << ((olen - i - 1) * 8);
|
||||
}
|
||||
*result |= ((uint64_t) raw[i]) << ((olen - i - 1) * 8);
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
@ -57,44 +54,29 @@ void mbedtls_unaligned_access(int size, int offset)
|
||||
break;
|
||||
}
|
||||
|
||||
/* Generate expected result */
|
||||
/* Define expected result by manually aligning the raw bytes, and
|
||||
* reading back with a normal pointer access. */
|
||||
uint64_t raw_aligned_64;
|
||||
uint16_t *raw_aligned_16 = (uint16_t *) &raw_aligned_64;
|
||||
uint32_t *raw_aligned_32 = (uint32_t *) &raw_aligned_64;
|
||||
memcpy(&raw_aligned_64, ((uint8_t *) &raw) + offset, size / 8);
|
||||
/* Make a 16/32/64 byte read from the aligned location, and copy to expected */
|
||||
uint64_t expected = 0;
|
||||
for (uint8_t i = 0; i < 8; i++) {
|
||||
uint8_t shift;
|
||||
if (MBEDTLS_IS_BIG_ENDIAN) {
|
||||
/*
|
||||
* Similar to little-endian case described below, but the shift needs
|
||||
* to be inverted
|
||||
*/
|
||||
shift = 7 - (i * 8);
|
||||
} else {
|
||||
/* example for offset == 1:
|
||||
* expected = (( 1 + 0 ) << (0 * 8)) | (( 1 + 1 ) << (1 * 8)) | (( 1 + 2 ) << (2 * 8)))
|
||||
* = (1 << 0) | (2 << 8) | (3 << 16) ...
|
||||
* = 0x0807060504030201
|
||||
* x = { 0, 1, 2, 3, ... }
|
||||
* ie expected is the value that would be read from x on a LE system, when
|
||||
* byte swapping is not performed
|
||||
*/
|
||||
shift = i * 8;
|
||||
}
|
||||
uint64_t b = offset + i;
|
||||
expected |= b << shift;
|
||||
}
|
||||
|
||||
/* Mask out excess bits from expected result */
|
||||
switch (size) {
|
||||
case 16:
|
||||
expected &= 0xffff;
|
||||
expected = *raw_aligned_16;
|
||||
break;
|
||||
case 32:
|
||||
expected &= 0xffffffff;
|
||||
expected = *raw_aligned_32;
|
||||
break;
|
||||
case 64:
|
||||
expected = raw_aligned_64;
|
||||
break;
|
||||
}
|
||||
|
||||
TEST_EQUAL(r, expected);
|
||||
|
||||
/* Write sentinel to the part of the array we will testing writing to */
|
||||
/* Write sentinel to the part of the array we will test writing to */
|
||||
for (size_t i = 0; i < (size_t) (size / 8); i++) {
|
||||
x[i + offset] = 0xff;
|
||||
}
|
||||
@ -122,7 +104,7 @@ void mbedtls_unaligned_access(int size, int offset)
|
||||
/* BEGIN_CASE */
|
||||
void mbedtls_byteswap(char *input_str, int size, char *expected_str)
|
||||
{
|
||||
uint64_t input, expected;
|
||||
uint64_t input = 0, expected = 0;
|
||||
TEST_ASSERT(parse_hex_string(input_str, &input));
|
||||
TEST_ASSERT(parse_hex_string(expected_str, &expected));
|
||||
|
||||
@ -315,7 +297,7 @@ void unaligned_access_endian_aware(int size, int offset, int big_endian)
|
||||
/* Verify read */
|
||||
TEST_EQUAL(read, expected);
|
||||
|
||||
/* Test writing back to memory. First write sentiel */
|
||||
/* Test writing back to memory. First write sentinel */
|
||||
for (size_t i = 0; i < (size_t) (size / 8); i++) {
|
||||
x[i + offset] = 0xff;
|
||||
}
|
||||
|
@ -133,7 +133,7 @@ void mpi_read_write_string(int radix_X, char *input_X, int radix_A,
|
||||
TEST_ASSERT(sign_is_valid(&X));
|
||||
TEST_ASSERT(mbedtls_mpi_write_string(&X, radix_A, str, output_size, &len) == result_write);
|
||||
if (result_write == 0) {
|
||||
TEST_ASSERT(strcasecmp(str, input_A) == 0);
|
||||
TEST_ASSERT(strcmp(str, input_A) == 0);
|
||||
TEST_ASSERT(str[len] == '!');
|
||||
}
|
||||
}
|
||||
@ -923,47 +923,16 @@ exit:
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void mpi_mod_int(char *input_X, char *input_Y,
|
||||
char *input_A, int mod_result)
|
||||
void mpi_mod_int(char *input_X, mbedtls_mpi_sint y,
|
||||
mbedtls_mpi_sint a, int mod_result)
|
||||
{
|
||||
mbedtls_mpi X;
|
||||
mbedtls_mpi Y;
|
||||
mbedtls_mpi A;
|
||||
int res;
|
||||
mbedtls_mpi_uint r;
|
||||
|
||||
mbedtls_mpi_init(&X);
|
||||
mbedtls_mpi_init(&Y);
|
||||
mbedtls_mpi_init(&A);
|
||||
|
||||
/* We use MPIs to read Y and A since the test framework limits us to
|
||||
* ints, so we can't have 64-bit values */
|
||||
TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi(&Y, input_Y), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi(&A, input_A), 0);
|
||||
|
||||
TEST_EQUAL(Y.n, 1);
|
||||
TEST_EQUAL(A.n, 1);
|
||||
|
||||
/* Convert the MPIs for Y and A to (signed) mbedtls_mpi_sints */
|
||||
|
||||
/* Since we're converting sign+magnitude to two's complement, we lose one
|
||||
* bit of value in the output. This means there are some values we can't
|
||||
* represent, e.g. (hex) -A0000000 on 32-bit systems. These are technically
|
||||
* invalid test cases, so could be considered "won't happen", but they are
|
||||
* easy to test for, and this helps guard against human error. */
|
||||
|
||||
mbedtls_mpi_sint y = (mbedtls_mpi_sint) Y.p[0];
|
||||
TEST_ASSERT(y >= 0); /* If y < 0 here, we can't make negative y */
|
||||
if (Y.s == -1) {
|
||||
y = -y;
|
||||
}
|
||||
|
||||
mbedtls_mpi_sint a = (mbedtls_mpi_sint) A.p[0];
|
||||
TEST_ASSERT(a >= 0); /* Same goes for a */
|
||||
if (A.s == -1) {
|
||||
a = -a;
|
||||
}
|
||||
|
||||
res = mbedtls_mpi_mod_int(&r, &X, y);
|
||||
TEST_EQUAL(res, mod_result);
|
||||
@ -973,8 +942,6 @@ void mpi_mod_int(char *input_X, char *input_Y,
|
||||
|
||||
exit:
|
||||
mbedtls_mpi_free(&X);
|
||||
mbedtls_mpi_free(&Y);
|
||||
mbedtls_mpi_free(&A);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
|
@ -56,10 +56,10 @@ Test mpi_read_write_string #5 (Illegal output radix)
|
||||
mpi_read_write_string:16:"-23":17:"-23":4:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
|
||||
|
||||
Test mpi_read_write_string #6 (Output radix of 15)
|
||||
mpi_read_write_string:10:"29":15:"1e":100:0:0
|
||||
mpi_read_write_string:10:"29":15:"1E":100:0:0
|
||||
|
||||
Test mpi_read_write_string #7
|
||||
mpi_read_write_string:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0:0
|
||||
mpi_read_write_string:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"0941379D00FED1491FE15DF284DFDE4A142F68AA8D412023195CEE66883E6290FFE703F4EA5963BF212713CEE46B107C09182B5EDCD955ADAC418BF4918E2889AF48E1099D513830CEC85C26AC1E158B52620E33BA8692F893EFBB2F958B4424":200:0:0
|
||||
|
||||
Test mpi_read_write_string #8 (Empty MPI hex -> hex)
|
||||
mpi_read_write_string:16:"":16:"":4:0:0
|
||||
@ -1229,45 +1229,45 @@ Test mbedtls_mpi_mod_mpi: -0 (null) % -42
|
||||
mpi_mod_mpi:"-":"-2a":"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
|
||||
|
||||
Base test mbedtls_mpi_mod_int #1
|
||||
mpi_mod_int:"3e8":"d":"c":0
|
||||
mpi_mod_int:"3e8":0xd:0xc:0
|
||||
|
||||
Base test mbedtls_mpi_mod_int #2 (Divide by zero)
|
||||
mpi_mod_int:"3e8":"0":"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
|
||||
mpi_mod_int:"3e8":0x0:0x0:MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
|
||||
|
||||
Base test mbedtls_mpi_mod_int #3
|
||||
mpi_mod_int:"-3e8":"d":"1":0
|
||||
mpi_mod_int:"-3e8":0xd:0x1:0
|
||||
|
||||
Base test mbedtls_mpi_mod_int #4 (Negative modulo)
|
||||
mpi_mod_int:"3e8":"-d":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
|
||||
mpi_mod_int:"3e8":-0xd:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
|
||||
|
||||
Base test mbedtls_mpi_mod_int #5 (Negative modulo)
|
||||
mpi_mod_int:"-3e8":"-d":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
|
||||
mpi_mod_int:"-3e8":-0xd:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
|
||||
|
||||
Base test mbedtls_mpi_mod_int #6 (By 1)
|
||||
mpi_mod_int:"3e8":"1":"0":0
|
||||
mpi_mod_int:"3e8":0x1:0x0:0
|
||||
|
||||
Base test mbedtls_mpi_mod_int #7 (By 2)
|
||||
mpi_mod_int:"3e9":"2":"1":0
|
||||
mpi_mod_int:"3e9":0x2:0x1:0
|
||||
|
||||
Base test mbedtls_mpi_mod_int #8 (By 2)
|
||||
mpi_mod_int:"3e8":"2":"0":0
|
||||
mpi_mod_int:"3e8":0x2:0x0:0
|
||||
|
||||
Test mbedtls_mpi_mod_int: 0 (null) % 1
|
||||
mpi_mod_int:"":"1":"0":0
|
||||
mpi_mod_int:"":0x1:0x0:0
|
||||
|
||||
Test mbedtls_mpi_mod_int: 0 (null) % 2
|
||||
mpi_mod_int:"":"2":"0":0
|
||||
mpi_mod_int:"":0x2:0x0:0
|
||||
|
||||
Test mbedtls_mpi_mod_int: 0 (null) % -1
|
||||
mpi_mod_int:"":"-1":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
|
||||
mpi_mod_int:"":-0x1:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
|
||||
|
||||
Test mbedtls_mpi_mod_int: 0 (null) % -2
|
||||
mpi_mod_int:"":"-2":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
|
||||
mpi_mod_int:"":-0x2:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
|
||||
|
||||
# CURRENTLY FAILS - SEE GITHUB ISSUE #6540
|
||||
#Test mbedtls_mpi_mod_int: 230772460340063000000100500000300000010 % 5178236083361335880 -> 3386266129388798810
|
||||
#depends_on:MBEDTLS_HAVE_INT64
|
||||
#mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA4847DCCA48":"2EFE6F1A7D28035A":0
|
||||
#mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":0x47DCCA4847DCCA48:0x2EFE6F1A7D28035A:0
|
||||
|
||||
Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000300000010 % 5178236083361335880 -> 3386266129388798810
|
||||
mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA4847DCCA48":"2EFE6F1A7D28035A":0
|
||||
@ -1275,7 +1275,7 @@ mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA4847DCCA48":"2EFE6F1A7D280
|
||||
# CURRENTLY FAILS - SEE GITHUB ISSUE #6540
|
||||
#Test mbedtls_mpi_mod_int: 230772460340062999996714233870911201200 % 5178236083361335880 -> 0
|
||||
#depends_on:MBEDTLS_HAVE_INT64
|
||||
#mpi_mod_int:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":"47DCCA4847DCCA48":"0":0
|
||||
#mpi_mod_int:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":0x47DCCA4847DCCA48:0x0:0
|
||||
|
||||
Test mbedtls_mpi_mod_mpi: 230772460340062999996714233870911201200 % 5178236083361335880 -> 0
|
||||
mpi_mod_mpi:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":"47DCCA4847DCCA48":"0":0
|
||||
@ -1283,7 +1283,7 @@ mpi_mod_mpi:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":"47DCCA4847DCCA48":"0":0
|
||||
# CURRENTLY FAILS WHEN MPIS ARE 32-BIT (ISSUE #6450): WHEN FIXED, REMOVE "depends_on" LINE
|
||||
Test mbedtls_mpi_mod_int: 230772460340063000000100500000300000010 % 1205652040 -> 3644370
|
||||
depends_on:MBEDTLS_HAVE_INT64
|
||||
mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA48":"379BD2":0
|
||||
mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":0x47DCCA48:0x379BD2:0
|
||||
|
||||
Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000300000010 % 1205652040 -> 3644370
|
||||
mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA48":"379BD2":0
|
||||
@ -1291,7 +1291,7 @@ mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA48":"379BD2":0
|
||||
# CURRENTLY FAILS WHEN MPIS ARE 32-BIT (ISSUE #6450): WHEN FIXED, REMOVE "depends_on" LINE
|
||||
Test mbedtls_mpi_mod_int: 230772460340063000000100500000296355640 % 1205652040 -> 0
|
||||
depends_on:MBEDTLS_HAVE_INT64
|
||||
mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980974738":"47DCCA48":"0":0
|
||||
mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980974738":0x47DCCA48:0x0:0
|
||||
|
||||
Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000296355640 % 1205652040 -> 0
|
||||
mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980974738":"47DCCA48":"0":0
|
||||
|
@ -309,6 +309,36 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void mpi_core_clz(int leading_zeros, int trailing_zeros)
|
||||
{
|
||||
if ((size_t) (leading_zeros + trailing_zeros) >= (sizeof(mbedtls_mpi_uint) * 8)) {
|
||||
// can't fit required number of leading and trailing zeros - skip test
|
||||
goto exit;
|
||||
}
|
||||
|
||||
// Construct a test input value where the count of leading zeros and
|
||||
// trailing zeros is given in the test case, and we add ones to fill
|
||||
// the gap.
|
||||
mbedtls_mpi_uint x;
|
||||
if ((leading_zeros + trailing_zeros) > 0) {
|
||||
// some zero bits
|
||||
uint32_t s = (sizeof(mbedtls_mpi_uint) * 8 - leading_zeros - trailing_zeros);
|
||||
x = ((((mbedtls_mpi_uint) 1) << s) - 1) << trailing_zeros;
|
||||
} else {
|
||||
// all bits set
|
||||
x = ~((mbedtls_mpi_uint) 0);
|
||||
}
|
||||
|
||||
size_t n = mbedtls_mpi_core_clz(x);
|
||||
TEST_EQUAL(n, leading_zeros);
|
||||
exit:
|
||||
;
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void mpi_core_lt_ct(char *input_X, char *input_Y, int exp_ret)
|
||||
{
|
||||
@ -1057,7 +1087,71 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN MERGE SLOT 1 */
|
||||
/* BEGIN_CASE */
|
||||
void mpi_core_mul(char *input_A,
|
||||
char *input_B,
|
||||
char *result)
|
||||
{
|
||||
mbedtls_mpi_uint *A = NULL;
|
||||
mbedtls_mpi_uint *A_orig = NULL;
|
||||
mbedtls_mpi_uint *B = NULL;
|
||||
mbedtls_mpi_uint *B_orig = NULL;
|
||||
mbedtls_mpi_uint *R = NULL;
|
||||
mbedtls_mpi_uint *X = NULL;
|
||||
size_t A_limbs, B_limbs, R_limbs;
|
||||
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&A, &A_limbs, input_A), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&B, &B_limbs, input_B), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&R, &R_limbs, result), 0);
|
||||
|
||||
TEST_EQUAL(R_limbs, A_limbs + B_limbs);
|
||||
|
||||
const size_t X_limbs = A_limbs + B_limbs;
|
||||
const size_t X_bytes = X_limbs * sizeof(mbedtls_mpi_uint);
|
||||
ASSERT_ALLOC(X, X_limbs);
|
||||
|
||||
const size_t A_bytes = A_limbs * sizeof(mbedtls_mpi_uint);
|
||||
ASSERT_ALLOC(A_orig, A_limbs);
|
||||
memcpy(A_orig, A, A_bytes);
|
||||
|
||||
const size_t B_bytes = B_limbs * sizeof(mbedtls_mpi_uint);
|
||||
ASSERT_ALLOC(B_orig, B_limbs);
|
||||
memcpy(B_orig, B, B_bytes);
|
||||
|
||||
/* Set result to something that is unlikely to be correct */
|
||||
memset(X, '!', X_bytes);
|
||||
|
||||
/* 1. X = A * B - result should be correct, A and B unchanged */
|
||||
mbedtls_mpi_core_mul(X, A, A_limbs, B, B_limbs);
|
||||
ASSERT_COMPARE(X, X_bytes, R, X_bytes);
|
||||
ASSERT_COMPARE(A, A_bytes, A_orig, A_bytes);
|
||||
ASSERT_COMPARE(B, B_bytes, B_orig, B_bytes);
|
||||
|
||||
/* 2. A == B: alias A and B - result should be correct, A and B unchanged */
|
||||
if (A_bytes == B_bytes && memcmp(A, B, A_bytes) == 0) {
|
||||
memset(X, '!', X_bytes);
|
||||
mbedtls_mpi_core_mul(X, A, A_limbs, A, A_limbs);
|
||||
ASSERT_COMPARE(X, X_bytes, R, X_bytes);
|
||||
ASSERT_COMPARE(A, A_bytes, A_orig, A_bytes);
|
||||
}
|
||||
/* 3. X = B * A - result should be correct, A and B unchanged */
|
||||
else {
|
||||
memset(X, '!', X_bytes);
|
||||
mbedtls_mpi_core_mul(X, B, B_limbs, A, A_limbs);
|
||||
ASSERT_COMPARE(X, X_bytes, R, X_bytes);
|
||||
ASSERT_COMPARE(A, A_bytes, A_orig, A_bytes);
|
||||
ASSERT_COMPARE(B, B_bytes, B_orig, B_bytes);
|
||||
}
|
||||
|
||||
exit:
|
||||
mbedtls_free(A);
|
||||
mbedtls_free(A_orig);
|
||||
mbedtls_free(B);
|
||||
mbedtls_free(B_orig);
|
||||
mbedtls_free(R);
|
||||
mbedtls_free(X);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void mpi_core_exp_mod(char *input_N, char *input_A,
|
||||
@ -1138,14 +1232,6 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* END MERGE SLOT 1 */
|
||||
|
||||
/* BEGIN MERGE SLOT 2 */
|
||||
|
||||
/* END MERGE SLOT 2 */
|
||||
|
||||
/* BEGIN MERGE SLOT 3 */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void mpi_core_sub_int(char *input_A, char *input_B,
|
||||
char *input_X, int borrow)
|
||||
@ -1210,33 +1296,3 @@ exit:
|
||||
mbedtls_free(X);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* END MERGE SLOT 3 */
|
||||
|
||||
/* BEGIN MERGE SLOT 4 */
|
||||
|
||||
/* END MERGE SLOT 4 */
|
||||
|
||||
/* BEGIN MERGE SLOT 5 */
|
||||
|
||||
/* END MERGE SLOT 5 */
|
||||
|
||||
/* BEGIN MERGE SLOT 6 */
|
||||
|
||||
/* END MERGE SLOT 6 */
|
||||
|
||||
/* BEGIN MERGE SLOT 7 */
|
||||
|
||||
/* END MERGE SLOT 7 */
|
||||
|
||||
/* BEGIN MERGE SLOT 8 */
|
||||
|
||||
/* END MERGE SLOT 8 */
|
||||
|
||||
/* BEGIN MERGE SLOT 9 */
|
||||
|
||||
/* END MERGE SLOT 9 */
|
||||
|
||||
/* BEGIN MERGE SLOT 10 */
|
||||
|
||||
/* END MERGE SLOT 10 */
|
||||
|
@ -491,42 +491,35 @@ mpi_core_fill_random:42:0:-1:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
|
||||
Fill random core: 42 bytes, 5 missing limbs
|
||||
mpi_core_fill_random:42:0:-5:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
|
||||
|
||||
# BEGIN MERGE SLOT 1
|
||||
CLZ: 0 0: all ones
|
||||
mpi_core_clz:0:0
|
||||
|
||||
# END MERGE SLOT 1
|
||||
CLZ: 1 0
|
||||
mpi_core_clz:1:0
|
||||
|
||||
# BEGIN MERGE SLOT 2
|
||||
CLZ: 1 1
|
||||
mpi_core_clz:1:1
|
||||
|
||||
# END MERGE SLOT 2
|
||||
CLZ: 4 5
|
||||
mpi_core_clz:4:5
|
||||
|
||||
# BEGIN MERGE SLOT 3
|
||||
CLZ: 8 16
|
||||
mpi_core_clz:8:16
|
||||
|
||||
# END MERGE SLOT 3
|
||||
CLZ: 31 0
|
||||
mpi_core_clz:31:0
|
||||
|
||||
# BEGIN MERGE SLOT 4
|
||||
CLZ: 32 0
|
||||
mpi_core_clz:32:0
|
||||
|
||||
# END MERGE SLOT 4
|
||||
CLZ: 33 0
|
||||
mpi_core_clz:33:0
|
||||
|
||||
# BEGIN MERGE SLOT 5
|
||||
CLZ: 63 0
|
||||
mpi_core_clz:63:0
|
||||
|
||||
# END MERGE SLOT 5
|
||||
CLZ: 64 0
|
||||
mpi_core_clz:64:0
|
||||
|
||||
# BEGIN MERGE SLOT 6
|
||||
|
||||
# END MERGE SLOT 6
|
||||
|
||||
# BEGIN MERGE SLOT 7
|
||||
|
||||
# END MERGE SLOT 7
|
||||
|
||||
# BEGIN MERGE SLOT 8
|
||||
|
||||
# END MERGE SLOT 8
|
||||
|
||||
# BEGIN MERGE SLOT 9
|
||||
|
||||
# END MERGE SLOT 9
|
||||
|
||||
# BEGIN MERGE SLOT 10
|
||||
|
||||
# END MERGE SLOT 10
|
||||
CLZ: 100000 0: skip overly long input
|
||||
mpi_core_clz:100000:0
|
||||
|
@ -96,12 +96,6 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN MERGE SLOT 1 */
|
||||
|
||||
/* END MERGE SLOT 1 */
|
||||
|
||||
/* BEGIN MERGE SLOT 2 */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void mpi_mod_mul(char *input_A,
|
||||
char *input_B,
|
||||
@ -238,9 +232,6 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* END MERGE SLOT 2 */
|
||||
|
||||
/* BEGIN MERGE SLOT 3 */
|
||||
/* BEGIN_CASE */
|
||||
void mpi_mod_sub(char *input_N,
|
||||
char *input_A, char *input_B,
|
||||
@ -440,13 +431,7 @@ exit:
|
||||
mbedtls_free(X_raw);
|
||||
}
|
||||
/* END_CASE */
|
||||
/* END MERGE SLOT 3 */
|
||||
|
||||
/* BEGIN MERGE SLOT 4 */
|
||||
|
||||
/* END MERGE SLOT 4 */
|
||||
|
||||
/* BEGIN MERGE SLOT 5 */
|
||||
/* BEGIN_CASE */
|
||||
void mpi_mod_add(char *input_N,
|
||||
char *input_A, char *input_B,
|
||||
@ -549,13 +534,7 @@ exit:
|
||||
mbedtls_free(X_raw);
|
||||
}
|
||||
/* END_CASE */
|
||||
/* END MERGE SLOT 5 */
|
||||
|
||||
/* BEGIN MERGE SLOT 6 */
|
||||
|
||||
/* END MERGE SLOT 6 */
|
||||
|
||||
/* BEGIN MERGE SLOT 7 */
|
||||
/* BEGIN_CASE */
|
||||
void mpi_residue_setup(char *input_N, char *input_R, int ret)
|
||||
{
|
||||
@ -762,16 +741,3 @@ exit:
|
||||
mbedtls_free(obuf);
|
||||
}
|
||||
/* END_CASE */
|
||||
/* END MERGE SLOT 7 */
|
||||
|
||||
/* BEGIN MERGE SLOT 8 */
|
||||
|
||||
/* END MERGE SLOT 8 */
|
||||
|
||||
/* BEGIN MERGE SLOT 9 */
|
||||
|
||||
/* END MERGE SLOT 9 */
|
||||
|
||||
/* BEGIN MERGE SLOT 10 */
|
||||
|
||||
/* END MERGE SLOT 10 */
|
||||
|
@ -7,11 +7,6 @@ mpi_mod_setup:MBEDTLS_MPI_MOD_REP_OPT_RED:0
|
||||
Test mbedtls_mpi_mod_setup #7 (Montgomery representation)
|
||||
mpi_mod_setup:MBEDTLS_MPI_MOD_REP_MONTGOMERY:0
|
||||
|
||||
# BEGIN MERGE SLOT 1
|
||||
|
||||
# END MERGE SLOT 1
|
||||
|
||||
# BEGIN MERGE SLOT 2
|
||||
Test mpi_mod_mul #1 N->limbs != A->limbs
|
||||
mpi_mod_mul_neg:"1":"00000000000000000000000000000000":"f0000000000000000000000000000000":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
|
||||
|
||||
@ -20,9 +15,6 @@ mpi_mod_mul_neg:"1234567890abcdef1234567890abcdef":"0":"f00000000000000000000000
|
||||
|
||||
Test mpi_mod_mul #3 N->limbs != X->limbs
|
||||
mpi_mod_mul_neg:"1234567890abcdef1234567890abcdef":"00000000000000000000000000000000":"f0000000000000000000000000000000":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
|
||||
# END MERGE SLOT 2
|
||||
|
||||
# BEGIN MERGE SLOT 3
|
||||
|
||||
mpi_mod_sub base case for negative testing (N, a, b all >= 1 limb)
|
||||
mpi_mod_sub:"014320a022ccb75bdf470ddf25":"000000025a55a46e5da99c71c7":"00033b2e3c9fd0803ce8000f93":"013fe57440828b4a0008aa4159":0
|
||||
@ -89,13 +81,6 @@ mbedtls_mpi_mod_inv 64-bit Mont. form - A too short
|
||||
depends_on:MBEDTLS_HAVE_INT64
|
||||
mpi_mod_inv_mont:"0000000000000000000000000000152d02c7e14af67fe0bf":"00000000000009545642424381c611fb":"000000000000000000000000000009545642424381c611fb":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
|
||||
|
||||
# END MERGE SLOT 3
|
||||
|
||||
# BEGIN MERGE SLOT 4
|
||||
|
