mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-29 11:41:15 +03:00
Merge remote-tracking branch 'development/development' into development-restricted
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
Paul Elliott
2
tests/.gitignore
vendored
2
tests/.gitignore
vendored
@ -13,6 +13,8 @@ data_files/hmac_drbg_seed
|
||||
data_files/ctr_drbg_seed
|
||||
data_files/entropy_seed
|
||||
|
||||
include/alt-extra/psa/crypto_platform_alt.h
|
||||
include/alt-extra/psa/crypto_struct_alt.h
|
||||
include/test/instrument_record_status.h
|
||||
|
||||
src/*.o
|
||||
|
||||
@ -219,6 +219,7 @@ ifndef WINDOWS
|
||||
rm -rf $(BINARIES) *.c *.datax
|
||||
rm -f src/*.o src/drivers/*.o src/libmbed*
|
||||
rm -f include/test/instrument_record_status.h
|
||||
rm -f include/alt-extra/*/*_alt.h
|
||||
rm -rf libtestdriver1
|
||||
rm -f ../library/libtestdriver1.a
|
||||
else
|
||||
@ -244,6 +245,10 @@ check: $(BINARIES)
|
||||
|
||||
test: check
|
||||
|
||||
# Generate variants of some headers for testing
|
||||
include/alt-extra/%_alt.h: ../include/%.h
|
||||
perl -p -e 's/^(# *(define|ifndef) +\w+_)H\b/$${1}ALT_H/' $< >$@
|
||||
|
||||
# Generate test library
|
||||
|
||||
# Perl code that is executed to transform each original line from a library
|
||||
|
||||
@ -534,6 +534,16 @@ add_mbedtls_ciphersuites()
|
||||
esac
|
||||
}
|
||||
|
||||
# o_check_ciphersuite STANDARD_CIPHER_SUITE
|
||||
o_check_ciphersuite()
|
||||
{
|
||||
if [ "${O_SUPPORT_ECDH}" = "NO" ]; then
|
||||
case "$1" in
|
||||
*ECDH_*) SKIP_NEXT="YES"
|
||||
esac
|
||||
fi
|
||||
}
|
||||
|
||||
setup_arguments()
|
||||
{
|
||||
O_MODE=""
|
||||
@ -603,6 +613,11 @@ setup_arguments()
|
||||
;;
|
||||
esac
|
||||
|
||||
case $($OPENSSL ciphers ALL) in
|
||||
*ECDH-ECDSA*|*ECDH-RSA*) O_SUPPORT_ECDH="YES";;
|
||||
*) O_SUPPORT_ECDH="NO";;
|
||||
esac
|
||||
|
||||
if [ "X$VERIFY" = "XYES" ];
|
||||
then
|
||||
M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"
|
||||
@ -819,7 +834,7 @@ run_client() {
|
||||
if [ $EXIT -eq 0 ]; then
|
||||
RESULT=0
|
||||
else
|
||||
# If the cipher isn't supported...
|
||||
# If it is NULL cipher ...
|
||||
if grep 'Cipher is (NONE)' $CLI_OUT >/dev/null; then
|
||||
RESULT=1
|
||||
else
|
||||
@ -1033,6 +1048,7 @@ for MODE in $MODES; do
|
||||
start_server "OpenSSL"
|
||||
translate_ciphers m $M_CIPHERS
|
||||
for i in $ciphers; do
|
||||
o_check_ciphersuite "${i%%=*}"
|
||||
run_client mbedTLS ${i%%=*} ${i#*=}
|
||||
done
|
||||
stop_server
|
||||
@ -1042,6 +1058,7 @@ for MODE in $MODES; do
|
||||
start_server "mbedTLS"
|
||||
translate_ciphers o $O_CIPHERS
|
||||
for i in $ciphers; do
|
||||
o_check_ciphersuite "${i%%=*}"
|
||||
run_client OpenSSL ${i%%=*} ${i#*=}
|
||||
done
|
||||
stop_server
|
||||
|
||||
@ -29,10 +29,12 @@
|
||||
/* Disable TLS 1.2 and 1.2-specific features */
|
||||
#undef MBEDTLS_SSL_ENCRYPT_THEN_MAC
|
||||
#undef MBEDTLS_SSL_EXTENDED_MASTER_SECRET
|
||||
#undef MBEDTLS_SSL_RENEGOTIATION
|
||||
#undef MBEDTLS_SSL_PROTO_TLS1_2
|
||||
#undef MBEDTLS_SSL_PROTO_DTLS
|
||||
#undef MBEDTLS_SSL_DTLS_ANTI_REPLAY
|
||||
#undef MBEDTLS_SSL_DTLS_HELLO_VERIFY
|
||||
#undef MBEDTLS_SSL_DTLS_SRTP
|
||||
#undef MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
|
||||
#undef MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
#undef MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT
|
||||
|
||||
@ -140,6 +140,9 @@ test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr.der: te
|
||||
test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr.der: test_csr_v3_all.csr.der
|
||||
(hexdump -ve '1/1 "%.2X"' $< | sed "s/3051300B0603551D0F04/3050300B0603551D0F04/" | xxd -r -p ) > $@
|
||||
|
||||
test_cert_rfc822name.crt.der: cert_example_multi.csr
|
||||
$(OPENSSL) x509 -req -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) -extfile $(test_ca_config_file) -outform DER -extensions rfc822name_names -passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 -in $< > $@
|
||||
|
||||
$(test_ca_key_file_rsa_alt):test-ca.opensslconf
|
||||
$(OPENSSL) genrsa -out $@ 2048
|
||||
test-ca-alt.csr: $(test_ca_key_file_rsa_alt) $(test_ca_config_file)
|
||||
@ -1272,11 +1275,15 @@ pkcs7_test_cert_3 = pkcs7-rsa-sha256-3.crt
|
||||
pkcs7_test_file = pkcs7_data.bin
|
||||
|
||||
$(pkcs7_test_file):
|
||||
echo -e "Hello\xd" > $@
|
||||
printf "Hello\15\n" > $@
|
||||
all_final += $(pkcs7_test_file)
|
||||
|
||||
pkcs7_zerolendata.bin:
|
||||
printf '' > $@
|
||||
all_final += pkcs7_zerolendata.bin
|
||||
|
||||
pkcs7_data_1.bin:
|
||||
echo -e "2\xd" > $@
|
||||
printf "2\15\n" > $@
|
||||
all_final += pkcs7_data_1.bin
|
||||
|
||||
# Generate signing cert
|
||||
@ -1299,6 +1306,11 @@ pkcs7-rsa-expired.crt:
|
||||
$(FAKETIME) -f -3650d $(OPENSSL) req -x509 -subj="/C=NL/O=PKCS7/CN=PKCS7 Cert Expired" -sha256 -nodes -days 365 -newkey rsa:2048 -keyout pkcs7-rsa-expired.key -out pkcs7-rsa-expired.crt
|
||||
all_final += pkcs7-rsa-expired.crt
|
||||
|
||||
# File with an otherwise valid signature signed with an expired cert
|
||||
pkcs7_data_rsa_expired.der: pkcs7-rsa-expired.key pkcs7-rsa-expired.crt pkcs7_data.bin
|
||||
$(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -inkey pkcs7-rsa-expired.key -signer pkcs7-rsa-expired.crt -noattr -outform DER -out $@
|
||||
all_final += pkcs7_data_rsa_expired.der
|
||||
|
||||
# Convert signing certs to DER for testing PEM-free builds
|
||||
pkcs7-rsa-sha256-1.der: $(pkcs7_test_cert_1)
|
||||
$(OPENSSL) x509 -in pkcs7-rsa-sha256-1.crt -out $@ -outform DER
|
||||
@ -1308,6 +1320,15 @@ pkcs7-rsa-sha256-2.der: $(pkcs7_test_cert_2)
|
||||
$(OPENSSL) x509 -in pkcs7-rsa-sha256-2.crt -out $@ -outform DER
|
||||
all_final += pkcs7-rsa-sha256-2.der
|
||||
|
||||
pkcs7-rsa-expired.der: pkcs7-rsa-expired.crt
|
||||
$(OPENSSL) x509 -in pkcs7-rsa-expired.crt -out $@ -outform DER
|
||||
all_final += pkcs7-rsa-expired.der
|
||||
|
||||
# pkcs7 signature file over zero-len data
|
||||
pkcs7_zerolendata_detached.der: pkcs7_zerolendata.bin pkcs7-rsa-sha256-1.key pkcs7-rsa-sha256-1.crt
|
||||
$(OPENSSL) smime -sign -md sha256 -nocerts -noattr -in pkcs7_zerolendata.bin -inkey pkcs7-rsa-sha256-1.key -outform DER -binary -signer pkcs7-rsa-sha256-1.crt -out pkcs7_zerolendata_detached.der
|
||||
all_final += pkcs7_zerolendata_detached.der
|
||||
|
||||
# pkcs7 signature file with CERT
|
||||
pkcs7_data_cert_signed_sha256.der: $(pkcs7_test_file) $(pkcs7_test_cert_1)
|
||||
$(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -noattr -outform DER -out $@
|
||||
@ -1351,19 +1372,63 @@ all_final += pkcs7_data_multiple_certs_signed.der
|
||||
# pkcs7 signature file with corrupted CERT
|
||||
pkcs7_data_signed_badcert.der: pkcs7_data_cert_signed_sha256.der
|
||||
cp pkcs7_data_cert_signed_sha256.der $@
|
||||
echo -en '\xa1' | dd of=$@ bs=1 seek=547 conv=notrunc
|
||||
echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=547 conv=notrunc
|
||||
all_final += pkcs7_data_signed_badcert.der
|
||||
|
||||
# pkcs7 signature file with corrupted signer info
|
||||
pkcs7_data_signed_badsigner.der: pkcs7_data_cert_signed_sha256.der
|
||||
cp pkcs7_data_cert_signed_sha256.der $@
|
||||
echo -en '\xa1' | dd of=$@ bs=1 seek=918 conv=notrunc
|
||||
echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=918 conv=notrunc
|
||||
all_final += pkcs7_data_signed_badsigner.der
|
||||
|
||||
# pkcs7 signature file with invalid tag in signerInfo[1].serial after long issuer name
|
||||
pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der: pkcs7_data_multiple_signed.der
|
||||
cp $< $@
|
||||
echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=498 conv=notrunc
|
||||
all_final += pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der
|
||||
|
||||
# pkcs7 signature file with invalid tag in signerInfo[2]
|
||||
pkcs7_signerInfo_2_invalid_tag.der: pkcs7_data_3_signed.der
|
||||
cp $< $@
|
||||
echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=810 conv=notrunc
|
||||
all_final += pkcs7_signerInfo_2_invalid_tag.der
|
||||
|
||||
# pkcs7 signature file with corrupted signer info[1]
|
||||
pkcs7_data_signed_badsigner1_badsize.der: pkcs7_data_3_signed.der
|
||||
cp pkcs7_data_3_signed.der $@
|
||||
echo '72' | xxd -p -r | dd of=$@ bs=1 seek=438 conv=notrunc
|
||||
all_final += pkcs7_data_signed_badsigner1_badsize.der
|
||||
|
||||
pkcs7_data_signed_badsigner1_badtag.der: pkcs7_data_3_signed.der
|
||||
cp pkcs7_data_3_signed.der $@
|
||||
echo 'a1' | xxd -p -r | dd of=$@ bs=1 seek=442 conv=notrunc
|
||||
all_final += pkcs7_data_signed_badsigner1_badtag.der
|
||||
|
||||
pkcs7_data_signed_badsigner1_fuzzbad.der: pkcs7_data_3_signed.der
|
||||
cp pkcs7_data_3_signed.der $@
|
||||
echo 'a1' | xxd -p -r | dd of=$@ bs=1 seek=550 conv=notrunc
|
||||
all_final += pkcs7_data_signed_badsigner1_fuzzbad.der
|
||||
|
||||
# pkcs7 signature file with corrupted signer info[2]
|
||||
pkcs7_data_signed_badsigner2_badsize.der: pkcs7_data_3_signed.der
|
||||
cp pkcs7_data_3_signed.der $@
|
||||
echo '72'| xxd -p -r | dd of=$@ bs=1 seek=813 conv=notrunc
|
||||
all_final += pkcs7_data_signed_badsigner2_badsize
|
||||
|
||||
pkcs7_data_signed_badsigner2_badtag.der: pkcs7_data_3_signed.der
|
||||
cp pkcs7_data_3_signed.der $@
|
||||
echo 'a1'| xxd -p -r | dd of=$@ bs=1 seek=817 conv=notrunc
|
||||
all_final += pkcs7_data_signed_badsigner2_badtag
|
||||
|
||||
pkcs7_data_signed_badsigner2_fuzzbad.der: pkcs7_data_3_signed.der
|
||||
cp pkcs7_data_3_signed.der $@
|
||||
echo 'a1'| xxd -p -r | dd of=$@ bs=1 seek=925 conv=notrunc
|
||||
all_final += pkcs7_data_signed_badsigner2_fuzzbad
|
||||
|
||||
# pkcs7 file with version 2
|
||||
pkcs7_data_cert_signed_v2.der: pkcs7_data_cert_signed_sha256.der
|
||||
cp pkcs7_data_cert_signed_sha256.der $@
|
||||
echo -en '\x02' | dd of=$@ bs=1 seek=25 conv=notrunc
|
||||
echo '02' | xxd -r -p | dd of=$@ bs=1 seek=25 conv=notrunc
|
||||
all_final += pkcs7_data_cert_signed_v2.der
|
||||
|
||||
pkcs7_data_cert_encrypted.der: $(pkcs7_test_file) $(pkcs7_test_cert_1)
|
||||
@ -1374,12 +1439,12 @@ all_final += pkcs7_data_cert_encrypted.der
|
||||
# For some interesting sizes, what happens if we make them off-by-one?
|
||||
pkcs7_signerInfo_issuer_invalid_size.der: pkcs7_data_cert_signed_sha256.der
|
||||
cp $< $@
|
||||
echo -en '\x35' | dd of=$@ seek=919 bs=1 conv=notrunc
|
||||
echo '35' | xxd -r -p | dd of=$@ seek=919 bs=1 conv=notrunc
|
||||
all_final += pkcs7_signerInfo_issuer_invalid_size.der
|
||||
|
||||
pkcs7_signerInfo_serial_invalid_size.der: pkcs7_data_cert_signed_sha256.der
|
||||
cp $< $@
|
||||
echo -en '\x15' | dd of=$@ seek=973 bs=1 conv=notrunc
|
||||
echo '15' | xxd -r -p | dd of=$@ seek=973 bs=1 conv=notrunc
|
||||
all_final += pkcs7_signerInfo_serial_invalid_size.der
|
||||
|
||||
# pkcs7 signature file just with signed data
|
||||
|
||||
BIN
tests/data_files/pkcs7-rsa-expired.der
Normal file
BIN
tests/data_files/pkcs7-rsa-expired.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_no_signers.der
Normal file
BIN
tests/data_files/pkcs7_data_no_signers.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_rsa_expired.der
Normal file
BIN
tests/data_files/pkcs7_data_rsa_expired.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_signed_badsigner1_badsize.der
Normal file
BIN
tests/data_files/pkcs7_data_signed_badsigner1_badsize.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_signed_badsigner1_badtag.der
Normal file
BIN
tests/data_files/pkcs7_data_signed_badsigner1_badtag.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_signed_badsigner1_fuzzbad.der
Normal file
BIN
tests/data_files/pkcs7_data_signed_badsigner1_fuzzbad.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_signed_badsigner2_badsize.der
Normal file
BIN
tests/data_files/pkcs7_data_signed_badsigner2_badsize.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_signed_badsigner2_badtag.der
Normal file
BIN
tests/data_files/pkcs7_data_signed_badsigner2_badtag.der
Normal file
Binary file not shown.