||||
# END MERGE SLOT 4
|
||||
|
||||
# BEGIN MERGE SLOT 5
|
||||
mpi_mod_add base case for negative testing (N, a, b all >= 1 limb)
|
||||
mpi_mod_add:"014320a022ccb75bdf470ddf25":"000000025a55a46e5da99c71c7":"00033b2e3c9fd0803ce8000f93":"00033b3096f574ee9a919c815a":0
|
||||
|
||||
@ -116,13 +101,7 @@ mpi_mod_add:"014320a022ccb75bdf470ddf25":"a99c71c7":"00033b2e3c9fd0803ce8000f93"
|
||||
|
||||
mpi_mod_add with second input too short
|
||||
mpi_mod_add:"014320a022ccb75bdf470ddf25":"000000025a55a46e5da99c71c7":"e8000f93":"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
|
||||
# END MERGE SLOT 5
|
||||
|
||||
# BEGIN MERGE SLOT 6
|
||||
|
||||
# END MERGE SLOT 6
|
||||
|
||||
# BEGIN MERGE SLOT 7
|
||||
Test mbedtls_mpi_residue_setup #1 m > r
|
||||
mpi_residue_setup:"fe":"01":0
|
||||
|
||||
|
@ -179,42 +179,3 @@ mpi_mod_raw_cond_swap:"000000001111111122222222333333334444444455555555666666667
|
||||
mbedtls_mpi_mod_raw_cond_swap: copy half of the limbs
|
||||
mpi_mod_raw_cond_swap:"00000000FFFFFFFF55555555AAAAAAAA":"FEDCBA9876543210FEDCBA9876543210":8
|
||||
|
||||
# BEGIN MERGE SLOT 1
|
||||
|
||||
# END MERGE SLOT 1
|
||||
|
||||
# BEGIN MERGE SLOT 2
|
||||
|
||||
# END MERGE SLOT 2
|
||||
|
||||
# BEGIN MERGE SLOT 3
|
||||
|
||||
# END MERGE SLOT 3
|
||||
|
||||
# BEGIN MERGE SLOT 4
|
||||
|
||||
# END MERGE SLOT 4
|
||||
|
||||
# BEGIN MERGE SLOT 5
|
||||
|
||||
# END MERGE SLOT 5
|
||||
|
||||
# BEGIN MERGE SLOT 6
|
||||
|
||||
# END MERGE SLOT 6
|
||||
|
||||
# BEGIN MERGE SLOT 7
|
||||
|
||||
# END MERGE SLOT 7
|
||||
|
||||
# BEGIN MERGE SLOT 8
|
||||
|
||||
# END MERGE SLOT 8
|
||||
|
||||
# BEGIN MERGE SLOT 9
|
||||
|
||||
# END MERGE SLOT 9
|
||||
|
||||
# BEGIN MERGE SLOT 10
|
||||
|
||||
# END MERGE SLOT 10
|
||||
|
@ -263,12 +263,6 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN MERGE SLOT 1 */
|
||||
|
||||
/* END MERGE SLOT 1 */
|
||||
|
||||
/* BEGIN MERGE SLOT 2 */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void mpi_mod_raw_sub(char *input_A,
|
||||
char *input_B,
|
||||
@ -482,10 +476,6 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* END MERGE SLOT 2 */
|
||||
|
||||
/* BEGIN MERGE SLOT 3 */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void mpi_mod_raw_inv_prime(char *input_N, char *input_A, char *input_X)
|
||||
{
|
||||
@ -559,14 +549,6 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* END MERGE SLOT 3 */
|
||||
|
||||
/* BEGIN MERGE SLOT 4 */
|
||||
|
||||
/* END MERGE SLOT 4 */
|
||||
|
||||
/* BEGIN MERGE SLOT 5 */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void mpi_mod_raw_add(char *input_N,
|
||||
char *input_A, char *input_B,
|
||||
@ -655,9 +637,7 @@ exit:
|
||||
mbedtls_free(X);
|
||||
}
|
||||
/* END_CASE */
|
||||
/* END MERGE SLOT 5 */
|
||||
|
||||
/* BEGIN MERGE SLOT 6 */
|
||||
/* BEGIN_CASE */
|
||||
void mpi_mod_raw_canonical_to_modulus_rep(const char *input_N, int rep,
|
||||
const char *input_A,
|
||||
@ -711,9 +691,7 @@ exit:
|
||||
mbedtls_free(X);
|
||||
}
|
||||
/* END_CASE */
|
||||
/* END MERGE SLOT 6 */
|
||||
|
||||
/* BEGIN MERGE SLOT 7 */
|
||||
/* BEGIN_CASE */
|
||||
void mpi_mod_raw_to_mont_rep(char *input_N, char *input_A, char *input_X)
|
||||
{
|
||||
@ -896,17 +874,3 @@ exit:
|
||||
mbedtls_free(Z);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* END MERGE SLOT 7 */
|
||||
|
||||
/* BEGIN MERGE SLOT 8 */
|
||||
|
||||
/* END MERGE SLOT 8 */
|
||||
|
||||
/* BEGIN MERGE SLOT 9 */
|
||||
|
||||
/* END MERGE SLOT 9 */
|
||||
|
||||
/* BEGIN MERGE SLOT 10 */
|
||||
|
||||
/* END MERGE SLOT 10 */
|
||||
|
@ -1,15 +1,15 @@
|
||||
Constant-flow HMAC: MD5
|
||||
depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
depends_on:MBEDTLS_MD_CAN_MD5
|
||||
ssl_cf_hmac:MBEDTLS_MD_MD5
|
||||
|
||||
Constant-flow HMAC: SHA1
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1
|
||||
ssl_cf_hmac:MBEDTLS_MD_SHA1
|
||||
|
||||
Constant-flow HMAC: SHA256
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
depends_on:MBEDTLS_MD_CAN_SHA256
|
||||
ssl_cf_hmac:MBEDTLS_MD_SHA256
|
||||
|
||||
Constant-flow HMAC: SHA384
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
depends_on:MBEDTLS_MD_CAN_SHA384
|
||||
ssl_cf_hmac:MBEDTLS_MD_SHA384
|
||||
|
@ -1,7 +1,6 @@
|
||||
/* BEGIN_HEADER */
|
||||
|
||||
#include <mbedtls/constant_time.h>
|
||||
#include <mbedtls/legacy_or_psa.h>
|
||||
#include <mbedtls/md.h>
|
||||
#include <constant_time_internal.h>
|
||||
#include <hash_info.h>
|
||||
|
@ -59,9 +59,9 @@ Debug print mbedtls_mpi: 764 bits #2
|
||||
mbedtls_debug_print_mpi:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
|
||||
|
||||
Debug print certificate #1 (RSA)
|
||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:!MBEDTLS_X509_REMOVE_INFO
|
||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_X509_REMOVE_INFO
|
||||
mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: 01\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using \: RSA with SHA1\nMyFile(0999)\: RSA key size \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\: a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\: 15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\: 43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\: dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\: 83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\: 70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\: 4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\: f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\: ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\: 24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\: ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\: 69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\: 73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\: db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\: 5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\: ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\: 01 00 01\n"
|
||||
|
||||
Debug print certificate #2 (EC)
|
||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:!MBEDTLS_X509_REMOVE_INFO
|
||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_LIGHT:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO
|
||||
mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n"
|
||||
|
@ -1,7 +1,6 @@
|
||||
/* BEGIN_HEADER */
|
||||
#include "mbedtls/debug.h"
|
||||
#include "string.h"
|
||||
#include "mbedtls/legacy_or_psa.h"
|
||||
#include "mbedtls/pk.h"
|
||||
|
||||
struct buffer_data {
|
||||
@ -59,6 +58,8 @@ void debug_print_msg_threshold(int threshold, int level, char *file,
|
||||
mbedtls_ssl_config conf;
|
||||
struct buffer_data buffer;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_ssl_init(&ssl);
|
||||
mbedtls_ssl_config_init(&conf);
|
||||
memset(buffer.buf, 0, 2000);
|
||||
@ -83,6 +84,7 @@ void debug_print_msg_threshold(int threshold, int level, char *file,
|
||||
exit:
|
||||
mbedtls_ssl_free(&ssl);
|
||||
mbedtls_ssl_config_free(&conf);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -94,6 +96,8 @@ void mbedtls_debug_print_ret(char *file, int line, char *text, int value,
|
||||
mbedtls_ssl_config conf;
|
||||
struct buffer_data buffer;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_ssl_init(&ssl);
|
||||
mbedtls_ssl_config_init(&conf);
|
||||
memset(buffer.buf, 0, 2000);
|
||||
@ -115,6 +119,7 @@ void mbedtls_debug_print_ret(char *file, int line, char *text, int value,
|
||||
exit:
|
||||
mbedtls_ssl_free(&ssl);
|
||||
mbedtls_ssl_config_free(&conf);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -126,6 +131,8 @@ void mbedtls_debug_print_buf(char *file, int line, char *text,
|
||||
mbedtls_ssl_config conf;
|
||||
struct buffer_data buffer;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_ssl_init(&ssl);
|
||||
mbedtls_ssl_config_init(&conf);
|
||||
memset(buffer.buf, 0, 2000);
|
||||
@ -147,6 +154,7 @@ void mbedtls_debug_print_buf(char *file, int line, char *text,
|
||||
exit:
|
||||
mbedtls_ssl_free(&ssl);
|
||||
mbedtls_ssl_config_free(&conf);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -159,6 +167,8 @@ void mbedtls_debug_print_crt(char *crt_file, char *file, int line,
|
||||
mbedtls_ssl_config conf;
|
||||
struct buffer_data buffer;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_ssl_init(&ssl);
|
||||
mbedtls_ssl_config_init(&conf);
|
||||
mbedtls_x509_crt_init(&crt);
|
||||
@ -183,6 +193,7 @@ exit:
|
||||
mbedtls_x509_crt_free(&crt);
|
||||
mbedtls_ssl_free(&ssl);
|
||||
mbedtls_ssl_config_free(&conf);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -195,6 +206,8 @@ void mbedtls_debug_print_mpi(char *value, char *file, int line,
|
||||
struct buffer_data buffer;
|
||||
mbedtls_mpi val;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_ssl_init(&ssl);
|
||||
mbedtls_ssl_config_init(&conf);
|
||||
mbedtls_mpi_init(&val);
|
||||
@ -220,5 +233,6 @@ exit:
|
||||
mbedtls_mpi_free(&val);
|
||||
mbedtls_ssl_free(&ssl);
|
||||
mbedtls_ssl_config_free(&conf);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
@ -91,203 +91,203 @@ depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
|
||||
ecdsa_write_read_random:MBEDTLS_ECP_DP_SECP521R1
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p192 sha1 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA1
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA1:"8151325DCDBAE9E0FF95F9F9658432DBEDFDB209":"98C6BD12B23EAF5E2A2045132086BE3EB8EBD62ABF6698FF":"57A22B07DEA9530F8DE9471B1DC6624472E8E2844BC25B64"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p192 sha224 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA224_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA224
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA224:"9003E374BC726550C2C289447FD0533160F875709386DFA377BFD41C":"A1F00DAD97AEEC91C95585F36200C65F3C01812AA60378F5":"E07EC1304C7C6C9DEBBE980B9692668F81D4DE7922A0F97A"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p192 sha256 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA256