BIN
tests/data_files/pkcs7_data_signed_badsigner2_fuzzbad.der
Normal file
BIN
tests/data_files/pkcs7_data_signed_badsigner2_fuzzbad.der
Normal file
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
BIN
tests/data_files/pkcs7_signerInfo_2_invalid_tag.der
Normal file
BIN
tests/data_files/pkcs7_signerInfo_2_invalid_tag.der
Normal file
Binary file not shown.
0
tests/data_files/pkcs7_zerolendata.bin
Normal file
0
tests/data_files/pkcs7_zerolendata.bin
Normal file
BIN
tests/data_files/pkcs7_zerolendata_detached.der
Normal file
BIN
tests/data_files/pkcs7_zerolendata_detached.der
Normal file
Binary file not shown.
@ -24,6 +24,9 @@ subjectAltName=otherName:1.2.3.4;UTF8:some other identifier
|
||||
[dns_alt_names]
|
||||
subjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org
|
||||
|
||||
[rfc822name_names]
|
||||
subjectAltName=email:my@other.address,email:second@other.address
|
||||
|
||||
[alt_names]
|
||||
DNS.1=example.com
|
||||
otherName.1=1.3.6.1.5.5.7.8.4;SEQ:hw_module_name
|
||||
|
||||
BIN
tests/data_files/test_cert_rfc822name.crt.der
Normal file
BIN
tests/data_files/test_cert_rfc822name.crt.der
Normal file
Binary file not shown.
7
tests/include/alt-extra/psa/crypto.h
Normal file
7
tests/include/alt-extra/psa/crypto.h
Normal file
@ -0,0 +1,7 @@
|
||||
/* The goal of the include/alt-extra directory is to test what happens
|
||||
* if certain files come _after_ the normal include directory.
|
||||
* Make sure that if the alt-extra directory comes before the normal
|
||||
* directory (so we wouldn't be achieving our test objective), the build
|
||||
* will fail.
|
||||
*/
|
||||
#error "The normal include directory must come first in the include path"
|
||||
@ -158,6 +158,14 @@
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_JPAKE)
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE)
|
||||
#undef MBEDTLS_PSA_ACCEL_ALG_JPAKE
|
||||
#else
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_JPAKE 1
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_AES)
|
||||
#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
|
||||
#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_AES
|
||||
@ -206,6 +214,30 @@
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_TLS12_PRF)
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
|
||||
#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF
|
||||
#else
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF 1
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
|
||||
#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS
|
||||
#else
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS 1
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS)
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS)
|
||||
#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS
|
||||
#else
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS 1
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_CCM 1
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_CMAC 1
|
||||
@ -218,8 +250,6 @@
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP 1
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT 1
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER 1
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF 1
|
||||
#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS 1
|
||||
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)
|
||||
|
||||
87
tests/include/test/drivers/pake.h
Normal file
87
tests/include/test/drivers/pake.h
Normal file
@ -0,0 +1,87 @@
|
||||
/*
|
||||
* Test driver for PAKE driver entry points.
|
||||
*/
|
||||
/* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PSA_CRYPTO_TEST_DRIVERS_PAKE_H
|
||||
#define PSA_CRYPTO_TEST_DRIVERS_PAKE_H
|
||||
|
||||
#include "mbedtls/build_info.h"
|
||||
|
||||
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#include <psa/crypto_driver_common.h>
|
||||
|
||||
typedef struct {
|
||||
/* If not PSA_SUCCESS, return this error code instead of processing the
|
||||
* function call. */
|
||||
psa_status_t forced_status;
|
||||
/* PAKE driver setup is executed on the first call to
|
||||
pake_output/pake_input (added to distinguish forced statuses). */
|
||||
psa_status_t forced_setup_status;
|
||||
/* Count the amount of times PAKE driver functions are called. */
|
||||
struct {
|
||||
unsigned long total;
|
||||
unsigned long setup;
|
||||
unsigned long input;
|
||||
unsigned long output;
|
||||
unsigned long implicit_key;
|
||||
unsigned long abort;
|
||||
} hits;
|
||||
/* Status returned by the last PAKE driver function call. */
|
||||
psa_status_t driver_status;
|
||||
/* Output returned by pake_output */
|
||||
void *forced_output;
|
||||
size_t forced_output_length;
|
||||
} mbedtls_test_driver_pake_hooks_t;
|
||||
|
||||
#define MBEDTLS_TEST_DRIVER_PAKE_INIT { PSA_SUCCESS, PSA_SUCCESS, { 0, 0, 0, 0, 0, 0 }, PSA_SUCCESS, \
|
||||
NULL, 0 }
|
||||
static inline mbedtls_test_driver_pake_hooks_t
|
||||
mbedtls_test_driver_pake_hooks_init(void)
|
||||
{
|
||||
const mbedtls_test_driver_pake_hooks_t v = MBEDTLS_TEST_DRIVER_PAKE_INIT;
|
||||
return v;
|
||||
}
|
||||
|
||||
extern mbedtls_test_driver_pake_hooks_t mbedtls_test_driver_pake_hooks;
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_setup(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
const psa_crypto_driver_pake_inputs_t *inputs);
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_output(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
psa_crypto_driver_pake_step_t step,
|
||||
uint8_t *output,
|
||||
size_t output_size,
|
||||
size_t *output_length);
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_input(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
psa_crypto_driver_pake_step_t step,
|
||||
const uint8_t *input,
|
||||
size_t input_length);
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_get_implicit_key(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
uint8_t *output, size_t output_size, size_t *output_length);
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_abort(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation);
|
||||
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
#endif /* PSA_CRYPTO_TEST_DRIVERS_PAKE_H */
|
||||
@ -38,6 +38,7 @@
|
||||
#include "test/drivers/signature.h"
|
||||
#include "test/drivers/asymmetric_encryption.h"
|
||||
#include "test/drivers/key_agreement.h"
|
||||
#include "test/drivers/pake.h"
|
||||
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
#endif /* PSA_CRYPTO_TEST_DRIVER_H */
|
||||
|
||||
@ -253,27 +253,4 @@
|
||||
*/
|
||||
#define MAX(x, y) ((x) > (y) ? (x) : (y))
|
||||
|
||||
/*
|
||||
* 32-bit integer manipulation macros (big endian)
|
||||
*/
|
||||
#ifndef GET_UINT32_BE
|
||||
#define GET_UINT32_BE(n, b, i) \
|
||||
{ \
|
||||
(n) = ((uint32_t) (b)[(i)] << 24) \
|
||||
| ((uint32_t) (b)[(i) + 1] << 16) \
|
||||
| ((uint32_t) (b)[(i) + 2] << 8) \
|
||||
| ((uint32_t) (b)[(i) + 3]); \
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef PUT_UINT32_BE
|
||||
#define PUT_UINT32_BE(n, b, i) \
|
||||
{ \
|
||||
(b)[(i)] = (unsigned char) ((n) >> 24); \
|
||||
(b)[(i) + 1] = (unsigned char) ((n) >> 16); \
|
||||
(b)[(i) + 2] = (unsigned char) ((n) >> 8); \
|
||||
(b)[(i) + 3] = (unsigned char) ((n)); \
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* TEST_MACROS_H */
|
||||
|
||||
@ -388,7 +388,7 @@ armc6_build_test()
|
||||
|
||||
msg "build: ARM Compiler 6 ($FLAGS)"
|
||||
ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \
|
||||
WARNING_CFLAGS='-xc -std=c99' make lib
|
||||
WARNING_CFLAGS='-Werror -xc -std=c99' make lib
|
||||
|
||||
msg "size: ARM Compiler 6 ($FLAGS)"
|
||||
"$ARMC6_FROMELF" -z library/*.o
|
||||
@ -1219,19 +1219,25 @@ component_test_psa_external_rng_no_drbg_use_psa () {
|
||||
tests/ssl-opt.sh -f 'Default\|opaque'
|
||||
}
|
||||
|
||||
component_test_crypto_full_no_md () {
|
||||
msg "build: crypto_full minus MD"
|
||||
component_test_crypto_full_md_light_only () {
|
||||
msg "build: crypto_full with only the light subset of MD"
|
||||
scripts/config.py crypto_full
|
||||
# Disable MD
|
||||
scripts/config.py unset MBEDTLS_MD_C
|
||||
# Direct dependencies
|
||||
# Disable direct dependencies of MD
|
||||
scripts/config.py unset MBEDTLS_HKDF_C
|
||||
scripts/config.py unset MBEDTLS_HMAC_DRBG_C
|
||||
scripts/config.py unset MBEDTLS_PKCS7_C
|
||||
# Indirect dependencies
|
||||
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC
|
||||
make
|
||||
# Disable indirect dependencies of MD
|
||||
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # needs HMAC_DRBG
|
||||
# Enable "light" subset of MD
|
||||
make CFLAGS="$ASAN_CFLAGS -DMBEDTLS_MD_LIGHT" LDFLAGS="$ASAN_CFLAGS"
|
||||
|
||||
msg "test: crypto_full minus MD"
|
||||
# Make sure we don't have the HMAC functions, but the hashing functions
|
||||
not grep mbedtls_md_hmac library/md.o
|
||||
grep mbedtls_md library/md.o
|
||||
|
||||
msg "test: crypto_full with only the light subset of MD"
|
||||
make test
|
||||
}
|
||||
|
||||
@ -1972,6 +1978,7 @@ component_build_module_alt () {
|
||||
# aesni.c and padlock.c reference mbedtls_aes_context fields directly.
|
||||
scripts/config.py unset MBEDTLS_AESNI_C
|
||||
scripts/config.py unset MBEDTLS_PADLOCK_C
|
||||
scripts/config.py unset MBEDTLS_AESCE_C
|
||||
# MBEDTLS_ECP_RESTARTABLE is documented as incompatible.
|
||||
scripts/config.py unset MBEDTLS_ECP_RESTARTABLE
|
||||
# You can only have one threading implementation: alt or pthread, not both.
|
||||
@ -2063,8 +2070,8 @@ component_test_psa_crypto_config_accel_ecdsa () {
|
||||
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
|
||||
make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
|
||||
|
||||
# Configure and build the test driver library
|
||||
# -------------------------------------------
|
||||
# Configure and build the main libraries
|
||||
# --------------------------------------
|
||||
|
||||
# Start from default config (no USE_PSA) + driver support + TLS 1.3
|
||||
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
|
||||
@ -2082,7 +2089,7 @@ component_test_psa_crypto_config_accel_ecdsa () {
|
||||
loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
|
||||
make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
|
||||
|
||||
# Make sure ECDSA was not re-enabled by accident (additive config)
|
||||
# Make sure this was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_ecdsa_ library/ecdsa.o
|
||||
|
||||
# Run the tests
|
||||
@ -2092,7 +2099,7 @@ component_test_psa_crypto_config_accel_ecdsa () {
|
||||
make test
|
||||
}
|
||||
|
||||
# Auxiliary function to build config for hashes with and without drivers
|
||||
# Auxiliary function to build config for ECDSA with and without drivers
|
||||
config_psa_crypto_config_ecdsa_use_psa () {
|
||||
DRIVER_ONLY="$1"
|
||||
# start with config full for maximum coverage (also enables USE_PSA)
|
||||
@ -2104,14 +2111,13 @@ config_psa_crypto_config_ecdsa_use_psa () {
|
||||
# Disable the module that's accelerated
|
||||
scripts/config.py unset MBEDTLS_ECDSA_C
|
||||
fi
|
||||
# Disable things that depend on it
|
||||
# TODO: make these work - #6862
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
||||
# Restartable feature is not yet supported by PSA. Once it will in
|
||||
# the future, the following line could be removed (see issues
|
||||
# 6061, 6332 and following ones)
|
||||
scripts/config.py unset MBEDTLS_ECP_RESTARTABLE
|
||||
# Dynamic secure element support is a deprecated feature and needs to be disabled here.
|
||||
# This is done to have the same form of psa_key_attributes_s for libdriver and library.
|
||||
scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
|
||||
}
|
||||
|
||||
# Keep in sync with component_test_psa_crypto_config_reference_ecdsa_use_psa
|
||||
@ -2158,7 +2164,8 @@ component_test_psa_crypto_config_accel_ecdsa_use_psa () {
|
||||
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA + USE_PSA"
|
||||
make test
|
||||
|
||||
# TODO: ssl-opt.sh (currently doesn't pass) - #6861
|
||||
msg "test: ssl-opt.sh"
|
||||
tests/ssl-opt.sh
|
||||
}
|
||||
|
||||
# Keep in sync with component_test_psa_crypto_config_accel_ecdsa_use_psa.
|
||||
@ -2177,41 +2184,156 @@ component_test_psa_crypto_config_reference_ecdsa_use_psa () {
|
||||
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA + USE_PSA"
|
||||
make test
|
||||
|
||||
# TODO: ssl-opt.sh (when the accel component is ready) - #6861
|
||||
msg "test: ssl-opt.sh"
|
||||
tests/ssl-opt.sh
|
||||
}
|
||||
|
||||
component_test_psa_crypto_config_accel_ecdh () {
|
||||
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH"
|
||||
|
||||
# Algorithms and key types to accelerate
|
||||
loc_accel_list="ALG_ECDH KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
|
||||
|
||||
# Configure and build the test driver library
|
||||
# -------------------------------------------
|
||||
|
||||
# Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
|
||||
# partial support for cipher operations in the driver test library.
|
||||
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
|
||||
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
|
||||
|
||||
loc_accel_list="ALG_ECDH KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
|
||||
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
|
||||
make -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
|
||||
|
||||
# Configure and build the main libraries
|
||||
# --------------------------------------
|
||||
|
||||
# Start from default config (no USE_PSA or TLS 1.3) + driver support
|
||||
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
|
||||
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
|
||||
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
|
||||
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
|
||||
|
||||
# Disable the module that's accelerated
|
||||
scripts/config.py unset MBEDTLS_ECDH_C
|
||||
|
||||
# Disable things that depend on it
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
|
||||
# Build the main library
|
||||
loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
|
||||
make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
|
||||
|
||||
# Make sure this was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_ecdh_ library/ecdh.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
|
||||
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH"
|
||||
make test
|
||||
}
|
||||
|
||||
# Auxiliary function to build config for ECDH with and without drivers.
|
||||
#
|
||||
# This is used by the two following components to ensure they always use the
|
||||
# same config, except for the use of driver or built-in ECDH:
|
||||
# - component_test_psa_crypto_config_accel_ecdh_use_psa;
|
||||
# - component_test_psa_crypto_config_reference_ecdh_use_psa.
|
||||
# This support comparing their test coverage with analyze_outcomes.py.
|
||||
config_psa_crypto_config_ecdh_use_psa () {
|
||||
DRIVER_ONLY="$1"
|
||||
# start with config full for maximum coverage (also enables USE_PSA)
|
||||
scripts/config.py full
|
||||
# enable support for drivers and configuring PSA-only algorithms
|
||||
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
|
||||
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
|
||||
if [ "$DRIVER_ONLY" -eq 1 ]; then
|
||||
# Disable the module that's accelerated
|
||||
scripts/config.py unset MBEDTLS_ECDH_C
|
||||
fi
|
||||
# Disable things that depend on it (regardless of driver or built-in)
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
|
||||
scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
# Note: the above two lines should be enough, but currently there's a bug
|
||||
# that prevents tests from passing TLS 1.3 with only PSK (no ephemeral)
|
||||
# when TLS 1.2 is also enabled, see #6848.
|
||||
# So, as a temporary measure disable all of TLS 1.3.
|
||||
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
|
||||
|
||||
# Restartable feature is not yet supported by PSA. Once it will in
|
||||
# the future, the following line could be removed (see issues
|
||||
# 6061, 6332 and following ones)
|
||||
scripts/config.py unset MBEDTLS_ECP_RESTARTABLE
|
||||
}
|
||||
|
||||
# Keep in sync with component_test_psa_crypto_config_reference_ecdh_use_psa
|
||||
component_test_psa_crypto_config_accel_ecdh_use_psa () {
|
||||
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH + USE_PSA"
|
||||
|
||||
# Algorithms and key types to accelerate
|
||||
loc_accel_list="ALG_ECDH KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
|
||||
|
||||
# Configure and build the test driver library
|
||||
# -------------------------------------------
|
||||
|
||||
# Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
|
||||
# partial support for cipher operations in the driver test library.
|
||||
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
|
||||
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
|
||||
|
||||
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
|
||||
make -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
|
||||
|
||||
# Configure and build the main libraries
|
||||
# --------------------------------------
|
||||
|
||||
# Use the same config as reference, only without built-in ECDH
|
||||
config_psa_crypto_config_ecdh_use_psa 1
|
||||
|
||||
# Build the main library
|
||||
loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
|
||||
make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
|
||||
|
||||
# Make sure this was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_ecdh_ library/ecdh.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
|
||||
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH + USE_PSA"
|
||||
make test
|
||||
|
||||
# ssl-opt.sh later (probably doesn't pass right now)
|
||||
}
|
||||
|
||||
# Keep in sync with component_test_psa_crypto_config_accel_ecdh_use_psa.
|
||||
# Used by tests/scripts/analyze_outcomes.py for comparison purposes.
|
||||
component_test_psa_crypto_config_reference_ecdh_use_psa () {
|
||||
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with reference ECDH + USE_PSA"
|
||||
|
||||
# To be aligned with the accel component that needs this
|
||||
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
|
||||
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
|
||||
|
||||
config_psa_crypto_config_ecdh_use_psa 0
|
||||
|
||||
make
|
||||
|
||||
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with reference ECDH + USE_PSA"
|
||||
make test
|
||||
|
||||
# ssl-opt.sh later when the accel component is ready
|
||||
}
|
||||
|
||||
component_test_psa_crypto_config_accel_rsa_signature () {
|
||||
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature"
|
||||
|
||||
@ -2345,8 +2467,7 @@ config_psa_crypto_hash_use_psa () {
|
||||
scripts/config.py unset MBEDTLS_ENTROPY_C
|
||||
scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED # depends on ENTROPY_C
|
||||
scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT # depends on former
|
||||
# Also unset MD_C and things that depend on it;
|
||||
# see component_test_crypto_full_no_md.
|
||||
# Also unset MD_C and things that depend on it.
|
||||
if [ "$DRIVER_ONLY" -eq 1 ]; then
|
||||
scripts/config.py unset MBEDTLS_MD_C
|
||||
fi
|
||||
@ -2355,6 +2476,10 @@ config_psa_crypto_hash_use_psa () {
|
||||
scripts/config.py unset MBEDTLS_PKCS7_C
|
||||
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC
|
||||
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_DETERMINISTIC_ECDSA
|
||||
|
||||
# Dynamic secure element support is a deprecated feature and needs to be disabled here.
|
||||
# This is done to have the same form of psa_key_attributes_s for libdriver and library.
|
||||
scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
|
||||
}
|
||||
|
||||
# Note that component_test_psa_crypto_config_reference_hash_use_psa
|
||||
@ -2493,6 +2618,41 @@ component_test_psa_crypto_config_accel_aead () {
|
||||
make test
|
||||
}
|
||||
|
||||
component_test_psa_crypto_config_accel_pake() {
|
||||
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated PAKE"
|
||||
|
||||
# Start with full
|
||||
scripts/config.py full
|
||||
|
||||
# Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
|
||||
# partial support for cipher operations in the driver test library.
|
||||
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
|
||||
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
|
||||
|
||||
loc_accel_list="ALG_JPAKE"
|
||||
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
|
||||
make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
|
||||
|
||||
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
|
||||
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
|
||||
|
||||
# Make build-in fallback not available
|
||||
scripts/config.py unset MBEDTLS_ECJPAKE_C
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
|
||||
|
||||
# Dynamic secure element support is a deprecated feature and needs to be disabled here.
|
||||
# This is done to have the same form of psa_key_attributes_s for libdriver and library.
|
||||
scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
|
||||
|
||||
loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
|
||||
make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
|
||||
|
||||
not grep mbedtls_ecjpake_init library/ecjpake.o
|
||||
|
||||
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated PAKE"
|
||||
make test
|
||||
}
|
||||
|
||||
component_test_psa_crypto_config_no_driver() {
|
||||
# full plus MBEDTLS_PSA_CRYPTO_CONFIG
|
||||
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS"
|
||||
@ -3258,6 +3418,27 @@ component_build_psa_config_file () {
|
||||
rm -f psa_test_config.h psa_user_config.h
|
||||
}
|
||||
|
||||
component_build_psa_alt_headers () {
|
||||
msg "build: make with PSA alt headers" # ~20s
|
||||
|
||||
# Generate alternative versions of the substitutable headers with the
|
||||
# same content except different include guards.
|
||||
make -C tests include/alt-extra/psa/crypto_platform_alt.h include/alt-extra/psa/crypto_struct_alt.h
|
||||
|
||||
# Build the library and some programs.
|
||||
# Don't build the fuzzers to avoid having to go through hoops to set
|
||||
# a correct include path for programs/fuzz/Makefile.
|
||||
make CFLAGS="-I ../tests/include/alt-extra -DMBEDTLS_PSA_CRYPTO_PLATFORM_FILE='\"psa/crypto_platform_alt.h\"' -DMBEDTLS_PSA_CRYPTO_STRUCT_FILE='\"psa/crypto_struct_alt.h\"'" lib
|
||||
make -C programs -o fuzz CFLAGS="-I ../tests/include/alt-extra -DMBEDTLS_PSA_CRYPTO_PLATFORM_FILE='\"psa/crypto_platform_alt.h\"' -DMBEDTLS_PSA_CRYPTO_STRUCT_FILE='\"psa/crypto_struct_alt.h\"'"
|
||||
|
||||
# Check that we're getting the alternative include guards and not the
|
||||
# original include guards.
|
||||
programs/test/query_included_headers | grep -x PSA_CRYPTO_PLATFORM_ALT_H
|
||||
programs/test/query_included_headers | grep -x PSA_CRYPTO_STRUCT_ALT_H
|
||||
programs/test/query_included_headers | not grep -x PSA_CRYPTO_PLATFORM_H
|
||||
programs/test/query_included_headers | not grep -x PSA_CRYPTO_STRUCT_H
|
||||
}
|
||||
|
||||
component_test_m32_o0 () {
|
||||
# Build without optimization, so as to use portable C code (in a 32-bit
|
||||
# build) and not the i386-specific inline assembly.
|
||||
@ -3341,6 +3522,7 @@ component_test_have_int32 () {
|
||||
scripts/config.py unset MBEDTLS_HAVE_ASM
|
||||
scripts/config.py unset MBEDTLS_AESNI_C
|
||||
scripts/config.py unset MBEDTLS_PADLOCK_C
|
||||
scripts/config.py unset MBEDTLS_AESCE_C
|
||||
make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32'
|
||||
|
||||
msg "test: gcc, force 32-bit bignum limbs"
|
||||
@ -3352,6 +3534,7 @@ component_test_have_int64 () {
|
||||
scripts/config.py unset MBEDTLS_HAVE_ASM
|
||||
scripts/config.py unset MBEDTLS_AESNI_C
|
||||
scripts/config.py unset MBEDTLS_PADLOCK_C
|
||||
scripts/config.py unset MBEDTLS_AESCE_C
|
||||
make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64'
|
||||
|
||||
msg "test: gcc, force 64-bit bignum limbs"
|
||||
@ -3476,6 +3659,15 @@ component_build_armcc () {
|
||||
scripts/config.py baremetal
|
||||
# armc[56] don't support SHA-512 intrinsics
|
||||
scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
|
||||
|
||||
# Stop armclang warning about feature detection for A64_CRYPTO.
|
||||
# With this enabled, the library does build correctly under armclang,
|
||||
# but in baremetal builds (as tested here), feature detection is
|
||||
# unavailable, and the user is notified via a #warning. So enabling
|
||||
# this feature would prevent us from building with -Werror on
|
||||
# armclang. Tracked in #7198.
|
||||
scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
|
||||
|
||||
scripts/config.py set MBEDTLS_HAVE_ASM
|
||||
|
||||
make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib
|
||||
|
||||
@ -183,6 +183,18 @@ TASKS = {
|
||||
}
|
||||
}
|
||||
},
|
||||
'analyze_driver_vs_reference_ecdh': {
|
||||
'test_function': do_analyze_driver_vs_reference,
|
||||
'args': {
|
||||
'component_ref': 'test_psa_crypto_config_reference_ecdh_use_psa',
|
||||
'component_driver': 'test_psa_crypto_config_accel_ecdh_use_psa',
|
||||
'ignored_suites': [
|
||||
'ecdh', # the software implementation that's excluded
|
||||
],
|
||||
'ignored_tests': {
|
||||
}
|
||||
}
|
||||
},
|
||||
}
|
||||
|
||||
def main():
|
||||
|
||||
@ -23,7 +23,7 @@ Test Mbed TLS with a subset of algorithms.
|
||||
This script can be divided into several steps:
|
||||
|
||||
First, include/mbedtls/mbedtls_config.h or a different config file passed
|
||||
in the arguments is parsed to extract any configuration options (collect_config_symbols).
|
||||
in the arguments is parsed to extract any configuration options (using config.py).
|
||||
|
||||
Then, test domains (groups of jobs, tests) are built based on predefined data
|
||||
collected in the DomainData class. Here, each domain has five major traits:
|
||||
@ -65,6 +65,11 @@ import shutil
|
||||
import subprocess
|
||||
import sys
|
||||
import traceback
|
||||
from typing import Union
|
||||
|
||||
# Add the Mbed TLS Python library directory to the module search path
|
||||
import scripts_path # pylint: disable=unused-import
|
||||
import config
|
||||
|
||||
class Colors: # pylint: disable=too-few-public-methods
|
||||
"""Minimalistic support for colored output.
|
||||
@ -74,6 +79,7 @@ that outputting start switches the text color to the desired color and
|
||||
stop switches the text color back to the default."""
|
||||
red = None
|
||||
green = None
|
||||
cyan = None
|
||||
bold_red = None
|
||||
bold_green = None
|
||||
def __init__(self, options=None):
|
||||
@ -89,6 +95,7 @@ stop switches the text color back to the default."""
|
||||
normal = '\033[0m'
|
||||
self.red = ('\033[31m', normal)
|
||||
self.green = ('\033[32m', normal)
|
||||
self.cyan = ('\033[36m', normal)
|
||||
self.bold_red = ('\033[1;31m', normal)
|
||||
self.bold_green = ('\033[1;32m', normal)
|
||||
NO_COLORS = Colors(None)
|
||||
@ -124,34 +131,38 @@ Remove the backup file if it was saved earlier."""
|
||||
else:
|
||||
shutil.copy(options.config_backup, options.config)
|
||||
|
||||
def run_config_py(options, args):
|
||||
"""Run scripts/config.py with the specified arguments."""
|
||||
cmd = ['scripts/config.py']
|
||||
if options.config != 'include/mbedtls/mbedtls_config.h':
|
||||
cmd += ['--file', options.config]
|
||||
cmd += args
|
||||
log_command(cmd)
|
||||
subprocess.check_call(cmd)
|
||||
def option_exists(conf, option):
|
||||
return option in conf.settings
|
||||
|
||||
def set_reference_config(options):
|
||||
def set_config_option_value(conf, option, colors, value: Union[bool, str]):
|
||||
"""Set/unset a configuration option, optionally specifying a value.