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA256:"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF":"4B0B8CE98A92866A2820E20AA6B75B56382E0F9BFD5ECB55":"CCDB006926EA9565CBADC840829D8C384E06DE1F1E381B85"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p192 sha384 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA384_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA384
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA384:"9A9083505BC92276AEC4BE312696EF7BF3BF603F4BBD381196A029F340585312313BCA4A9B5B890EFEE42C77B1EE25FE":"DA63BF0B9ABCF948FBB1E9167F136145F7A20426DCC287D5":"C3AA2C960972BD7A2003A57E1C4C77F0578F8AE95E31EC5E"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p192 sha512 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA512
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA512:"39A5E04AAFF7455D9850C605364F514C11324CE64016960D23D5DC57D3FFD8F49A739468AB8049BF18EEF820CDB1AD6C9015F838556BC7FAD4138B23FDF986C7":"4D60C5AB1996BD848343B31C00850205E2EA6922DAC2E4B8":"3F6E837448F027A1BF4B34E796E32A811CBB4050908D8F67"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p192 sha1 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA1
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA1:"A94A8FE5CCB19BA61C4C0873D391E987982FBBD3":"0F2141A0EBBC44D2E1AF90A50EBCFCE5E197B3B7D4DE036D":"EB18BC9E1F3D7387500CB99CF5F7C157070A8961E38700B7"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p192 sha224 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA224_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA224
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA224:"90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809":"6945A1C1D1B2206B8145548F633BB61CEF04891BAF26ED34":"B7FB7FDFC339C0B9BD61A9F5A8EAF9BE58FC5CBA2CB15293"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p192 sha256 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA256
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"3A718BD8B4926C3B52EE6BBE67EF79B18CB6EB62B1AD97AE":"5662E6848A4A19B1F1AE2F72ACD4B8BBE50F1EAC65D9124F"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p192 sha384 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA384_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA384
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA384:"768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9":"B234B60B4DB75A733E19280A7A6034BD6B1EE88AF5332367":"7994090B2D59BB782BE57E74A44C9A1C700413F8ABEFE77A"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p192 sha512 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA512
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA512:"EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF":"FE4F4AE86A58B6507946715934FE2D8FF9D95B6B098FE739":"74CF5605C98FBA0E1EF34D4B5A1577A7DCF59457CAE52290"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p224 sha1 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA1
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA1:"8151325DCDBAE9E0FF95F9F9658432DBEDFDB209":"22226F9D40A96E19C4A301CE5B74B115303C0F3A4FD30FC257FB57AC":"66D1CDD83E3AF75605DD6E2FEFF196D30AA7ED7A2EDF7AF475403D69"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p224 sha224 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA224_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA224
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA224:"9003E374BC726550C2C289447FD0533160F875709386DFA377BFD41C":"1CDFE6662DDE1E4A1EC4CDEDF6A1F5A2FB7FBD9145C12113E6ABFD3E":"A6694FD7718A21053F225D3F46197CA699D45006C06F871808F43EBC"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p224 sha256 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA256
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA256:"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF":"61AA3DA010E8E8406C656BC477A7A7189895E7E840CDFE8FF42307BA":"BC814050DAB5D23770879494F9E0A680DC1AF7161991BDE692B10101"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p224 sha384 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA384_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA384
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA384:"9A9083505BC92276AEC4BE312696EF7BF3BF603F4BBD381196A029F340585312313BCA4A9B5B890EFEE42C77B1EE25FE":"0B115E5E36F0F9EC81F1325A5952878D745E19D7BB3EABFABA77E953":"830F34CCDFE826CCFDC81EB4129772E20E122348A2BBD889A1B1AF1D"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p224 sha512 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA512
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA512:"39A5E04AAFF7455D9850C605364F514C11324CE64016960D23D5DC57D3FFD8F49A739468AB8049BF18EEF820CDB1AD6C9015F838556BC7FAD4138B23FDF986C7":"074BD1D979D5F32BF958DDC61E4FB4872ADCAFEB2256497CDAC30397":"A4CECA196C3D5A1FF31027B33185DC8EE43F288B21AB342E5D8EB084"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p224 sha1 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA1
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA1:"A94A8FE5CCB19BA61C4C0873D391E987982FBBD3":"DEAA646EC2AF2EA8AD53ED66B2E2DDAA49A12EFD8356561451F3E21C":"95987796F6CF2062AB8135271DE56AE55366C045F6D9593F53787BD2"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p224 sha224 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA224_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA224
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA224:"90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809":"C441CE8E261DED634E4CF84910E4C5D1D22C5CF3B732BB204DBEF019":"902F42847A63BDC5F6046ADA114953120F99442D76510150F372A3F4"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p224 sha256 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA256
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"AD04DDE87B84747A243A631EA47A1BA6D1FAA059149AD2440DE6FBA6":"178D49B1AE90E3D8B629BE3DB5683915F4E8C99FDF6E666CF37ADCFD"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p224 sha384 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA384_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA384
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA384:"768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9":"389B92682E399B26518A95506B52C03BC9379A9DADF3391A21FB0EA4":"414A718ED3249FF6DBC5B50C27F71F01F070944DA22AB1F78F559AAB"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p224 sha512 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA512
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA512:"EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF":"049F050477C5ADD858CAC56208394B5A55BAEBBE887FDF765047C17C":"077EB13E7005929CEFA3CD0403C7CDCC077ADF4E44F3C41B2F60ECFF"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p256 sha1 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA1
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA1:"8151325DCDBAE9E0FF95F9F9658432DBEDFDB209":"61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D32":"6D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p256 sha224 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA224_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA224
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA224:"9003E374BC726550C2C289447FD0533160F875709386DFA377BFD41C":"53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F":"B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p256 sha256 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF":"EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716":"F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p256 sha384 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA384_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA384
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA384:"9A9083505BC92276AEC4BE312696EF7BF3BF603F4BBD381196A029F340585312313BCA4A9B5B890EFEE42C77B1EE25FE":"0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF7719":"4861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p256 sha512 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA512
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA512:"39A5E04AAFF7455D9850C605364F514C11324CE64016960D23D5DC57D3FFD8F49A739468AB8049BF18EEF820CDB1AD6C9015F838556BC7FAD4138B23FDF986C7":"8496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F00":"2362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p256 sha1 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA1
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA1:"A94A8FE5CCB19BA61C4C0873D391E987982FBBD3":"0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89":"01B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p256 sha224 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA224_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA224
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA224:"90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809":"C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692":"C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p256 sha256 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367":"019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p256 sha384 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA384_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA384
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA384:"768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9":"83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB6":"8DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p256 sha512 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA512
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA512:"EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF":"461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A04":"39AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p384 sha1 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA1
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA1:"8151325DCDBAE9E0FF95F9F9658432DBEDFDB209":"EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2":"A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p384 sha224 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA224_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA224
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA224:"9003E374BC726550C2C289447FD0533160F875709386DFA377BFD41C":"42356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE060122":"9DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p384 sha256 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA256
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA256:"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF":"21B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CD":"F3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p384 sha384 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA384_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA384
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA384:"9A9083505BC92276AEC4BE312696EF7BF3BF603F4BBD381196A029F340585312313BCA4A9B5B890EFEE42C77B1EE25FE":"94EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE46":"99EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p384 sha512 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA512
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA512:"39A5E04AAFF7455D9850C605364F514C11324CE64016960D23D5DC57D3FFD8F49A739468AB8049BF18EEF820CDB1AD6C9015F838556BC7FAD4138B23FDF986C7":"ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD7882433709":"512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p384 sha1 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA1
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA1:"A94A8FE5CCB19BA61C4C0873D391E987982FBBD3":"4BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7":"D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p384 sha224 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA224_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA224
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA224:"90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809":"E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E72":"07041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p384 sha256 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA256
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"6D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B":"2D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p384 sha384 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA384_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA384
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA384:"768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9":"8203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DB":"DDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p384 sha512 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA512
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA512:"EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF":"A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277":"976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p521 sha1 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA1
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA1:"8151325DCDBAE9E0FF95F9F9658432DBEDFDB209":"0343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D":"0E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p521 sha224 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA224_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA224
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA224:"9003E374BC726550C2C289447FD0533160F875709386DFA377BFD41C":"1776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E":"050CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p521 sha256 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA256
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA256:"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF":"1511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A7":"04A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p521 sha384 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA384_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA384
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA384:"9A9083505BC92276AEC4BE312696EF7BF3BF603F4BBD381196A029F340585312313BCA4A9B5B890EFEE42C77B1EE25FE":"1EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C67451":"1F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p521 sha512 [#1]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA512
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA512:"39A5E04AAFF7455D9850C605364F514C11324CE64016960D23D5DC57D3FFD8F49A739468AB8049BF18EEF820CDB1AD6C9015F838556BC7FAD4138B23FDF986C7":"0C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA":"0617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p521 sha1 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA1
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA1:"A94A8FE5CCB19BA61C4C0873D391E987982FBBD3":"13BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D0367":"1E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p521 sha224 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA224_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA224
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA224:"90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809":"1C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB":"177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p521 sha256 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA256
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"00E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA8":"0CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p521 sha384 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA384_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA384
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA384:"768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9":"14BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C":"133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979"
|
||||
|
||||
ECDSA deterministic test vector rfc 6979 p521 sha512 [#2]
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA512
|
||||
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA512:"EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF":"13E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D":"1FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3"
|
||||
|
||||
ECDSA restartable read-verify: max_ops=0 (disabled)
|
||||
@ -307,19 +307,19 @@ depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
ecdsa_read_restart:MBEDTLS_ECP_DP_SECP256R1:"04e8f573412a810c5f81ecd2d251bb94387e72f28af70dced90ebe75725c97a6428231069c2b1ef78509a22c59044319f6ed3cb750dfe64c2a282b35967a458ad6":"dee9d4d8b0e40a034602d6e638197998060f6e9f353ae1d10c94cd56476d3c92":"304502210098a5a1392abe29e4b0a4da3fefe9af0f8c32e5b839ab52ba6a05da9c3b7edd0f0220596f0e195ae1e58c1e53e9e7f0f030b274348a8c11232101778d89c4943f5ad2":250:4:64
|
||||
|
||||
ECDSA restartable sign-write: secp256r1 max_ops=0 (disabled)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
|
||||
ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":0:0:0
|
||||
|
||||
ECDSA restartable sign-write: secp256r1 restart max_ops=1
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
|
||||
ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":1:1:10000
|
||||
|
||||
ECDSA restartable sign-write: secp256r1 restart max_ops=10000
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
|
||||
ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":10000:0:0
|
||||
|
||||
ECDSA restartable sign-write: secp256r1 restart max_ops=250
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
|
||||
ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:32
|
||||
|
||||
ECDSA zero private parameter p192
|
||||
|
@ -1,11 +1,6 @@
|
||||
/* BEGIN_HEADER */
|
||||
#include "mbedtls/ecdsa.h"
|
||||
#include "hash_info.h"
|
||||
#include "mbedtls/legacy_or_psa.h"
|
||||
#if (defined(MBEDTLS_ECDSA_DETERMINISTIC) && defined(MBEDTLS_SHA256_C)) || \
|
||||
(!defined(MBEDTLS_ECDSA_DETERMINISTIC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA))
|
||||
#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_IF_DETERMINISTIC
|
||||
#endif
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_DEPENDENCIES
|
||||
@ -203,6 +198,8 @@ void ecdsa_det_test_vectors(int id, char *d_str, int md_alg, data_t *hash,
|
||||
mbedtls_ecp_group grp;
|
||||
mbedtls_mpi d, r, s, r_check, s_check;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_ecp_group_init(&grp);
|
||||
mbedtls_mpi_init(&d); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s);
|
||||
mbedtls_mpi_init(&r_check); mbedtls_mpi_init(&s_check);
|
||||
@ -226,10 +223,11 @@ exit:
|
||||
mbedtls_ecp_group_free(&grp);
|
||||
mbedtls_mpi_free(&d); mbedtls_mpi_free(&r); mbedtls_mpi_free(&s);
|
||||
mbedtls_mpi_free(&r_check); mbedtls_mpi_free(&s_check);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_IF_DETERMINISTIC */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256 */
|
||||
void ecdsa_write_read_zero(int id)
|
||||
{
|
||||
mbedtls_ecdsa_context ctx;
|
||||
@ -238,6 +236,8 @@ void ecdsa_write_read_zero(int id)
|
||||
unsigned char sig[200];
|
||||
size_t sig_len, i;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_ecdsa_init(&ctx);
|
||||
memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
|
||||
memset(hash, 0, sizeof(hash));
|
||||
@ -288,10 +288,11 @@ void ecdsa_write_read_zero(int id)
|
||||
|
||||
exit:
|
||||
mbedtls_ecdsa_free(&ctx);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_IF_DETERMINISTIC */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256 */
|
||||
void ecdsa_write_read_random(int id)
|
||||
{
|
||||
mbedtls_ecdsa_context ctx;
|
||||
@ -300,6 +301,8 @@ void ecdsa_write_read_random(int id)
|
||||
unsigned char sig[200];
|
||||
size_t sig_len, i;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_ecdsa_init(&ctx);
|
||||
memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
|
||||
memset(hash, 0, sizeof(hash));
|
||||
@ -354,6 +357,7 @@ void ecdsa_write_read_random(int id)
|
||||
|
||||
exit:
|
||||
mbedtls_ecdsa_free(&ctx);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -433,6 +437,8 @@ void ecdsa_write_restart(int id, char *d_str, int md_alg,
|
||||
unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
|
||||