|
||||
value can be either True/False (set/unset config option), or a string,
|
||||
which will make a symbol defined with a certain value."""
|
||||
if not option_exists(conf, option):
|
||||
log_line('Symbol {} was not found in {}'.format(option, conf.filename), color=colors.red)
|
||||
return False
|
||||
|
||||
if value is False:
|
||||
log_command(['config.py', 'unset', option])
|
||||
conf.unset(option)
|
||||
elif value is True:
|
||||
log_command(['config.py', 'set', option])
|
||||
conf.set(option)
|
||||
else:
|
||||
log_command(['config.py', 'set', option, value])
|
||||
conf.set(option, value)
|
||||
return True
|
||||
|
||||
def set_reference_config(conf, options, colors):
|
||||
"""Change the library configuration file (mbedtls_config.h) to the reference state.
|
||||
The reference state is the one from which the tested configurations are
|
||||
derived."""
|
||||
# Turn off options that are not relevant to the tests and slow them down.
|
||||
run_config_py(options, ['full'])
|
||||
run_config_py(options, ['unset', 'MBEDTLS_TEST_HOOKS'])
|
||||
log_command(['config.py', 'full'])
|
||||
conf.adapt(config.full_adapter)
|
||||
set_config_option_value(conf, 'MBEDTLS_TEST_HOOKS', colors, False)
|
||||
if options.unset_use_psa:
|
||||
run_config_py(options, ['unset', 'MBEDTLS_USE_PSA_CRYPTO'])
|
||||
|
||||
def collect_config_symbols(options):
|
||||
"""Read the list of settings from mbedtls_config.h.
|
||||
Return them in a generator."""
|
||||
with open(options.config, encoding="utf-8") as config_file:
|
||||
rx = re.compile(r'\s*(?://\s*)?#define\s+(\w+)\s*(?:$|/[/*])')
|
||||
for line in config_file:
|
||||
m = re.match(rx, line)
|
||||
if m:
|
||||
yield m.group(1)
|
||||
set_config_option_value(conf, 'MBEDTLS_USE_PSA_CRYPTO', colors, False)
|
||||
|
||||
class Job:
|
||||
"""A job builds the library in a specific configuration and runs some tests."""
|
||||
@ -179,19 +190,16 @@ If what is False, announce that the job has failed.'''
|
||||
elif what is False:
|
||||
log_line(self.name + ' FAILED', color=colors.red)
|
||||
else:
|
||||
log_line('starting ' + self.name)
|
||||
log_line('starting ' + self.name, color=colors.cyan)
|
||||
|
||||
def configure(self, options):
|
||||
def configure(self, conf, options, colors):
|
||||
'''Set library configuration options as required for the job.'''
|
||||
set_reference_config(options)
|
||||
set_reference_config(conf, options, colors)
|
||||
for key, value in sorted(self.config_settings.items()):
|
||||
if value is True:
|
||||
args = ['set', key]
|
||||
elif value is False:
|
||||
args = ['unset', key]
|
||||
else:
|
||||
args = ['set', key, value]
|
||||
run_config_py(options, args)
|
||||
ret = set_config_option_value(conf, key, colors, value)
|
||||
if ret is False:
|
||||
return False
|
||||
return True
|
||||
|
||||
def test(self, options):
|
||||
'''Run the job's build and test commands.
|
||||
@ -382,11 +390,11 @@ class DomainData:
|
||||
return [symbol for symbol in self.all_config_symbols
|
||||
if re.match(regexp, symbol)]
|
||||
|
||||
def __init__(self, options):
|
||||
def __init__(self, options, conf):
|
||||
"""Gather data about the library and establish a list of domains to test."""
|
||||
build_command = [options.make_command, 'CFLAGS=-Werror']
|
||||
build_and_test = [build_command, [options.make_command, 'test']]
|
||||
self.all_config_symbols = set(collect_config_symbols(options))
|
||||
self.all_config_symbols = set(conf.settings.keys())
|
||||
# Find hash modules by name.
|
||||
hash_symbols = self.config_symbols_matching(r'MBEDTLS_(MD|RIPEMD|SHA)[0-9]+_C\Z')
|
||||
# Find elliptic curve enabling macros by name.
|
||||
@ -442,16 +450,19 @@ A name can either be the name of a domain or the name of one specific job."""
|
||||
else:
|
||||
return [self.jobs[name]]
|
||||
|
||||
def run(options, job, colors=NO_COLORS):
|
||||
def run(options, job, conf, colors=NO_COLORS):
|
||||
"""Run the specified job (a Job instance)."""
|
||||
subprocess.check_call([options.make_command, 'clean'])
|
||||
job.announce(colors, None)
|
||||
job.configure(options)
|
||||
if not job.configure(conf, options, colors):
|
||||
job.announce(colors, False)
|
||||
return False
|
||||
conf.write()
|
||||
success = job.test(options)
|
||||
job.announce(colors, success)
|
||||
return success
|
||||
|
||||
def run_tests(options, domain_data):
|
||||
def run_tests(options, domain_data, conf):
|
||||
"""Run the desired jobs.
|
||||
domain_data should be a DomainData instance that describes the available
|
||||
domains and jobs.
|
||||
@ -467,7 +478,7 @@ Run the jobs listed in options.tasks."""
|
||||
backup_config(options)
|
||||
try:
|
||||
for job in jobs:
|
||||
success = run(options, job, colors=colors)
|
||||
success = run(options, job, conf, colors=colors)
|
||||
if not success:
|
||||
if options.keep_going:
|
||||
failures.append(job.name)
|
||||
@ -533,7 +544,9 @@ def main():
|
||||
default=True)
|
||||
options = parser.parse_args()
|
||||
os.chdir(options.directory)
|
||||
domain_data = DomainData(options)
|
||||
conf = config.ConfigFile(options.config)
|
||||
domain_data = DomainData(options, conf)
|
||||
|
||||
if options.tasks is True:
|
||||
options.tasks = sorted(domain_data.domains.keys())
|
||||
if options.list:
|
||||
@ -542,7 +555,7 @@ def main():
|
||||
print(domain_name)
|
||||
sys.exit(0)
|
||||
else:
|
||||
sys.exit(0 if run_tests(options, domain_data) else 1)
|
||||
sys.exit(0 if run_tests(options, domain_data, conf) else 1)
|
||||
except Exception: # pylint: disable=broad-except
|
||||
traceback.print_exc()
|
||||
sys.exit(3)
|
||||
|
||||
212
tests/src/drivers/test_driver_pake.c
Normal file
212
tests/src/drivers/test_driver_pake.c
Normal file
@ -0,0 +1,212 @@
|
||||
/*
|
||||
* Test driver for MAC entry points.
|
||||
*/
|
||||
/* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include <test/helpers.h>
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#include "psa_crypto_pake.h"
|
||||
|
||||
#include "test/drivers/pake.h"
|
||||
#include "string.h"
|
||||
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
|
||||
#include "libtestdriver1/library/psa_crypto_pake.h"
|
||||
#endif
|
||||
|
||||
mbedtls_test_driver_pake_hooks_t mbedtls_test_driver_pake_hooks =
|
||||
MBEDTLS_TEST_DRIVER_PAKE_INIT;
|
||||
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_setup(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
const psa_crypto_driver_pake_inputs_t *inputs)
|
||||
{
|
||||
mbedtls_test_driver_pake_hooks.hits.total++;
|
||||
mbedtls_test_driver_pake_hooks.hits.setup++;
|
||||
|
||||
if (mbedtls_test_driver_pake_hooks.forced_setup_status != PSA_SUCCESS) {
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_test_driver_pake_hooks.forced_setup_status;
|
||||
} else {
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
|
||||
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
libtestdriver1_mbedtls_psa_pake_setup(
|
||||
operation, (const libtestdriver1_psa_crypto_driver_pake_inputs_t *) inputs);
|
||||
#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_psa_pake_setup(
|
||||
operation, inputs);
|
||||
#else
|
||||
(void) operation;
|
||||
(void) inputs;
|
||||
mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
|
||||
#endif
|
||||
}
|
||||
|
||||
return mbedtls_test_driver_pake_hooks.driver_status;
|
||||
}
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_output(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
psa_crypto_driver_pake_step_t step,
|
||||
uint8_t *output,
|
||||
size_t output_size,
|
||||
size_t *output_length)
|
||||
{
|
||||
mbedtls_test_driver_pake_hooks.hits.total++;
|
||||
mbedtls_test_driver_pake_hooks.hits.output++;
|
||||
|
||||
if (mbedtls_test_driver_pake_hooks.forced_output != NULL) {
|
||||
if (output_size < mbedtls_test_driver_pake_hooks.forced_output_length) {
|
||||
return PSA_ERROR_BUFFER_TOO_SMALL;
|
||||
}
|
||||
|
||||
memcpy(output,
|
||||
mbedtls_test_driver_pake_hooks.forced_output,
|
||||
mbedtls_test_driver_pake_hooks.forced_output_length);
|
||||
*output_length = mbedtls_test_driver_pake_hooks.forced_output_length;
|
||||
|
||||
return mbedtls_test_driver_pake_hooks.forced_status;
|
||||
}
|
||||
|
||||
if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) {
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_test_driver_pake_hooks.forced_status;
|
||||
} else {
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
|
||||
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
libtestdriver1_mbedtls_psa_pake_output(
|
||||
operation, step, output, output_size, output_length);
|
||||
#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_psa_pake_output(
|
||||
operation, step, output, output_size, output_length);
|
||||
#else
|
||||
(void) operation;
|
||||
(void) step;
|
||||
(void) output;
|
||||
(void) output_size;
|
||||
(void) output_length;
|
||||
mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
|
||||
#endif
|
||||
}
|
||||
|
||||
return mbedtls_test_driver_pake_hooks.driver_status;
|
||||
}
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_input(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
psa_crypto_driver_pake_step_t step,
|
||||
const uint8_t *input,
|
||||
size_t input_length)
|
||||
{
|
||||
mbedtls_test_driver_pake_hooks.hits.total++;
|
||||
mbedtls_test_driver_pake_hooks.hits.input++;
|
||||
|
||||
if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) {
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_test_driver_pake_hooks.forced_status;
|
||||
} else {
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
|
||||
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
libtestdriver1_mbedtls_psa_pake_input(
|
||||
operation, step, input, input_length);
|
||||
#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_psa_pake_input(
|
||||
operation, step, input, input_length);
|
||||
#else
|
||||
(void) operation;
|
||||
(void) step;
|
||||
(void) input;
|
||||
(void) input_length;
|
||||
mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
|
||||
#endif
|
||||
}
|
||||
|
||||
return mbedtls_test_driver_pake_hooks.driver_status;
|
||||
}
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_get_implicit_key(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation,
|
||||
uint8_t *output, size_t output_size, size_t *output_length)
|
||||
{
|
||||
mbedtls_test_driver_pake_hooks.hits.total++;
|
||||
mbedtls_test_driver_pake_hooks.hits.implicit_key++;
|
||||
|
||||
if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) {
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_test_driver_pake_hooks.forced_status;
|
||||
} else {
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
|
||||
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
libtestdriver1_mbedtls_psa_pake_get_implicit_key(
|
||||
operation, output, output_size, output_length);
|
||||
#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_psa_pake_get_implicit_key(
|
||||
operation, output, output_size, output_length);
|
||||
#else
|
||||
(void) operation;
|
||||
(void) output;
|
||||
(void) output_size;
|
||||
(void) output_length;
|
||||
mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
|
||||
#endif
|
||||
}
|
||||
|
||||
return mbedtls_test_driver_pake_hooks.driver_status;
|
||||
}
|
||||
|
||||
psa_status_t mbedtls_test_transparent_pake_abort(
|
||||
mbedtls_transparent_test_driver_pake_operation_t *operation)
|
||||
{
|
||||
mbedtls_test_driver_pake_hooks.hits.total++;
|
||||
mbedtls_test_driver_pake_hooks.hits.abort++;
|
||||
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
|
||||
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
libtestdriver1_mbedtls_psa_pake_abort(
|
||||
operation);
|
||||
#elif defined(MBEDTLS_PSA_BUILTIN_PAKE)
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_psa_pake_abort(
|
||||
operation);
|
||||
#else
|
||||
(void) operation;
|
||||
mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
|
||||
#endif
|
||||
|
||||
|
||||
if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS &&
|
||||
mbedtls_test_driver_pake_hooks.driver_status == PSA_SUCCESS) {
|
||||
mbedtls_test_driver_pake_hooks.driver_status =
|
||||
mbedtls_test_driver_pake_hooks.forced_status;
|
||||
}
|
||||
|
||||
|
||||
return mbedtls_test_driver_pake_hooks.driver_status;
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
|
||||
@ -778,6 +778,10 @@ int mbedtls_test_psa_exported_key_sanity_check(
|
||||
/* The representation of an ECC Montgomery public key is
|
||||
* the raw compressed point */
|
||||
TEST_EQUAL(PSA_BITS_TO_BYTES(bits), exported_length);
|
||||
} else if (PSA_KEY_TYPE_ECC_GET_FAMILY(type) == PSA_ECC_FAMILY_TWISTED_EDWARDS) {
|
||||
/* The representation of an ECC Edwards public key is
|
||||
* the raw compressed point */
|
||||
TEST_EQUAL(PSA_BITS_TO_BYTES(bits + 1), exported_length);
|
||||
} else {
|
||||
/* The representation of an ECC Weierstrass public key is:
|
||||
* - The byte 0x04;
|
||||
|
||||
@ -36,6 +36,7 @@
|
||||
#include <string.h>
|
||||
|
||||
#include <mbedtls/entropy.h>
|
||||
#include "../../library/alignment.h"
|
||||
|
||||
int mbedtls_test_rnd_std_rand(void *rng_state,
|
||||
unsigned char *output,
|
||||
@ -137,7 +138,7 @@ int mbedtls_test_rnd_pseudo_rand(void *rng_state,
|
||||
+ info->v0) ^ (sum + k[(sum>>11) & 3]);
|
||||
}
|
||||
|
||||
PUT_UINT32_BE(info->v0, result, 0);
|
||||
MBEDTLS_PUT_UINT32_BE(info->v0, result, 0);
|
||||
memcpy(out, result, use_len);
|
||||
len -= use_len;
|
||||
out += 4;
|
||||
|
||||
205
tests/ssl-opt.sh
205
tests/ssl-opt.sh
@ -221,6 +221,15 @@ skip_next_test() {
|
||||
SKIP_NEXT="YES"
|
||||
}
|
||||
|
||||
# Check if the required configuration ($1) is enabled
|
||||
is_config_enabled()
|
||||
{
|
||||
case $CONFIGS_ENABLED in
|
||||
*" $1"[\ =]*) return 0;;
|
||||
*) return 1;;
|
||||
esac
|
||||
}
|
||||
|
||||
# skip next test if the flag is not enabled in mbedtls_config.h
|
||||
requires_config_enabled() {
|
||||
case $CONFIGS_ENABLED in
|
||||
@ -272,6 +281,9 @@ TLS1_2_KEY_EXCHANGES_WITH_CERT="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED"
|
||||
|
||||
TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT="MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED"