size_t slen;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_ecdsa_restart_init(&rs_ctx);
|
||||
mbedtls_ecdsa_init(&ctx);
|
||||
memset(sig, 0, sizeof(sig));
|
||||
@ -483,6 +489,7 @@ void ecdsa_write_restart(int id, char *d_str, int md_alg,
|
||||
exit:
|
||||
mbedtls_ecdsa_restart_free(&rs_ctx);
|
||||
mbedtls_ecdsa_free(&ctx);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
|
@ -1,8 +1,7 @@
|
||||
/* BEGIN_HEADER */
|
||||
#include "mbedtls/ecjpake.h"
|
||||
#include "mbedtls/legacy_or_psa.h"
|
||||
|
||||
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA)
|
||||
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && defined(MBEDTLS_MD_CAN_SHA256)
|
||||
static const unsigned char ecjpake_test_x1[] = {
|
||||
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
|
||||
0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
|
||||
@ -91,7 +90,7 @@ cleanup:
|
||||
}
|
||||
|
||||
#define ADD_SIZE(x) x, sizeof(x)
|
||||
#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA */
|
||||
#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED && MBEDTLS_MD_CAN_SHA256 */
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_DEPENDENCIES
|
||||
@ -109,6 +108,8 @@ void ecjpake_invalid_param()
|
||||
mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256;
|
||||
mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP256R1;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_ecjpake_init(&ctx);
|
||||
|
||||
TEST_EQUAL(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
|
||||
@ -118,18 +119,23 @@ void ecjpake_invalid_param()
|
||||
valid_group,
|
||||
buf, len));
|
||||
exit:
|
||||
return;
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
|
||||
void ecjpake_selftest()
|
||||
{
|
||||
MD_PSA_INIT();
|
||||
|
||||
TEST_ASSERT(mbedtls_ecjpake_self_test(1) == 0);
|
||||
|
||||
exit:
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 */
|
||||
void read_bad_md(data_t *msg)
|
||||
{
|
||||
mbedtls_ecjpake_context corrupt_ctx;
|
||||
@ -137,6 +143,8 @@ void read_bad_md(data_t *msg)
|
||||
const size_t pw_len = 0;
|
||||
int any_role = MBEDTLS_ECJPAKE_CLIENT;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_ecjpake_init(&corrupt_ctx);
|
||||
TEST_ASSERT(mbedtls_ecjpake_setup(&corrupt_ctx, any_role,
|
||||
MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw,
|
||||
@ -148,16 +156,19 @@ void read_bad_md(data_t *msg)
|
||||
|
||||
exit:
|
||||
mbedtls_ecjpake_free(&corrupt_ctx);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 */
|
||||
void read_round_one(int role, data_t *msg, int ref_ret)
|
||||
{
|
||||
mbedtls_ecjpake_context ctx;
|
||||
const unsigned char *pw = NULL;
|
||||
const size_t pw_len = 0;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_ecjpake_init(&ctx);
|
||||
|
||||
TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, role,
|
||||
@ -168,16 +179,19 @@ void read_round_one(int role, data_t *msg, int ref_ret)
|
||||
|
||||
exit:
|
||||
mbedtls_ecjpake_free(&ctx);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 */
|
||||
void read_round_two_cli(data_t *msg, int ref_ret)
|
||||
{
|
||||
mbedtls_ecjpake_context ctx;
|
||||
const unsigned char *pw = NULL;
|
||||
const size_t pw_len = 0;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_ecjpake_init(&ctx);
|
||||
|
||||
TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, MBEDTLS_ECJPAKE_CLIENT,
|
||||
@ -194,16 +208,19 @@ void read_round_two_cli(data_t *msg, int ref_ret)
|
||||
|
||||
exit:
|
||||
mbedtls_ecjpake_free(&ctx);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 */
|
||||
void read_round_two_srv(data_t *msg, int ref_ret)
|
||||
{
|
||||
mbedtls_ecjpake_context ctx;
|
||||
const unsigned char *pw = NULL;
|
||||
const size_t pw_len = 0;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_ecjpake_init(&ctx);
|
||||
|
||||
TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, MBEDTLS_ECJPAKE_SERVER,
|
||||
@ -220,5 +237,6 @@ void read_round_two_srv(data_t *msg, int ref_ret)
|
||||
|
||||
exit:
|
||||
mbedtls_ecjpake_free(&ctx);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
@ -855,130 +855,6 @@ ECP restartable muladd secp256r1 max_ops=250
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":250:4:64
|
||||
|
||||
ECP fix_negative: 0, -1, 224
|
||||
fix_negative:"00":-1:224
|
||||
|
||||
ECP fix_negative: 1, -1, 224
|
||||
fix_negative:"01":-1:224
|
||||
|
||||
ECP fix_negative: 2^32-1, -1, 224
|
||||
fix_negative:"ffffffff":-1:224
|
||||
|
||||
ECP fix_negative: 2^32, -1, 224
|
||||
fix_negative:"0100000000":-1:224
|
||||
|
||||
ECP fix_negative: 2^64-1, -1, 224
|
||||
fix_negative:"ffffffffffffffff":-1:224
|
||||
|
||||
ECP fix_negative: 2^64, -1, 224
|
||||
fix_negative:"010000000000000000":-1:224
|
||||
|
||||
ECP fix_negative: 2^128-1, -1, 224
|
||||
fix_negative:"ffffffffffffffffffffffffffffffff":-1:224
|
||||
|
||||
ECP fix_negative: 2^128, -1, 224
|
||||
fix_negative:"0100000000000000000000000000000000":-1:224
|
||||
|
||||
ECP fix_negative: 2^128+1, -1, 224
|
||||
fix_negative:"0100000000000000000000000000000001":-1:224
|
||||
|
||||
ECP fix_negative: 2^224-1, -1, 224
|
||||
fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-1:224
|
||||
|
||||
ECP fix_negative: 0, -2, 224
|
||||
fix_negative:"00":-2:224
|
||||
|
||||
ECP fix_negative: 1, -2, 224
|
||||
fix_negative:"01":-2:224
|
||||
|
||||
ECP fix_negative: 2^32-1, -2, 224
|
||||
fix_negative:"ffffffff":-2:224
|
||||
|
||||
ECP fix_negative: 2^32, -2, 224
|
||||
fix_negative:"0100000000":-2:224
|
||||
|
||||
ECP fix_negative: 2^64-1, -2, 224
|
||||
fix_negative:"ffffffffffffffff":-2:224
|
||||
|
||||
ECP fix_negative: 2^64, -2, 224
|
||||
fix_negative:"010000000000000000":-2:224
|
||||
|
||||
ECP fix_negative: 2^128-1, -2, 224
|
||||
fix_negative:"ffffffffffffffffffffffffffffffff":-2:224
|
||||
|
||||
ECP fix_negative: 2^128, -2, 224
|
||||
fix_negative:"0100000000000000000000000000000000":-2:224
|
||||
|
||||
ECP fix_negative: 2^128+1, -2, 224
|
||||
fix_negative:"0100000000000000000000000000000001":-2:224
|
||||
|
||||
ECP fix_negative: 2^224-1, -2, 224
|
||||
fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-2:224
|
||||
|
||||
ECP fix_negative: 0, -1, 256
|
||||
fix_negative:"00":-1:256
|
||||
|
||||
ECP fix_negative: 1, -1, 256
|
||||
fix_negative:"01":-1:256
|
||||
|
||||
ECP fix_negative: 2^32-1, -1, 256
|
||||
fix_negative:"ffffffff":-1:256
|
||||
|
||||
ECP fix_negative: 2^32, -1, 256
|
||||
fix_negative:"0100000000":-1:256
|
||||
|
||||
ECP fix_negative: 2^64-1, -1, 256
|
||||
fix_negative:"ffffffffffffffff":-1:256
|
||||
|
||||
ECP fix_negative: 2^64, -1, 256
|
||||
fix_negative:"010000000000000000":-1:256
|
||||
|
||||
ECP fix_negative: 2^128-1, -1, 256
|
||||
fix_negative:"ffffffffffffffffffffffffffffffff":-1:256
|
||||
|
||||
ECP fix_negative: 2^128, -1, 256
|
||||
fix_negative:"0100000000000000000000000000000000":-1:256
|
||||
|
||||
ECP fix_negative: 2^128+1, -1, 256
|
||||
fix_negative:"0100000000000000000000000000000001":-1:256
|
||||
|
||||
ECP fix_negative: 2^256-1, -1, 256
|
||||
fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-1:256
|
||||
|
||||
ECP fix_negative: 0, -2, 256
|
||||
fix_negative:"00":-2:256
|
||||
|
||||
ECP fix_negative: 1, -2, 256
|
||||
fix_negative:"01":-2:256
|
||||
|
||||
ECP fix_negative: 2^32-1, -2, 256
|
||||
fix_negative:"ffffffff":-2:256
|
||||
|
||||
ECP fix_negative: 2^32, -2, 256
|
||||
fix_negative:"0100000000":-2:256
|
||||
|
||||
ECP fix_negative: 2^64-1, -2, 256
|
||||
fix_negative:"ffffffffffffffff":-2:256
|
||||
|
||||
ECP fix_negative: 2^64, -2, 256
|
||||
fix_negative:"010000000000000000":-2:256
|
||||
|
||||
ECP fix_negative: 2^128-1, -2, 256
|
||||
fix_negative:"ffffffffffffffffffffffffffffffff":-2:256
|
||||
|
||||
ECP fix_negative: 2^128, -2, 256
|
||||
fix_negative:"0100000000000000000000000000000000":-2:256
|
||||
|
||||
ECP fix_negative: 2^128+1, -2, 256
|
||||
fix_negative:"0100000000000000000000000000000001":-2:256
|
||||
|
||||
ECP fix_negative: 2^256-1, -2, 256
|
||||
fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-2:256
|
||||
|
||||
# The first call to fix_negative in the test case of issue #4296.
|
||||
ECP fix_negative: #4296.1
|
||||
fix_negative:"8A4DD4C8B42C5EAED15FE4F4579F4CE513EC90A94010BF000000000000000000":-1:256
|
||||
|
||||
ECP export key parameters #1 (OK)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
ecp_export:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":0:0
|
||||
|
@ -8,13 +8,6 @@
|
||||
#include "ecp_invasive.h"
|
||||
#include "bignum_mod_raw_invasive.h"
|
||||
|
||||
#if defined(MBEDTLS_TEST_HOOKS) && \
|
||||
(defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
|
||||
defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
|
||||
defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED))
|
||||
#define HAVE_FIX_NEGATIVE
|
||||
#endif
|
||||
|
||||
#define ECP_PF_UNKNOWN -1
|
||||
|
||||
#define ECP_PT_RESET(x) \
|
||||
@ -77,7 +70,7 @@ inline static int mbedtls_ecp_group_cmp(mbedtls_ecp_group *grp1,
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_DEPENDENCIES
|
||||
* depends_on:MBEDTLS_ECP_C
|
||||
* depends_on:MBEDTLS_ECP_LIGHT
|
||||
* END_DEPENDENCIES
|
||||
*/
|
||||
|
||||
@ -325,7 +318,7 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
|
||||
void ecp_test_vect(int id, char *dA_str, char *xA_str, char *yA_str,
|
||||
char *dB_str, char *xB_str, char *yB_str,
|
||||
char *xZ_str, char *yZ_str)
|
||||
@ -382,7 +375,7 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
|
||||
void ecp_test_vec_x(int id, char *dA_hex, char *xA_hex, char *dB_hex,
|
||||
char *xB_hex, char *xS_hex)
|
||||
{
|
||||
@ -435,7 +428,7 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
|
||||
void ecp_test_mul(int id, data_t *n_hex,
|
||||
data_t *Px_hex, data_t *Py_hex, data_t *Pz_hex,
|
||||
data_t *nPx_hex, data_t *nPy_hex, data_t *nPz_hex,
|
||||
@ -484,7 +477,7 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
|
||||
void ecp_test_mul_rng(int id, data_t *d_hex)
|
||||
{
|
||||
mbedtls_ecp_group grp;
|
||||
@ -510,7 +503,7 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED:MBEDTLS_ECP_C */
|
||||
void ecp_muladd(int id,
|
||||
data_t *u1_bin, data_t *P1_bin,
|
||||
data_t *u2_bin, data_t *P2_bin,
|
||||
@ -962,7 +955,7 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
|
||||
void mbedtls_ecp_check_pub_priv(int id_pub, char *Qx_pub, char *Qy_pub,
|
||||
int id, char *d, char *Qx, char *Qy,
|
||||
int ret)
|
||||
@ -994,7 +987,7 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
|
||||
void mbedtls_ecp_gen_keypair(int id)
|
||||
{
|
||||
mbedtls_ecp_group grp;
|
||||
@ -1023,7 +1016,7 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
|
||||
void mbedtls_ecp_gen_key(int id)
|
||||
{
|
||||
mbedtls_ecp_keypair key;
|
||||
@ -1093,37 +1086,7 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:HAVE_FIX_NEGATIVE */
|
||||
void fix_negative(data_t *N_bin, int c, int bits)
|
||||
{
|
||||
mbedtls_mpi C, M, N;
|
||||
|
||||
mbedtls_mpi_init(&C);
|
||||
mbedtls_mpi_init(&M);
|
||||
mbedtls_mpi_init(&N);
|
||||
|
||||
/* C = - c * 2^bits (positive since c is negative) */
|
||||
TEST_EQUAL(0, mbedtls_mpi_lset(&C, -c));
|
||||
TEST_EQUAL(0, mbedtls_mpi_shift_l(&C, bits));
|
||||
|
||||
TEST_EQUAL(0, mbedtls_mpi_read_binary(&N, N_bin->x, N_bin->len));
|
||||
TEST_EQUAL(0, mbedtls_mpi_grow(&N, C.n));
|
||||
|
||||
/* M = N - C = - ( C - N ) (expected result of fix_negative) */
|
||||
TEST_EQUAL(0, mbedtls_mpi_sub_mpi(&M, &N, &C));
|
||||
|
||||
mbedtls_ecp_fix_negative(&N, c, bits);
|
||||
|
||||
TEST_EQUAL(0, mbedtls_mpi_cmp_mpi(&N, &M));
|
||||
|
||||
exit:
|
||||
mbedtls_mpi_free(&C);
|
||||
mbedtls_mpi_free(&M);
|
||||
mbedtls_mpi_free(&N);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_MONTGOMERY_ENABLED */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_MONTGOMERY_ENABLED:MBBEDTLS_ECP_C */
|
||||
void genkey_mx_known_answer(int bits, data_t *seed, data_t *expected)
|
||||
{
|
||||
mbedtls_test_rnd_buf_info rnd_info;
|
||||
@ -1304,9 +1267,10 @@ exit:
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
|
||||
void ecp_mod_p192_raw(char *input_N,
|
||||
char *input_X,
|
||||
char *result)
|
||||
void ecp_mod_p_generic_raw(int curve_id,
|
||||
char *input_N,
|
||||
char *input_X,
|
||||
char *result)
|
||||
{
|
||||
mbedtls_mpi_uint *X = NULL;
|
||||
mbedtls_mpi_uint *N = NULL;
|
||||
@ -1315,25 +1279,70 @@ void ecp_mod_p192_raw(char *input_N,
|
||||
size_t limbs_N;
|
||||
size_t limbs_res;
|
||||
|
||||
size_t bytes;
|
||||
size_t limbs;
|
||||
size_t curve_bits;
|
||||
int (*curve_func)(mbedtls_mpi_uint *X, size_t X_limbs);
|
||||
|
||||
mbedtls_mpi_mod_modulus m;
|
||||
mbedtls_mpi_mod_modulus_init(&m);
|
||||
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&X, &limbs_X, input_X), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&N, &limbs_N, input_N), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&res, &limbs_res, result), 0);
|
||||
bytes = limbs_N * sizeof(mbedtls_mpi_uint);
|
||||
|
||||
size_t limbs = limbs_N;
|
||||
size_t bytes = limbs * sizeof(mbedtls_mpi_uint);
|
||||
switch (curve_id) {
|
||||
#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_SECP192R1:
|
||||
limbs = 2 * limbs_N;
|
||||
curve_bits = 192;
|
||||
curve_func = &mbedtls_ecp_mod_p192_raw;
|
||||
break;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_SECP224R1:
|
||||
limbs = 448 / biL;
|
||||
curve_bits = 224;
|
||||
curve_func = &mbedtls_ecp_mod_p224_raw;
|
||||
break;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_SECP256R1:
|
||||
limbs = 2 * limbs_N;
|
||||
curve_bits = 256;
|
||||
curve_func = &mbedtls_ecp_mod_p256_raw;
|
||||
break;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_SECP384R1:
|
||||
limbs = 2 * limbs_N;
|
||||
curve_bits = 384;
|
||||
curve_func = &mbedtls_ecp_mod_p384_raw;
|
||||
break;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_SECP521R1:
|
||||
limbs = 2 * limbs_N;
|
||||
curve_bits = 522;
|
||||
curve_func = &mbedtls_ecp_mod_p521_raw;
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
mbedtls_test_fail("Unsupported curve_id", __LINE__, __FILE__);
|
||||
goto exit;
|
||||
}
|
||||
|
||||
TEST_EQUAL(limbs_X, 2 * limbs);
|
||||
TEST_EQUAL(limbs_res, limbs);
|
||||
TEST_EQUAL(limbs_X, limbs);
|
||||
TEST_EQUAL(limbs_res, limbs_N);
|
||||
|
||||
TEST_EQUAL(mbedtls_mpi_mod_modulus_setup(
|
||||
&m, N, limbs,
|
||||
MBEDTLS_MPI_MOD_REP_MONTGOMERY), 0);
|
||||
&m, N, limbs_N,
|
||||
MBEDTLS_MPI_MOD_REP_OPT_RED), 0);
|
||||
|
||||
TEST_EQUAL(mbedtls_ecp_mod_p192_raw(X, limbs_X), 0);
|
||||
TEST_LE_U(mbedtls_mpi_core_bitlen(X, limbs_X), 192);
|
||||
TEST_EQUAL((*curve_func)(X, limbs_X), 0);
|
||||
|
||||
TEST_LE_U(mbedtls_mpi_core_bitlen(X, limbs_X), curve_bits);
|
||||
mbedtls_mpi_mod_raw_fix_quasi_reduction(X, &m);
|
||||
ASSERT_COMPARE(X, bytes, res, bytes);
|
||||
|
||||
@ -1346,46 +1355,159 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
|
||||
void ecp_mod_p521_raw(char *input_N,
|
||||
char *input_X,
|
||||
char *result)
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_DP_SECP192K1_ENABLED */
|
||||
void ecp_mod_p192k1(char *input_N,
|
||||
char *input_X,
|
||||
char *result)
|
||||
{
|
||||
mbedtls_mpi_uint *X = NULL;
|
||||
mbedtls_mpi_uint *N = NULL;
|
||||
mbedtls_mpi_uint *res = NULL;
|
||||
size_t limbs_X;
|
||||
size_t limbs_N;
|
||||
size_t limbs_res;
|
||||
mbedtls_mpi X;
|
||||
mbedtls_mpi N;
|
||||
mbedtls_mpi res;
|
||||
|
||||
mbedtls_mpi_mod_modulus m;
|
||||
mbedtls_mpi_mod_modulus_init(&m);
|
||||
mbedtls_mpi_init(&X);
|
||||
mbedtls_mpi_init(&N);
|
||||
mbedtls_mpi_init(&res);
|
||||
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&X, &limbs_X, input_X), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&N, &limbs_N, input_N), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&res, &limbs_res, result), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi(&N, input_N), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi(&res, result), 0);
|
||||
|
||||
size_t limbs = limbs_N;
|
||||
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, X.p, X.n));
|
||||
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, N.p, N.n));
|
||||
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, res.p, res.n));
|
||||
|
||||
size_t limbs = N.n;
|
||||
size_t bytes = limbs * sizeof(mbedtls_mpi_uint);
|
||||
|
||||
TEST_EQUAL(limbs_X, 2 * limbs);
|
||||
TEST_EQUAL(limbs_res, limbs);
|
||||
TEST_EQUAL(X.n, 2 * limbs);
|
||||
TEST_EQUAL(res.n, limbs);
|
||||
|
||||
TEST_EQUAL(mbedtls_mpi_mod_modulus_setup(
|
||||
&m, N, limbs,
|
||||
MBEDTLS_MPI_MOD_REP_MONTGOMERY), 0);
|
||||
|
||||
TEST_EQUAL(mbedtls_ecp_mod_p521_raw(X, limbs_X), 0);
|
||||
TEST_LE_U(mbedtls_mpi_core_bitlen(X, limbs_X), 522);
|
||||
mbedtls_mpi_mod_raw_fix_quasi_reduction(X, &m);
|
||||
ASSERT_COMPARE(X, bytes, res, bytes);
|
||||
TEST_EQUAL(mbedtls_ecp_mod_p192k1(&X), 0);
|
||||
TEST_EQUAL(mbedtls_mpi_mod_mpi(&X, &X, &N), 0);
|
||||
TEST_LE_U(mbedtls_mpi_core_bitlen(X.p, X.n), 192);
|
||||
ASSERT_COMPARE(X.p, bytes, res.p, bytes);
|
||||
|
||||
exit:
|
||||
mbedtls_free(X);
|
||||
mbedtls_free(res);
|
||||
mbedtls_mpi_free(&X);
|
||||
mbedtls_mpi_free(&N);
|
||||
mbedtls_mpi_free(&res);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
mbedtls_mpi_mod_modulus_free(&m);
|
||||
mbedtls_free(N);
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_DP_SECP224K1_ENABLED */
|
||||
void ecp_mod_p224k1(char *input_N,
|
||||
char *input_X,
|
||||
char *result)
|
||||
{
|
||||
mbedtls_mpi X;
|
||||
mbedtls_mpi N;
|
||||
mbedtls_mpi res;
|
||||
|
||||
mbedtls_mpi_init(&X);
|
||||
mbedtls_mpi_init(&N);
|
||||
mbedtls_mpi_init(&res);
|
||||
|
||||
TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi(&N, input_N), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi(&res, result), 0);
|
||||
|
||||
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, X.p, X.n));
|
||||
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, N.p, N.n));
|
||||
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, res.p, res.n));
|
||||
|
||||
size_t limbs = N.n;
|
||||
size_t bytes = limbs * sizeof(mbedtls_mpi_uint);
|
||||
|
||||
TEST_LE_U(X.n, 448 / biL);
|
||||
TEST_EQUAL(res.n, limbs);
|
||||
|
||||
TEST_EQUAL(mbedtls_ecp_mod_p224k1(&X), 0);
|
||||
TEST_EQUAL(mbedtls_mpi_mod_mpi(&X, &X, &N), 0);
|
||||
TEST_LE_U(mbedtls_mpi_core_bitlen(X.p, X.n), 224);
|
||||
ASSERT_COMPARE(X.p, bytes, res.p, bytes);
|
||||
|
||||
exit:
|
||||
mbedtls_mpi_free(&X);
|
||||
mbedtls_mpi_free(&N);
|
||||
mbedtls_mpi_free(&res);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_DP_SECP256K1_ENABLED */
|
||||
void ecp_mod_p256k1(char *input_N,
|
||||
char *input_X,
|
||||
char *result)
|
||||
{
|
||||
mbedtls_mpi X;
|
||||
mbedtls_mpi N;
|
||||
mbedtls_mpi res;
|
||||
|
||||
mbedtls_mpi_init(&X);
|
||||
mbedtls_mpi_init(&N);
|
||||
mbedtls_mpi_init(&res);
|
||||
|
||||
TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi(&N, input_N), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi(&res, result), 0);
|
||||
|
||||
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, X.p, X.n));
|
||||
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, N.p, N.n));
|
||||
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, res.p, res.n));
|
||||
|
||||
size_t limbs = N.n;
|
||||
size_t bytes = limbs * sizeof(mbedtls_mpi_uint);
|
||||
|
||||
TEST_LE_U(X.n, 2 * limbs);
|
||||
TEST_EQUAL(res.n, limbs);
|
||||
|
||||
TEST_EQUAL(mbedtls_ecp_mod_p256k1(&X), 0);
|
||||
TEST_EQUAL(mbedtls_mpi_mod_mpi(&X, &X, &N), 0);
|
||||
TEST_LE_U(mbedtls_mpi_core_bitlen(X.p, X.n), 256);
|
||||
ASSERT_COMPARE(X.p, bytes, res.p, bytes);
|
||||
|
||||
exit:
|
||||
mbedtls_mpi_free(&X);
|
||||
mbedtls_mpi_free(&N);
|
||||
mbedtls_mpi_free(&res);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_DP_CURVE448_ENABLED */
|
||||
void ecp_mod_p448(char *input_N,
|
||||
char *input_X,
|
||||
char *result)
|
||||
{
|
||||
mbedtls_mpi X;
|
||||
mbedtls_mpi N;
|
||||
mbedtls_mpi res;
|
||||
|
||||
mbedtls_mpi_init(&X);
|
||||
mbedtls_mpi_init(&N);
|
||||
mbedtls_mpi_init(&res);
|
||||
|
||||
TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi(&N, input_N), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi(&res, result), 0);
|
||||
|
||||