|
||||
|
||||
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled() {
|
||||
if $P_QUERY -all MBEDTLS_SSL_PROTO_TLS1_2
|
||||
then
|
||||
@ -351,9 +363,12 @@ requires_ciphersuite_enabled() {
|
||||
esac
|
||||
}
|
||||
|
||||
# detect_required_features CMD [RUN_TEST_OPTION...]
|
||||
# If CMD (call to a TLS client or server program) requires certain features,
|
||||
# arrange to only run the following test case if those features are enabled.
|
||||
# Automatically detect required features based on command line parameters.
|
||||
# Parameters are:
|
||||
# - $1 = command line (call to a TLS client or server program)
|
||||
# - $2 = client/server
|
||||
# - $3 = TLS version (TLS12 or TLS13)
|
||||
# - $4 = run test options
|
||||
detect_required_features() {
|
||||
case "$1" in
|
||||
*\ force_version=*)
|
||||
@ -378,6 +393,28 @@ detect_required_features() {
|
||||
requires_config_enabled MBEDTLS_SSL_ALPN;;
|
||||
esac
|
||||
|
||||
case "$1" in
|
||||
*server5*|\
|
||||
*server7*)
|
||||
if [ "$3" = "TLS13" ]; then
|
||||
# In case of TLS13 the support for ECDSA is enough
|
||||
requires_pk_alg "ECDSA"
|
||||
else
|
||||
# For TLS12 requirements are different between server and client
|
||||
if [ "$2" = "server" ]; then
|
||||
# If the server uses "server5*" certificates, then an ECDSA based
|
||||
# key exchange is required
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT
|
||||
elif [ "$2" = "client" ]; then
|
||||
# Otherwise for the client it is enough to have any certificate
|
||||
# based authentication + support for ECDSA
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
requires_pk_alg "ECDSA"
|
||||
fi
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
||||
unset tmp
|
||||
}
|
||||
|
||||
@ -460,12 +497,9 @@ check_for_hash_alg()
|
||||
{
|
||||
CURR_ALG="INVALID";
|
||||
USE_PSA="NO"
|
||||
case $CONFIGS_ENABLED in
|
||||
*" MBEDTLS_USE_PSA_CRYPTO"[\ =]*)
|
||||
USE_PSA="YES";
|
||||
;;
|
||||
*) :;;
|
||||
esac
|
||||
if is_config_enabled "MBEDTLS_USE_PSA_CRYPTO"; then
|
||||
USE_PSA="YES";
|
||||
fi
|
||||
if [ $USE_PSA = "YES" ]; then
|
||||
CURR_ALG=PSA_WANT_ALG_${1}
|
||||
else
|
||||
@ -517,6 +551,23 @@ requires_hash_alg() {
|
||||
fi
|
||||
}
|
||||
|
||||
# Skip next test if the given pk alg is not enabled
|
||||
requires_pk_alg() {
|
||||
case $1 in
|
||||
ECDSA)
|
||||
if is_config_enabled MBEDTLS_USE_PSA_CRYPTO; then
|
||||
requires_config_enabled PSA_WANT_ALG_ECDSA
|
||||
else
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo "Unknown/unimplemented case $1 in requires_pk_alg"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
}
|
||||
|
||||
# skip next test if OpenSSL doesn't support FALLBACK_SCSV
|
||||
requires_openssl_with_fallback_scsv() {
|
||||
if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then
|
||||
@ -1390,6 +1441,33 @@ do_run_test_once() {
|
||||
fi
|
||||
}
|
||||
|
||||
# Detect if the current test is going to use TLS 1.3.
|
||||
# $1 and $2 contain the server and client command lines, respectively.
|
||||
#
|
||||
# Note: this function only provides some guess about TLS version by simply
|
||||
# looking at the server/client command lines. Even thought this works
|
||||
# for the sake of tests' filtering (especially in conjunction with the
|
||||
# detect_required_features() function), it does NOT guarantee that the
|
||||
# result is accurate. It does not check other conditions, such as:
|
||||
# - MBEDTLS_SSL_PROTO_TLS1_x can be disabled to selectively remove
|
||||
# TLS 1.2/1.3 support
|
||||
# - we can force a ciphersuite which contains "WITH" in its name, meaning
|
||||
# that we are going to use TLS 1.2
|
||||
# - etc etc
|
||||
get_tls_version() {
|
||||
case $1 in
|
||||
*tls1_3*|*tls13*)
|
||||
echo "TLS13"
|
||||
return;;
|
||||
esac
|
||||
case $2 in
|
||||
*tls1_3*|*tls13*)
|
||||
echo "TLS13"
|
||||
return;;
|
||||
esac
|
||||
echo "TLS12"
|
||||
}
|
||||
|
||||
# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
|
||||
# Options: -s pattern pattern that must be present in server output
|
||||
# -c pattern pattern that must be present in client output
|
||||
@ -1448,8 +1526,9 @@ run_test() {
|
||||
|
||||
# If the client or server requires certain features that can be detected
|
||||
# from their command-line arguments, check that they're enabled.
|
||||
detect_required_features "$SRV_CMD" "$@"
|
||||
detect_required_features "$CLI_CMD" "$@"
|
||||
TLS_VERSION=$(get_tls_version "$SRV_CMD" "$CLI_CMD")
|
||||
detect_required_features "$SRV_CMD" "server" "$TLS_VERSION" "$@"
|
||||
detect_required_features "$CLI_CMD" "client" "$TLS_VERSION" "$@"
|
||||
|
||||
# If we're in a PSK-only build and the test can be adapted to PSK, do that.
|
||||
maybe_adapt_for_psk "$@"
|
||||
@ -1813,7 +1892,6 @@ run_test "key size: TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_hash_alg SHA_256
|
||||
run_test "TLS: password protected client key" \
|
||||
"$P_SRV auth_mode=required" \
|
||||
@ -1822,7 +1900,6 @@ run_test "TLS: password protected client key" \
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_hash_alg SHA_256
|
||||
run_test "TLS: password protected server key" \
|
||||
"$P_SRV crt_file=data_files/server5.crt key_file=data_files/server5.key.enc key_pwd=PolarSSLTest" \
|
||||
@ -1831,7 +1908,6 @@ run_test "TLS: password protected server key" \
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_hash_alg SHA_256
|
||||
run_test "TLS: password protected server key, two certificates" \
|
||||
@ -1854,7 +1930,6 @@ run_test "CA callback on client" \
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_hash_alg SHA_256
|
||||
run_test "CA callback on server" \
|
||||
"$P_SRV auth_mode=required" \
|
||||
@ -1870,7 +1945,7 @@ run_test "CA callback on server" \
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_hash_alg SHA_256
|
||||
run_test "Opaque key for client authentication: ECDHE-ECDSA" \
|
||||
"$P_SRV auth_mode=required crt_file=data_files/server5.crt \
|
||||
@ -1889,7 +1964,6 @@ run_test "Opaque key for client authentication: ECDHE-ECDSA" \
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_hash_alg SHA_256
|
||||
run_test "Opaque key for client authentication: ECDHE-RSA" \
|
||||
@ -1928,7 +2002,7 @@ run_test "Opaque key for client authentication: DHE-RSA" \
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_hash_alg SHA_256
|
||||
run_test "Opaque key for server authentication: ECDHE-ECDSA" \
|
||||
"$P_SRV key_opaque=1 crt_file=data_files/server5.crt \
|
||||
@ -1945,7 +2019,6 @@ run_test "Opaque key for server authentication: ECDHE-ECDSA" \
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_hash_alg SHA_256
|
||||
run_test "Opaque key for server authentication: ECDH-" \
|
||||
"$P_SRV force_version=tls12 auth_mode=required key_opaque=1\
|
||||
@ -1963,7 +2036,6 @@ run_test "Opaque key for server authentication: ECDH-" \
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_disabled MBEDTLS_SSL_ASYNC_PRIVATE
|
||||
requires_hash_alg SHA_256
|
||||
run_test "Opaque key for server authentication: invalid key: decrypt with ECC key, no async" \
|
||||
@ -1998,7 +2070,6 @@ run_test "Opaque key for server authentication: invalid key: ecdh with RSA ke
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
|
||||
requires_hash_alg SHA_256
|
||||
run_test "Opaque key for server authentication: invalid alg: decrypt with ECC key, async" \
|
||||
@ -2015,7 +2086,6 @@ run_test "Opaque key for server authentication: invalid alg: decrypt with ECC
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
|
||||
requires_hash_alg SHA_256
|
||||
@ -2033,7 +2103,6 @@ run_test "Opaque key for server authentication: invalid alg: ecdh with RSA ke
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_hash_alg SHA_256
|
||||
requires_config_enabled MBEDTLS_CCM_C
|
||||
run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with ecdh" \
|
||||
@ -2050,7 +2119,7 @@ run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_hash_alg SHA_256
|
||||
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
|
||||
run_test "Opaque keys for server authentication: EC keys with different algs, force ECDHE-ECDSA" \
|
||||
@ -2071,7 +2140,6 @@ run_test "Opaque keys for server authentication: EC keys with different algs,
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_hash_alg SHA_384
|
||||
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
|
||||
run_test "Opaque keys for server authentication: EC keys with different algs, force ECDH-ECDSA" \
|
||||
@ -2092,7 +2160,6 @@ run_test "Opaque keys for server authentication: EC keys with different algs,
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_hash_alg SHA_384
|
||||
requires_config_enabled MBEDTLS_CCM_C
|
||||
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
|
||||
@ -2176,7 +2243,6 @@ run_test "TLS 1.3 opaque key: 2 keys on server, suitable algorithm found" \
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_hash_alg SHA_256
|
||||
run_test "Opaque key for server authentication: ECDHE-RSA" \
|
||||
@ -2194,7 +2260,6 @@ run_test "Opaque key for server authentication: ECDHE-RSA" \
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_hash_alg SHA_256
|
||||
run_test "Opaque key for server authentication: DHE-RSA" \
|
||||
@ -2246,7 +2311,6 @@ run_test "Opaque key for server authentication: RSA-" \
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_hash_alg SHA_256
|
||||
run_test "Opaque key for server authentication: DHE-RSA, PSS instead of PKCS1" \
|
||||
@ -2263,7 +2327,6 @@ run_test "Opaque key for server authentication: DHE-RSA, PSS instead of PKCS1
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_hash_alg SHA_256
|
||||
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
|
||||
@ -2285,7 +2348,6 @@ run_test "Opaque keys for server authentication: RSA keys with different algs
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_hash_alg SHA_384
|
||||
requires_config_enabled MBEDTLS_GCM_C
|
||||
@ -2309,7 +2371,7 @@ run_test "Opaque keys for server authentication: EC + RSA, force DHE-RSA" \
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_hash_alg SHA_256
|
||||
run_test "Opaque key for client/server authentication: ECDHE-ECDSA" \
|
||||
"$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \
|
||||
@ -2330,7 +2392,6 @@ run_test "Opaque key for client/server authentication: ECDHE-ECDSA" \
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_hash_alg SHA_256
|
||||
run_test "Opaque key for client/server authentication: ECDHE-RSA" \
|
||||
@ -2351,7 +2412,6 @@ run_test "Opaque key for client/server authentication: ECDHE-RSA" \
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
|
||||
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_hash_alg SHA_256
|
||||
run_test "Opaque key for client/server authentication: DHE-RSA" \
|
||||
@ -2436,7 +2496,8 @@ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
requires_config_enabled MBEDTLS_SSL_SRV_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
requires_pk_alg "ECDSA"
|
||||
requires_hash_alg SHA_256
|
||||
run_test "Single supported algorithm sending: mbedtls client" \
|
||||
"$P_SRV sig_algs=ecdsa_secp256r1_sha256 auth_mode=required" \
|
||||
@ -2446,7 +2507,6 @@ run_test "Single supported algorithm sending: mbedtls client" \
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_SSL_SRV_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
requires_hash_alg SHA_256
|
||||
run_test "Single supported algorithm sending: openssl client" \
|
||||
@ -5298,7 +5358,6 @@ run_test "Authentication: server badcert, client required" \
|
||||
-c "X509 - Certificate verification failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: server badcert, client optional" \
|
||||
"$P_SRV crt_file=data_files/server5-badsign.crt \
|
||||
key_file=data_files/server5.key" \
|
||||
@ -5342,7 +5401,6 @@ run_test "Authentication: server goodcert, client required, no trusted CA" \
|
||||
|
||||
requires_config_enabled MBEDTLS_ECP_C
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: server ECDH p256v1, client required, p256v1 unsupported" \
|
||||
"$P_SRV debug_level=1 key_file=data_files/server5.key \
|
||||
crt_file=data_files/server5.ku-ka.crt" \
|
||||
@ -5354,7 +5412,6 @@ run_test "Authentication: server ECDH p256v1, client required, p256v1 unsuppo
|
||||
|
||||
requires_config_enabled MBEDTLS_ECP_C
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: server ECDH p256v1, client optional, p256v1 unsupported" \
|
||||
"$P_SRV debug_level=1 key_file=data_files/server5.key \
|
||||
crt_file=data_files/server5.ku-ka.crt" \
|
||||
@ -5365,7 +5422,6 @@ run_test "Authentication: server ECDH p256v1, client optional, p256v1 unsuppo
|
||||
-c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: server badcert, client none" \
|
||||
"$P_SRV crt_file=data_files/server5-badsign.crt \
|
||||
key_file=data_files/server5.key" \
|
||||
@ -5522,7 +5578,6 @@ run_test "Authentication: client no cert, server optional" \
|
||||
-S "X509 - Certificate verification failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: openssl client no cert, server optional" \
|
||||
"$P_SRV debug_level=3 auth_mode=optional" \
|
||||
"$O_CLI" \
|
||||
@ -5534,7 +5589,6 @@ run_test "Authentication: openssl client no cert, server optional" \
|
||||
-S "X509 - Certificate verification failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: client no cert, openssl server optional" \
|
||||
"$O_SRV -verify 10 -tls1_2" \
|
||||
"$P_CLI debug_level=3 crt_file=none key_file=none" \
|
||||
@ -5546,7 +5600,6 @@ run_test "Authentication: client no cert, openssl server optional" \
|
||||
-C "! mbedtls_ssl_handshake returned"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: client no cert, openssl server required" \
|
||||
"$O_SRV -Verify 10 -tls1_2" \
|
||||
"$P_CLI debug_level=3 crt_file=none key_file=none" \
|
||||
@ -5672,7 +5725,6 @@ run_test "Authentication: do not send CA list in CertificateRequest" \
|
||||
-S "requested DN"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: send CA list in CertificateRequest, client self signed" \
|
||||
"$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \
|
||||
"$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
|
||||
@ -5726,7 +5778,6 @@ run_test "Authentication: send alt hs DN hints in CertificateRequest" \
|
||||
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: server badcert, client required" \
|
||||
"$P_SRV crt_file=data_files/server5-badsign.crt \
|
||||
key_file=data_files/server5.key" \
|
||||
@ -5740,7 +5791,6 @@ run_test "Authentication, CA callback: server badcert, client required" \
|
||||
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: server badcert, client optional" \
|
||||
"$P_SRV crt_file=data_files/server5-badsign.crt \
|
||||
key_file=data_files/server5.key" \
|
||||
@ -5762,7 +5812,6 @@ run_test "Authentication, CA callback: server badcert, client optional" \
|
||||
requires_config_enabled MBEDTLS_ECP_C
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: server ECDH p256v1, client required, p256v1 unsupported" \
|
||||
"$P_SRV debug_level=1 key_file=data_files/server5.key \
|
||||
crt_file=data_files/server5.ku-ka.crt" \
|
||||
@ -5776,7 +5825,6 @@ run_test "Authentication, CA callback: server ECDH p256v1, client required, p
|
||||
requires_config_enabled MBEDTLS_ECP_C
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: server ECDH p256v1, client optional, p256v1 unsupported" \
|
||||
"$P_SRV debug_level=1 key_file=data_files/server5.key \
|
||||
crt_file=data_files/server5.ku-ka.crt" \
|
||||
@ -5815,7 +5863,6 @@ run_test "Authentication, CA callback: client SHA384, server required" \
|
||||
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: client badcert, server required" \
|
||||
"$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
|
||||
"$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
|
||||
@ -5840,7 +5887,6 @@ run_test "Authentication, CA callback: client badcert, server required" \
|
||||
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: client cert not trusted, server required" \
|
||||
"$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
|
||||
"$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
|
||||
@ -5861,7 +5907,6 @@ run_test "Authentication, CA callback: client cert not trusted, server requir
|
||||
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: client badcert, server optional" \
|
||||
"$P_SRV ca_callback=1 debug_level=3 auth_mode=optional" \
|
||||
"$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
|
||||
@ -6643,6 +6688,7 @@ run_test "keyUsage srv: RSA, keyAgreement -> fail" \
|
||||
-C "Ciphersuite is "
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
run_test "keyUsage srv: ECDSA, digitalSignature -> ECDHE-ECDSA" \
|
||||
"$P_SRV key_file=data_files/server5.key \
|
||||
crt_file=data_files/server5.ku-ds.crt" \
|
||||
@ -9044,6 +9090,10 @@ run_test "SSL async private: error in resume then operate correctly" \
|
||||
# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly
|
||||
requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
# Note: the function "detect_required_features()" is not able to detect more than
|
||||
# one "force_ciphersuite" per client/server and it only picks the 2nd one.
|
||||
# Therefore the 1st one is added explicitly here
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
run_test "SSL async private: cancel after start then fall back to transparent key" \
|
||||
"$P_SRV \
|
||||
async_operations=s async_private_delay1=1 async_private_error=-2 \
|
||||
@ -9063,6 +9113,10 @@ run_test "SSL async private: cancel after start then fall back to transparent
|
||||
# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly
|
||||
requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
# Note: the function "detect_required_features()" is not able to detect more than
|
||||
# one "force_ciphersuite" per client/server and it only picks the 2nd one.
|
||||
# Therefore the 1st one is added explicitly here
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
run_test "SSL async private: sign, error in resume then fall back to transparent key" \
|
||||
"$P_SRV \
|
||||
async_operations=s async_private_delay1=1 async_private_error=-3 \
|
||||
@ -9158,7 +9212,6 @@ run_test "Force a non ECC ciphersuite in the server side" \
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
|
||||
requires_hash_alg SHA_256
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "Force an ECC ciphersuite in the client side" \
|
||||
"$P_SRV debug_level=3" \
|
||||
@ -9172,7 +9225,6 @@ run_test "Force an ECC ciphersuite in the client side" \
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
|
||||
requires_hash_alg SHA_256
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "Force an ECC ciphersuite in the server side" \
|
||||
"$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
|
||||
@ -9448,7 +9500,6 @@ run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||
requires_max_content_len 4096
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
@ -9470,7 +9521,6 @@ run_test "DTLS fragmenting: none (for reference)" \
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||
requires_max_content_len 2048
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
@ -9496,7 +9546,6 @@ run_test "DTLS fragmenting: server only (max_frag_len)" \
|
||||
# `client-initiated, server only (max_frag_len)` below.
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||
requires_max_content_len 4096
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
@ -9518,7 +9567,6 @@ run_test "DTLS fragmenting: server only (more) (max_frag_len)" \
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||
requires_max_content_len 2048
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
@ -9547,7 +9595,6 @@ run_test "DTLS fragmenting: client-initiated, server only (max_frag_len)" \
|
||||
# negotiated MFL are sent.
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||
requires_max_content_len 2048
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
@ -9570,7 +9617,6 @@ run_test "DTLS fragmenting: client-initiated, server only (max_frag_len), pro
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||
requires_max_content_len 2048
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
@ -9599,7 +9645,6 @@ run_test "DTLS fragmenting: client-initiated, both (max_frag_len)" \
|
||||
# negotiated MFL are sent.
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||
requires_max_content_len 2048
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
@ -9622,7 +9667,6 @@ run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_max_content_len 4096
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "DTLS fragmenting: none (for reference) (MTU)" \
|
||||
@ -9643,7 +9687,6 @@ run_test "DTLS fragmenting: none (for reference) (MTU)" \
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_max_content_len 4096
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "DTLS fragmenting: client (MTU)" \
|
||||
@ -9664,7 +9707,6 @@ run_test "DTLS fragmenting: client (MTU)" \
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_max_content_len 2048
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "DTLS fragmenting: server (MTU)" \
|
||||
@ -9685,7 +9727,6 @@ run_test "DTLS fragmenting: server (MTU)" \
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_max_content_len 2048
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "DTLS fragmenting: both (MTU=1024)" \
|
||||
@ -9708,9 +9749,7 @@ run_test "DTLS fragmenting: both (MTU=1024)" \
|
||||
# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_hash_alg SHA_256
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
requires_config_enabled MBEDTLS_GCM_C
|
||||
requires_max_content_len 2048
|
||||
@ -9742,8 +9781,6 @@ run_test "DTLS fragmenting: both (MTU=512)" \
|
||||
not_with_valgrind
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
requires_config_enabled MBEDTLS_GCM_C
|
||||
requires_max_content_len 2048
|
||||
@ -9768,8 +9805,6 @@ run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \
|
||||
only_with_valgrind
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
requires_config_enabled MBEDTLS_GCM_C
|
||||
requires_max_content_len 2048
|
||||
@ -9796,7 +9831,6 @@ run_test "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \