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, X.p, X.n));
|
||||
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, N.p, N.n));
|
||||
TEST_ASSERT(mbedtls_mpi_core_uint_le_mpi(0, res.p, res.n));
|
||||
|
||||
size_t limbs = N.n;
|
||||
size_t bytes = limbs * sizeof(mbedtls_mpi_uint);
|
||||
|
||||
TEST_LE_U(X.n, 2 * limbs);
|
||||
TEST_EQUAL(res.n, limbs);
|
||||
|
||||
TEST_EQUAL(mbedtls_ecp_mod_p448(&X), 0);
|
||||
TEST_EQUAL(mbedtls_mpi_mod_mpi(&X, &X, &N), 0);
|
||||
TEST_LE_U(mbedtls_mpi_core_bitlen(X.p, X.n), 448);
|
||||
ASSERT_COMPARE(X.p, bytes, res.p, bytes);
|
||||
|
||||
exit:
|
||||
mbedtls_mpi_free(&X);
|
||||
mbedtls_mpi_free(&N);
|
||||
mbedtls_mpi_free(&res);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
|
@ -167,6 +167,8 @@ void entropy_seed_file(char *path, int ret)
|
||||
{
|
||||
mbedtls_entropy_context ctx;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_entropy_init(&ctx);
|
||||
|
||||
TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, path) == ret);
|
||||
@ -174,6 +176,7 @@ void entropy_seed_file(char *path, int ret)
|
||||
|
||||
exit:
|
||||
mbedtls_entropy_free(&ctx);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -182,6 +185,8 @@ void entropy_write_base_seed_file(int ret)
|
||||
{
|
||||
mbedtls_entropy_context ctx;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_entropy_init(&ctx);
|
||||
|
||||
TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE) == ret);
|
||||
@ -189,6 +194,7 @@ void entropy_write_base_seed_file(int ret)
|
||||
|
||||
exit:
|
||||
mbedtls_entropy_free(&ctx);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -243,6 +249,8 @@ void entropy_func_len(int len, int ret)
|
||||
unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE + 10] = { 0 };
|
||||
size_t i, j;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_entropy_init(&ctx);
|
||||
|
||||
/*
|
||||
@ -267,6 +275,7 @@ void entropy_func_len(int len, int ret)
|
||||
|
||||
exit:
|
||||
mbedtls_entropy_free(&ctx);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -277,6 +286,8 @@ void entropy_source_fail(char *path)
|
||||
unsigned char buf[16];
|
||||
entropy_dummy_context dummy = { DUMMY_FAIL, 0, 0 };
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_entropy_init(&ctx);
|
||||
|
||||
TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source,
|
||||
@ -299,6 +310,7 @@ void entropy_source_fail(char *path)
|
||||
|
||||
exit:
|
||||
mbedtls_entropy_free(&ctx);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -312,6 +324,8 @@ void entropy_threshold(int threshold, int chunk_size, int result)
|
||||
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
|
||||
int ret;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_entropy_init(&ctx);
|
||||
entropy_clear_sources(&ctx);
|
||||
|
||||
@ -340,6 +354,7 @@ void entropy_threshold(int threshold, int chunk_size, int result)
|
||||
|
||||
exit:
|
||||
mbedtls_entropy_free(&ctx);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -359,6 +374,8 @@ void entropy_calls(int strength1, int strength2,
|
||||
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
|
||||
int ret;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
mbedtls_entropy_init(&ctx);
|
||||
entropy_clear_sources(&ctx);
|
||||
|
||||
@ -385,6 +402,7 @@ void entropy_calls(int strength1, int strength2,
|
||||
|
||||
exit:
|
||||
mbedtls_entropy_free(&ctx);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -455,6 +473,8 @@ void entropy_nv_seed(data_t *read_seed)
|
||||
unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
|
||||
unsigned char check_entropy[MBEDTLS_ENTROPY_BLOCK_SIZE];
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
memset(entropy, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
|
||||
memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
|
||||
memset(empty, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
|
||||
@ -523,12 +543,18 @@ exit:
|
||||
mbedtls_entropy_free(&ctx);
|
||||
mbedtls_nv_seed_read = original_mbedtls_nv_seed_read;
|
||||
mbedtls_nv_seed_write = original_mbedtls_nv_seed_write;
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG:MBEDTLS_SELF_TEST */
|
||||
void entropy_selftest(int result)
|
||||
{
|
||||
MD_PSA_INIT();
|
||||
|
||||
TEST_ASSERT(mbedtls_entropy_self_test(1) == result);
|
||||
|
||||
exit:
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
@ -14,85 +14,85 @@ HKDF expand fails with okm_len / hash_len > 255
|
||||
test_hkdf_expand_ret:32:32:8192:MBEDTLS_ERR_HKDF_BAD_INPUT_DATA
|
||||
|
||||
HKDF RFC5869 Test Vector #1
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA256
|
||||
test_hkdf:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
|
||||
|
||||
HKDF RFC5869 Test Vector #2
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA256
|
||||
test_hkdf:MBEDTLS_MD_SHA256:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"
|
||||
|
||||
HKDF RFC5869 Test Vector #3
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA256
|
||||
test_hkdf:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8"
|
||||
|
||||
HKDF RFC5869 Test Vector #4
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1
|
||||
test_hkdf:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896"
|
||||
|
||||
HKDF RFC5869 Test Vector #5
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1
|
||||
test_hkdf:MBEDTLS_MD_SHA1:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4"
|
||||
|
||||
HKDF RFC5869 Test Vector #6
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1
|
||||
test_hkdf:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918"
|
||||
|
||||
HKDF RFC5869 Test Vector #7
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1
|
||||
test_hkdf:MBEDTLS_MD_SHA1:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48"
|
||||
|
||||
HKDF RFC5869 Test Vector #1 Extract
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA256
|
||||
test_hkdf_extract:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5"
|
||||
|
||||
HKDF RFC5869 Test Vector #2 Extract
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA256
|
||||
test_hkdf_extract:MBEDTLS_MD_SHA256:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244"
|
||||
|
||||
HKDF RFC5869 Test Vector #3 Extract
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA256
|
||||
test_hkdf_extract:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04"
|
||||
|
||||
HKDF RFC5869 Test Vector #4 Extract
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1
|
||||
test_hkdf_extract:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243"
|
||||
|
||||
HKDF RFC5869 Test Vector #5 Extract
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1
|
||||
test_hkdf_extract:MBEDTLS_MD_SHA1:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"8adae09a2a307059478d309b26c4115a224cfaf6"
|
||||
|
||||
HKDF RFC5869 Test Vector #6 Extract
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1
|
||||
test_hkdf_extract:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01"
|
||||
|
||||
HKDF RFC5869 Test Vector #7 Extract
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1
|
||||
test_hkdf_extract:MBEDTLS_MD_SHA1:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"2adccada18779e7c2077ad2eb19d3f3e731385dd"
|
||||
|
||||
HKDF RFC5869 Test Vector #1 Expand
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA256
|
||||
test_hkdf_expand:MBEDTLS_MD_SHA256:"f0f1f2f3f4f5f6f7f8f9":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
|
||||
|
||||
HKDF RFC5869 Test Vector #2 Expand
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA256
|
||||
test_hkdf_expand:MBEDTLS_MD_SHA256:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"
|
||||
|
||||
HKDF RFC5869 Test Vector #3 Expand
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA256
|
||||
test_hkdf_expand:MBEDTLS_MD_SHA256:"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8"
|
||||
|
||||
HKDF RFC5869 Test Vector #4 Expand
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1
|
||||
test_hkdf_expand:MBEDTLS_MD_SHA1:"f0f1f2f3f4f5f6f7f8f9":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896"
|
||||
|
||||
HKDF RFC5869 Test Vector #5 Expand
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1
|
||||
test_hkdf_expand:MBEDTLS_MD_SHA1:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"8adae09a2a307059478d309b26c4115a224cfaf6":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4"
|
||||
|
||||
HKDF RFC5869 Test Vector #6 Expand
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1
|
||||
test_hkdf_expand:MBEDTLS_MD_SHA1:"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918"
|
||||
|
||||
HKDF RFC5869 Test Vector #7 Expand
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1
|
||||
test_hkdf_expand:MBEDTLS_MD_SHA1:"":"2adccada18779e7c2077ad2eb19d3f3e731385dd":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48"
|
||||
|
@ -15,6 +15,8 @@ void test_hkdf(int md_alg, data_t *ikm, data_t *salt, data_t *info,
|
||||
int ret;
|
||||
unsigned char okm[128] = { '\0' };
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg);
|
||||
TEST_ASSERT(md != NULL);
|
||||
|
||||
@ -26,6 +28,9 @@ void test_hkdf(int md_alg, data_t *ikm, data_t *salt, data_t *info,
|
||||
|
||||
ASSERT_COMPARE(okm, expected_okm->len,
|
||||
expected_okm->x, expected_okm->len);
|
||||
|
||||
exit:
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -39,6 +44,8 @@ void test_hkdf_extract(int md_alg,
|
||||
unsigned char *output_prk = NULL;
|
||||
size_t output_prk_len;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg);
|
||||
TEST_ASSERT(md != NULL);
|
||||
|
||||
@ -53,6 +60,7 @@ void test_hkdf_extract(int md_alg,
|
||||
|
||||
exit:
|
||||
mbedtls_free(output_prk);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -66,6 +74,8 @@ void test_hkdf_expand(int md_alg,
|
||||
int ret;
|
||||
unsigned char *output_okm = NULL;
|
||||
|
||||
MD_PSA_INIT();
|
||||
|
||||
const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg);
|
||||
TEST_ASSERT(md != NULL);
|
||||
|
||||
@ -82,6 +92,7 @@ void test_hkdf_expand(int md_alg,
|
||||
|
||||
exit:
|
||||
mbedtls_free(output_okm);
|
||||
MD_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user