|
||||
not_with_valgrind # spurious autoreduction due to timeout
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_max_content_len 2048
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \
|
||||
@ -9824,8 +9858,6 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \
|
||||
not_with_valgrind # spurious autoreduction due to timeout
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
requires_config_enabled MBEDTLS_GCM_C
|
||||
requires_max_content_len 2048
|
||||
@ -9852,7 +9884,6 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \
|
||||
not_with_valgrind # spurious autoreduction due to timeout
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_max_content_len 2048
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \
|
||||
@ -9877,8 +9908,6 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \
|
||||
not_with_valgrind # spurious autoreduction due to timeout
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
requires_config_enabled MBEDTLS_GCM_C
|
||||
requires_max_content_len 2048
|
||||
@ -9915,8 +9944,6 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \
|
||||
not_with_valgrind # spurious autoreduction due to timeout
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
requires_config_enabled MBEDTLS_GCM_C
|
||||
requires_max_content_len 2048
|
||||
@ -9945,9 +9972,7 @@ run_test "DTLS fragmenting: proxy MTU, resumed handshake" \
|
||||
not_with_valgrind # spurious autoreduction due to timeout
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_hash_alg SHA_256
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
requires_config_enabled MBEDTLS_CHACHAPOLY_C
|
||||
requires_max_content_len 2048
|
||||
@ -9978,9 +10003,7 @@ run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \
|
||||
not_with_valgrind # spurious autoreduction due to timeout
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_hash_alg SHA_256
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
requires_config_enabled MBEDTLS_GCM_C
|
||||
@ -10012,9 +10035,7 @@ run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \
|
||||
not_with_valgrind # spurious autoreduction due to timeout
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_hash_alg SHA_256
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
requires_config_enabled MBEDTLS_CCM_C
|
||||
@ -10046,9 +10067,7 @@ run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \
|
||||
not_with_valgrind # spurious autoreduction due to timeout
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_hash_alg SHA_256
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
|
||||
@ -10081,9 +10100,7 @@ run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \
|
||||
not_with_valgrind # spurious autoreduction due to timeout
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_hash_alg SHA_256
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
|
||||
@ -10113,8 +10130,6 @@ run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
|
||||
# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
requires_config_enabled MBEDTLS_GCM_C
|
||||
client_needs_more_time 2
|
||||
@ -10139,8 +10154,6 @@ run_test "DTLS fragmenting: proxy MTU + 3d" \
|
||||
# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
requires_config_enabled MBEDTLS_GCM_C
|
||||
client_needs_more_time 2
|
||||
@ -10168,7 +10181,6 @@ run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \
|
||||
# pleases other implementations, so we don't need the peer to fragment
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_gnutls
|
||||
requires_max_content_len 2048
|
||||
run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \
|
||||
@ -10190,7 +10202,6 @@ run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \
|
||||
# GnuTLS continue the connection nonetheless.
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_gnutls
|
||||
requires_not_i686
|
||||
requires_max_content_len 2048
|
||||
@ -10205,7 +10216,6 @@ run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_max_content_len 2048
|
||||
run_test "DTLS fragmenting: openssl server, DTLS 1.2" \
|
||||
"$O_SRV -dtls1_2 -verify 10" \
|
||||
@ -10219,7 +10229,6 @@ run_test "DTLS fragmenting: openssl server, DTLS 1.2" \
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
requires_max_content_len 2048
|
||||
run_test "DTLS fragmenting: openssl client, DTLS 1.2" \
|
||||
"$P_SRV dtls=1 debug_level=2 \
|
||||
@ -10237,7 +10246,6 @@ run_test "DTLS fragmenting: openssl client, DTLS 1.2" \
|
||||
requires_gnutls_next
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
client_needs_more_time 4
|
||||
requires_max_content_len 2048
|
||||
run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \
|
||||
@ -10254,7 +10262,6 @@ run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \
|
||||
requires_gnutls_next
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
client_needs_more_time 4
|
||||
requires_max_content_len 2048
|
||||
run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \
|
||||
@ -10272,7 +10279,6 @@ run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \
|
||||
requires_openssl_next
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
client_needs_more_time 4
|
||||
requires_max_content_len 2048
|
||||
run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \
|
||||
@ -10291,7 +10297,6 @@ run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \
|
||||
skip_next_test
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
client_needs_more_time 4
|
||||
requires_max_content_len 2048
|
||||
run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \
|
||||
|
||||
@ -18,7 +18,7 @@
|
||||
/* BEGIN_CASE */
|
||||
void mbedtls_ct_memcmp_null()
|
||||
{
|
||||
uint32_t x;
|
||||
uint32_t x = 0;
|
||||
TEST_ASSERT(mbedtls_ct_memcmp(&x, NULL, 0) == 0);
|
||||
TEST_ASSERT(mbedtls_ct_memcmp(NULL, &x, 0) == 0);
|
||||
TEST_ASSERT(mbedtls_ct_memcmp(NULL, NULL, 0) == 0);
|
||||
|
||||
@ -1038,3 +1038,115 @@ ecp_check_order:MBEDTLS_ECP_DP_SECP256K1:"fffffffffffffffffffffffffffffffebaaedc
|
||||
ECP check order for CURVE448
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
|
||||
ecp_check_order:MBEDTLS_ECP_DP_CURVE448:"3fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3"
|
||||
|
||||
ecp_setup #1 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP192R1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||
ecp_mod_setup:"fffffffffffffffffffffffffffffffeffffffffffffffff":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_COORDINATE:0
|
||||
|
||||
ecp_setup #2 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224R1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
|
||||
ecp_mod_setup:"00000000ffffffffffffffffffffffffffffffff000000000000000000000001":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_COORDINATE:0
|
||||
|
||||
ecp_setup #3 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP256R1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
ecp_mod_setup:"ffffffff00000001000000000000000000000000ffffffffffffffffffffffff":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_COORDINATE:0
|
||||
|
||||
ecp_setup #4 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP384R1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
ecp_mod_setup:"fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_COORDINATE:0
|
||||
|
||||
ecp_setup #5 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP521R1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
|
||||
ecp_mod_setup:"1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_COORDINATE:0
|
||||
|
||||
ecp_setup #6 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP256R1)
|
||||
depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
|
||||
ecp_mod_setup:"a9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5377":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_COORDINATE:0
|
||||
|
||||
ecp_setup #7 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP384R1)
|
||||
depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
|
||||
ecp_mod_setup:"8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_COORDINATE:0
|
||||
|
||||
ecp_setup #8 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP512R1)
|
||||
depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
|
||||
ecp_mod_setup:"aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f3":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_COORDINATE:0
|
||||
|
||||
ecp_setup #9 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_CURVE25519)
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
ecp_mod_setup:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_COORDINATE:0
|
||||
|
||||
ecp_setup #10 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP192K1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
|
||||
ecp_mod_setup:"fffffffffffffffffffffffffffffffffffffffeffffee37":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_COORDINATE:0
|
||||
|
||||
ecp_setup #11 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224K1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
|
||||
ecp_mod_setup:"fffffffffffffffffffffffffffffffffffffffffffffffeffffe56d":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_COORDINATE:0
|
||||
|
||||
ecp_setup #12 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP256K1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
|
||||
ecp_mod_setup:"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_COORDINATE:0
|
||||
|
||||
ecp_setup #13 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_CURVE448)
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
|
||||
ecp_mod_setup:"000000000000000fffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffffff":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_COORDINATE:0
|
||||
|
||||
ecp_setup #14 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192R1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||
ecp_mod_setup:"ffffffffffffffffffffffff99def836146bc9b1b4d22831":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_SCALAR:0
|
||||
|
||||
ecp_setup #15 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224R1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
|
||||
ecp_mod_setup:"ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_SCALAR:0
|
||||
|
||||
ecp_setup #16 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256R1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
ecp_mod_setup:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_SCALAR:0
|
||||
|
||||
ecp_setup #17 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP384R1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
ecp_mod_setup:"ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_SCALAR:0
|
||||
|
||||
ecp_setup #18 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP521R1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
|
||||
ecp_mod_setup:"1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_SCALAR:0
|
||||
|
||||
ecp_setup #19 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP256R1)
|
||||
depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
|
||||
ecp_mod_setup:"a9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_SCALAR:0
|
||||
|
||||
ecp_setup #20 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP384R1)
|
||||
depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
|
||||
ecp_mod_setup:"8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_COORDINATE:0
|
||||
|
||||
ecp_setup #21 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP512R1)
|
||||
depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
|
||||
ecp_mod_setup:"aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330870553e5c414ca92619418661197fac10471db1d381085ddaddb58796829ca90069":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_SCALAR:0
|
||||
|
||||
ecp_setup #22 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE25519)
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
ecp_mod_setup:"1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ed":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_SCALAR:0
|
||||
|
||||
ecp_setup #23 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192K1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
|
||||
ecp_mod_setup:"fffffffffffffffffffffffe26f2fc170f69466a74defd8d":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_SCALAR:0
|
||||
|
||||
ecp_setup #24 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
|
||||
ecp_mod_setup:"000000010000000000000000000000000001dce8d2ec6184caf0a971769fb1f7":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR:0
|
||||
|
||||
ecp_setup #25 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256K1)
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
|
||||
ecp_mod_setup:"fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_SCALAR:0
|
||||
|
||||
ecp_setup #26 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE448)
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
|
||||
ecp_mod_setup:"0000000000000003fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_SCALAR:0
|
||||
|
||||
ecp_setup_negative_test #27 Invalid Moduli Type
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
|
||||
ecp_mod_setup:"fffffffffffffffffffffffe26f2fc17f69466a74defd8d":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_NONE:MBEDTLS_ERR_ECP_BAD_INPUT_DATA
|
||||
|
||||
ecp_setup_negative_test #28 Invalid Curve Type
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
|
||||
ecp_mod_setup:"fffffffffffffffffffffffe26f2fc17f69466a74defd8d":MBEDTLS_ECP_DP_NONE:MBEDTLS_ECP_MOD_SCALAR:MBEDTLS_ERR_ECP_BAD_INPUT_DATA
|
||||
|
||||
@ -1,15 +1,15 @@
|
||||
/* BEGIN_HEADER */
|
||||
#include "mbedtls/ecp.h"
|
||||
#include "ecp_invasive.h"
|
||||
#include "mbedtls/ecdsa.h"
|
||||
#include "mbedtls/ecdh.h"
|
||||
|
||||
#include "bignum_core.h"
|
||||
#include "bignum_mod_raw_invasive.h"
|
||||
#include "ecp_invasive.h"
|
||||
#include "bignum_mod_raw_invasive.h"
|
||||
|
||||
#if defined(MBEDTLS_TEST_HOOKS) && \
|
||||
(defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
|
||||
defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
|
||||
(defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
|
||||
defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED))
|
||||
#define HAVE_FIX_NEGATIVE
|
||||
#endif
|
||||
@ -1344,3 +1344,129 @@ exit:
|
||||
mbedtls_free(N);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
|
||||
void ecp_mod_p224_raw(char *input_N,
|
||||
char *input_X,
|
||||
char *result)
|
||||
{
|
||||
mbedtls_mpi_uint *X = NULL;
|
||||
mbedtls_mpi_uint *N = NULL;
|
||||
mbedtls_mpi_uint *res = NULL;
|
||||
size_t limbs_X;
|
||||
size_t limbs_N;
|
||||
size_t limbs_res;
|
||||
|
||||
mbedtls_mpi_mod_modulus m;
|
||||
mbedtls_mpi_mod_modulus_init(&m);
|
||||
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&X, &limbs_X, input_X), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&N, &limbs_N, input_N), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&res, &limbs_res, result), 0);
|
||||
|
||||
size_t limbs = limbs_N;
|
||||
size_t bytes = limbs * sizeof(mbedtls_mpi_uint);
|
||||
|
||||
TEST_EQUAL(limbs_X, 448 / biL);
|
||||
TEST_EQUAL(limbs_res, limbs);
|
||||
|
||||
TEST_EQUAL(mbedtls_mpi_mod_modulus_setup(
|
||||
&m, N, limbs,
|
||||
MBEDTLS_MPI_MOD_REP_MONTGOMERY), 0);
|
||||
|
||||
TEST_EQUAL(mbedtls_ecp_mod_p224_raw(X, limbs_X), 0);
|
||||
TEST_LE_U(mbedtls_mpi_core_bitlen(X, limbs_X), 224);
|
||||
mbedtls_mpi_mod_raw_fix_quasi_reduction(X, &m);
|
||||
ASSERT_COMPARE(X, bytes, res, bytes);
|
||||
|
||||
exit:
|
||||
mbedtls_free(X);
|
||||
mbedtls_free(res);
|
||||
|
||||
mbedtls_mpi_mod_modulus_free(&m);
|
||||
mbedtls_free(N);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
|
||||
void ecp_mod_p521_raw(char *input_N,
|
||||
char *input_X,
|
||||
char *result)
|
||||
{
|
||||
mbedtls_mpi_uint *X = NULL;
|
||||
mbedtls_mpi_uint *N = NULL;
|
||||
mbedtls_mpi_uint *res = NULL;
|
||||
size_t limbs_X;
|
||||
size_t limbs_N;
|
||||
size_t limbs_res;
|
||||
|
||||
mbedtls_mpi_mod_modulus m;
|
||||
mbedtls_mpi_mod_modulus_init(&m);
|
||||
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&X, &limbs_X, input_X), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&N, &limbs_N, input_N), 0);
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&res, &limbs_res, result), 0);
|
||||
|
||||
size_t limbs = limbs_N;
|
||||
size_t bytes = limbs * sizeof(mbedtls_mpi_uint);
|
||||
|
||||
TEST_EQUAL(limbs_X, 2 * limbs);
|
||||
TEST_EQUAL(limbs_res, limbs);
|
||||
|
||||
TEST_EQUAL(mbedtls_mpi_mod_modulus_setup(
|
||||
&m, N, limbs,
|
||||
MBEDTLS_MPI_MOD_REP_MONTGOMERY), 0);
|
||||
|
||||
TEST_EQUAL(mbedtls_ecp_mod_p521_raw(X, limbs_X), 0);
|
||||
TEST_LE_U(mbedtls_mpi_core_bitlen(X, limbs_X), 522);
|
||||
mbedtls_mpi_mod_raw_fix_quasi_reduction(X, &m);
|
||||
ASSERT_COMPARE(X, bytes, res, bytes);
|
||||
|
||||
exit:
|
||||
mbedtls_free(X);
|
||||
mbedtls_free(res);
|
||||
|
||||
mbedtls_mpi_mod_modulus_free(&m);
|
||||
mbedtls_free(N);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
|
||||
void ecp_mod_setup(char *input_A, int id, int ctype, int iret)
|
||||
{
|
||||
int ret;
|
||||
mbedtls_mpi_mod_modulus m;
|
||||
mbedtls_mpi_mod_modulus_init(&m);
|
||||
mbedtls_mpi_uint *p = NULL;
|
||||
size_t p_limbs;
|
||||
size_t bytes;
|
||||
|
||||
TEST_EQUAL(mbedtls_test_read_mpi_core(&p, &p_limbs, input_A), 0);
|
||||
|
||||
ret = mbedtls_ecp_modulus_setup(&m, id, ctype);
|
||||
TEST_EQUAL(ret, iret);
|
||||
|
||||
if (ret == 0) {
|
||||
|
||||
/* Test for limb sizes */
|
||||
TEST_EQUAL(m.limbs, p_limbs);
|
||||
bytes = p_limbs * sizeof(mbedtls_mpi_uint);
|
||||
|
||||
/* Test for validity of moduli by the presence of Montgomery consts */
|
||||
|
||||
TEST_ASSERT(m.rep.mont.mm != 0);
|
||||
TEST_ASSERT(m.rep.mont.rr != NULL);
|
||||
|
||||
|
||||
/* Compare output byte-by-byte */
|
||||
ASSERT_COMPARE(p, bytes, m.p, bytes);
|
||||
|
||||
/* Test for user free-ing allocated memory */
|
||||
mbedtls_mpi_mod_modulus_free(&m);
|
||||
}
|
||||
|
||||
exit:
|
||||
mbedtls_mpi_mod_modulus_free(&m);
|
||||
mbedtls_free(p);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
# Tests of the generic message digest interface
|
||||
MD process
|
||||
mbedtls_md_process:
|
||||
MD list
|
||||
mbedtls_md_list:
|
||||
|
||||
MD NULL/uninitialised arguments
|
||||
md_null_args:
|
||||
|
||||
@ -3,35 +3,29 @@
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_DEPENDENCIES
|
||||
* depends_on:MBEDTLS_MD_C
|
||||
* depends_on:MBEDTLS_MD_LIGHT
|
||||
* END_DEPENDENCIES
|
||||
*/
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void mbedtls_md_process()
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_MD_C */
|
||||
void mbedtls_md_list()
|
||||
{
|
||||
const int *md_type_ptr;
|
||||
const mbedtls_md_info_t *info;
|
||||
mbedtls_md_context_t ctx;
|
||||
unsigned char buf[150];
|
||||
unsigned char out[MBEDTLS_MD_MAX_SIZE] = { 0 };
|
||||
|
||||
mbedtls_md_init(&ctx);
|
||||
memset(buf, 0, sizeof(buf));
|
||||
|
||||
/*
|
||||
* Very minimal testing of mbedtls_md_process, just make sure the various
|
||||
* xxx_process_wrap() function pointers are valid. (Testing that they
|
||||
* indeed do the right thing would require messing with the internal
|
||||
* state of the underlying mbedtls_md/sha context.)
|
||||
*
|
||||
* Also tests that mbedtls_md_list() only returns valid MDs.
|
||||
* Test that mbedtls_md_list() only returns valid MDs.
|
||||
*/
|
||||
for (md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++) {
|
||||
info = mbedtls_md_info_from_type(*md_type_ptr);
|
||||
TEST_ASSERT(info != NULL);
|
||||
TEST_EQUAL(0, mbedtls_md_setup(&ctx, info, 0));
|
||||
TEST_EQUAL(0, mbedtls_md_starts(&ctx));
|
||||
TEST_EQUAL(0, mbedtls_md_process(&ctx, buf));
|
||||
TEST_EQUAL(0, mbedtls_md_finish(&ctx, out));
|
||||
mbedtls_md_free(&ctx);
|
||||
}
|
||||
|
||||
@ -44,21 +38,27 @@ exit:
|
||||
void md_null_args()
|
||||
{
|
||||
mbedtls_md_context_t ctx;
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
const mbedtls_md_info_t *info = mbedtls_md_info_from_type(*(mbedtls_md_list()));
|
||||
#endif
|
||||
unsigned char buf[1] = { 0 };
|
||||
|
||||
mbedtls_md_init(&ctx);
|
||||
|
||||
TEST_EQUAL(0, mbedtls_md_get_size(NULL));
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
TEST_EQUAL(mbedtls_md_get_type(NULL), MBEDTLS_MD_NONE);
|
||||
TEST_ASSERT(mbedtls_md_get_name(NULL) == NULL);
|
||||
|
||||
TEST_ASSERT(mbedtls_md_info_from_string(NULL) == NULL);
|
||||
TEST_ASSERT(mbedtls_md_info_from_ctx(NULL) == NULL);
|
||||
TEST_ASSERT(mbedtls_md_info_from_ctx(&ctx) == NULL);
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
TEST_EQUAL(mbedtls_md_setup(&ctx, NULL, 0), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
TEST_EQUAL(mbedtls_md_setup(NULL, info, 0), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
|
||||
#endif
|
||||
|
||||
TEST_EQUAL(mbedtls_md_starts(NULL), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
|
||||
TEST_EQUAL(mbedtls_md_starts(&ctx), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
|
||||
@ -71,6 +71,7 @@ void md_null_args()
|
||||
|
||||
TEST_EQUAL(mbedtls_md(NULL, buf, 1, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
#if defined(MBEDTLS_FS_IO)
|
||||
TEST_EQUAL(mbedtls_md_file(NULL, "", buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
|
||||
#endif
|
||||
@ -93,13 +94,13 @@ void md_null_args()
|
||||
|
||||
TEST_EQUAL(mbedtls_md_hmac(NULL, buf, 1, buf, 1, buf),
|
||||
MBEDTLS_ERR_MD_BAD_INPUT_DATA);
|
||||
|
||||
TEST_EQUAL(mbedtls_md_process(NULL, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
|
||||
TEST_EQUAL(mbedtls_md_process(&ctx, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
/* Ok, this is not NULL arg but NULL return... */
|
||||
TEST_ASSERT(mbedtls_md_info_from_type(MBEDTLS_MD_NONE) == NULL);
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
TEST_ASSERT(mbedtls_md_info_from_string("no such md") == NULL);
|
||||
#endif
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -107,24 +108,31 @@ void md_null_args()
|
||||
void md_info(int md_type, char *md_name, int md_size)
|
||||
{
|
||||
const mbedtls_md_info_t *md_info;
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
const int *md_type_ptr;
|
||||
int found;
|
||||
#else
|
||||
(void) md_name;
|
||||
#endif
|
||||
|
||||
md_info = mbedtls_md_info_from_type(md_type);
|
||||
TEST_ASSERT(md_info != NULL);
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
TEST_ASSERT(md_info == mbedtls_md_info_from_string(md_name));
|
||||
#endif
|
||||
|
||||
TEST_EQUAL(mbedtls_md_get_type(md_info), (mbedtls_md_type_t) md_type);
|
||||
TEST_EQUAL(mbedtls_md_get_size(md_info), (unsigned char) md_size);
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
TEST_EQUAL(0, strcmp(mbedtls_md_get_name(md_info), md_name));
|
||||
|
||||
found = 0;
|
||||
int found = 0;
|
||||
for (md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++) {
|
||||
if (*md_type_ptr == md_type) {
|
||||
found = 1;
|
||||
}
|
||||
}
|
||||
TEST_EQUAL(found, 1);
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -182,8 +190,10 @@ void md_text_multi(int md_type, char *text_src_string,
|
||||
TEST_ASSERT(md_info != NULL);
|
||||
TEST_EQUAL(0, mbedtls_md_setup(&ctx, md_info, 0));
|
||||
TEST_EQUAL(0, mbedtls_md_setup(&ctx_copy, md_info, 0));
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
TEST_ASSERT(mbedtls_md_info_from_ctx(&ctx) == md_info);
|
||||
TEST_ASSERT(mbedtls_md_info_from_ctx(&ctx_copy) == md_info);
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
TEST_EQUAL(0, mbedtls_md_starts(&ctx));
|
||||
TEST_ASSERT(ctx.md_ctx != NULL);
|
||||
@ -222,8 +232,10 @@ void md_hex_multi(int md_type, data_t *src_str, data_t *hash)
|
||||
TEST_ASSERT(md_info != NULL);
|
||||
TEST_EQUAL(0, mbedtls_md_setup(&ctx, md_info, 0));
|
||||
TEST_EQUAL(0, mbedtls_md_setup(&ctx_copy, md_info, 0));
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
TEST_ASSERT(mbedtls_md_info_from_ctx(&ctx) == md_info);
|
||||
TEST_ASSERT(mbedtls_md_info_from_ctx(&ctx_copy) == md_info);
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
halfway = src_str->len / 2;
|
||||
|
||||
@ -249,7 +261,7 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_MD_C */
|
||||
void mbedtls_md_hmac(int md_type, int trunc_size,
|
||||
data_t *key_str, data_t *src_str,
|
||||
data_t *hash)
|
||||
@ -268,7 +280,7 @@ void mbedtls_md_hmac(int md_type, int trunc_size,
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_MD_C */
|
||||
void md_hmac_multi(int md_type, int trunc_size, data_t *key_str,
|
||||
data_t *src_str, data_t *hash)
|
||||
{
|
||||
@ -282,7 +294,9 @@ void md_hmac_multi(int md_type, int trunc_size, data_t *key_str,
|
||||
md_info = mbedtls_md_info_from_type(md_type);
|
||||
TEST_ASSERT(md_info != NULL);
|
||||
TEST_EQUAL(0, mbedtls_md_setup(&ctx, md_info, 1));
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
TEST_ASSERT(mbedtls_md_info_from_ctx(&ctx) == md_info);
|
||||
#endif
|
||||
|
||||
halfway = src_str->len / 2;
|
||||
|
||||
@ -309,7 +323,7 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_MD_C */
|
||||
void mbedtls_md_file(int md_type, char *filename,
|
||||
data_t *hash)
|
||||
{
|
||||
|
||||
@ -89,3 +89,33 @@ oid_get_md_alg_id:"2b24030201":MBEDTLS_MD_RIPEMD160
|
||||
OID hash id - invalid oid
|
||||
oid_get_md_alg_id:"2B864886f70d0204":-1
|
||||
|
||||
OID get numeric string - hardware module name
|
||||
oid_get_numeric_string:"2B06010505070804":0:"1.3.6.1.5.5.7.8.4"
|
||||
|
||||
OID get numeric string - multi-byte subidentifier
|
||||
oid_get_numeric_string:"29903C":0:"1.1.2108"
|
||||
|
||||
OID get numeric string - second component greater than 39
|
||||
oid_get_numeric_string:"81010000863A00":0:"2.49.0.0.826.0"
|
||||
|
||||
OID get numeric string - multi-byte first subidentifier
|
||||
oid_get_numeric_string:"8837":0:"2.999"
|
||||
|
||||
OID get numeric string - empty oid buffer
|
||||
oid_get_numeric_string:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
|
||||
|
||||
OID get numeric string - no final / all bytes have top bit set
|
||||
oid_get_numeric_string:"818181":MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
|
||||
|
||||
# Encodes the number 0x0400000000 as a subidentifier which overflows 32-bits
|
||||
OID get numeric string - 32-bit overflow
|
||||
oid_get_numeric_string:"C080808000":MBEDTLS_ERR_ASN1_INVALID_DATA:""
|
||||
|
||||
OID get numeric string - 32-bit overflow, second subidentifier
|
||||
oid_get_numeric_string:"2BC080808000":MBEDTLS_ERR_ASN1_INVALID_DATA:""
|
||||
|
||||
OID get numeric string - overlong encoding
|
||||
oid_get_numeric_string:"8001":MBEDTLS_ERR_ASN1_INVALID_DATA:""
|
||||
|
||||
OID get numeric string - overlong encoding, second subidentifier
|
||||
oid_get_numeric_string:"2B8001":MBEDTLS_ERR_ASN1_INVALID_DATA:""
|
||||
|
||||
@ -96,3 +96,24 @@ void oid_get_md_alg_id(data_t *oid, int exp_md_id)
|
||||
}
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void oid_get_numeric_string(data_t *oid, int error_ret, char *result_str)
|
||||
{
|
||||
char buf[256];
|
||||
mbedtls_asn1_buf input_oid = { 0, 0, NULL };
|
||||
int ret;
|
||||
|
||||
input_oid.tag = MBEDTLS_ASN1_OID;
|
||||
input_oid.p = oid->x;
|
||||
input_oid.len = oid->len;
|
||||
|
||||
ret = mbedtls_oid_get_numeric_string(buf, sizeof(buf), &input_oid);
|
||||
|
||||
if (error_ret == 0) {
|
||||
TEST_ASSERT(strcmp(buf, result_str) == 0);
|
||||
} else {
|
||||
TEST_EQUAL(ret, error_ret);
|
||||
}
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -618,7 +618,7 @@ depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_DP_BP512R1_ENABLED
|
||||
pk_psa_sign:MBEDTLS_ECP_DP_BP512R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512
|
||||
|
||||
PSA wrapped sign: RSA PKCS1 v1.5
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME:MBEDTLS_PK_WRITE_C
|
||||
pk_psa_sign:1024:PSA_KEY_TYPE_RSA_KEY_PAIR:1024
|
||||
|
||||
PK Sign ext:RSA2048,PK_RSA,MD_SHA256
|
||||
|
||||
@ -1238,12 +1238,22 @@ void pk_psa_sign(int parameter_arg,
|
||||
}
|
||||
|
||||
/* Export underlying public key for re-importing in a legacy context. */
|
||||
#if defined(MBEDTLS_PK_WRITE_C)
|
||||
ret = mbedtls_pk_write_pubkey_der(&pk, pkey_legacy,
|
||||
sizeof(pkey_legacy));
|
||||
TEST_ASSERT(ret >= 0);
|
||||
klen_legacy = (size_t) ret;
|
||||
/* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
|
||||
pkey_legacy_start = pkey_legacy + sizeof(pkey_legacy) - klen_legacy;
|
||||
#else
|
||||
ret = mbedtls_ecp_point_write_binary(&(mbedtls_pk_ec(pk)->grp),
|
||||
&(mbedtls_pk_ec(pk)->Q),
|
||||
MBEDTLS_ECP_PF_UNCOMPRESSED,
|
||||
&klen_legacy, pkey_legacy,
|
||||
sizeof(pkey_legacy));
|
||||
TEST_EQUAL(ret, 0);
|
||||
pkey_legacy_start = pkey_legacy;
|
||||
#endif /* MBEDTLS_PK_WRITE_C */
|
||||
|
||||
/* Turn PK context into an opaque one. */
|
||||
TEST_ASSERT(mbedtls_pk_wrap_as_opaque(&pk, &key_id, alg_psa,
|
||||
@ -1264,12 +1274,21 @@ void pk_psa_sign(int parameter_arg,
|
||||
NULL, NULL) == 0);
|
||||
|
||||
/* Export underlying public key for re-importing in a psa context. */
|
||||
#if defined(MBEDTLS_PK_WRITE_C)
|
||||
ret = mbedtls_pk_write_pubkey_der(&pk, pkey_psa,
|
||||
sizeof(pkey_psa));
|
||||
TEST_ASSERT(ret >= 0);
|
||||
klen_psa = (size_t) ret;
|
||||
/* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
|
||||
pkey_psa_start = pkey_psa + sizeof(pkey_psa) - klen_psa;
|
||||
#else
|
||||
psa_status_t status;
|
||||
|
||||
status = psa_export_public_key(key_id, pkey_psa, sizeof(pkey_psa),
|
||||
&klen_psa);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
pkey_psa_start = pkey_psa;
|
||||
#endif /* MBEDTLS_PK_WRITE_C */
|
||||
|
||||
TEST_ASSERT(klen_psa == klen_legacy);
|
||||
TEST_ASSERT(memcmp(pkey_psa_start, pkey_legacy_start, klen_psa) == 0);
|
||||
@ -1278,8 +1297,24 @@ void pk_psa_sign(int parameter_arg,
|
||||
TEST_ASSERT(PSA_SUCCESS == psa_destroy_key(key_id));
|
||||
|
||||
mbedtls_pk_init(&pk);
|
||||
TEST_ASSERT(mbedtls_pk_parse_public_key(&pk, pkey_legacy_start,
|
||||
klen_legacy) == 0);
|
||||
|
||||
/* If we used "pk_write" previously, then we go for a "pk_parse" here;
|
||||
* otherwise if we went for "ecp_point_write_binary" then we'll go
|
||||
* for a "ecp_point_read_binary" here. This allows to drop dependencies
|
||||
* on "PK_WRITE" and "PK_PARSE" if required */
|
||||
#if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_PK_PARSE_C)
|
||||
TEST_EQUAL(mbedtls_pk_parse_public_key(&pk, pkey_legacy_start,
|
||||
klen_legacy), 0);
|
||||
#else
|
||||
TEST_EQUAL(mbedtls_pk_setup(&pk,
|
||||
mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)), 0);
|
||||
TEST_EQUAL(mbedtls_ecp_group_load(
|
||||
&(mbedtls_pk_ec(pk)->grp),
|
||||
(mbedtls_ecp_group_id) parameter_arg), 0);
|
||||
TEST_EQUAL(mbedtls_ecp_point_read_binary(&(mbedtls_pk_ec(pk)->grp),
|
||||
&(mbedtls_pk_ec(pk)->Q),
|
||||
pkey_legacy_start, klen_legacy), 0);
|
||||
#endif
|
||||
TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256,
|
||||
hash, sizeof(hash), sig, sig_len) == 0);
|
||||
|
||||
|
||||
@ -10,6 +10,10 @@ PKCS7 Signed Data Parse Pass Without CERT #3
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
pkcs7_parse:"data_files/pkcs7_data_without_cert_signed.der":MBEDTLS_PKCS7_SIGNED_DATA
|
||||
|
||||
PKCS7 Signed Data Parse with zero signers
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
pkcs7_parse:"data_files/pkcs7_data_no_signers.der":MBEDTLS_PKCS7_SIGNED_DATA
|
||||
|
||||
PKCS7 Signed Data Parse Fail with multiple certs #4
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
pkcs7_parse:"data_files/pkcs7_data_multiple_certs_signed.der":MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE
|
||||
@ -30,6 +34,30 @@ PKCS7 Signed Data Parse Fail with corrupted signer info #6
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
pkcs7_parse:"data_files/pkcs7_data_signed_badsigner.der":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO,MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
|
||||
|
||||
PKCS7 Signed Data Parse Fail with corrupted signer info[1] invalid size #6.1
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
pkcs7_parse:"data_files/pkcs7_data_signed_badsigner1_badsize.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO
|
||||
|
||||
PKCS7 Signed Data Parse Fail with corrupted signer info[2] invalid size #6.2
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
pkcs7_parse:"data_files/pkcs7_data_signed_badsigner2_badsize.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO
|
||||
|
||||
PKCS7 Signed Data Parse Fail with corrupted signer info[1] unexpected tag #6.3
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
pkcs7_parse:"data_files/pkcs7_data_signed_badsigner1_badtag.der":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO,MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
|
||||
|
||||
PKCS7 Signed Data Parse Fail with corrupted signer info[2] unexpected tag #6.4
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
pkcs7_parse:"data_files/pkcs7_data_signed_badsigner2_badtag.der":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO,MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
|
||||
|
||||
PKCS7 Signed Data Parse Fail with corrupted signer info[1] fuzz bad #6.5
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
pkcs7_parse:"data_files/pkcs7_data_signed_badsigner1_fuzzbad.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO
|
||||
|
||||
PKCS7 Signed Data Parse Fail with corrupted signer info[2] fuzz bad #6.6
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
pkcs7_parse:"data_files/pkcs7_data_signed_badsigner2_fuzzbad.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO
|
||||
|
||||
PKCS7 Signed Data Parse Fail Version other than 1 #7
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
pkcs7_parse:"data_files/pkcs7_data_cert_signed_v2.der":MBEDTLS_ERR_PKCS7_INVALID_VERSION
|
||||
@ -38,6 +66,14 @@ PKCS7 Signed Data Parse Fail Encrypted Content #8
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
pkcs7_parse:"data_files/pkcs7_data_cert_encrypted.der":MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE
|
||||
|
||||
PKCS7 Signed Data Verification Pass zero-len data
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C
|
||||
pkcs7_verify:"data_files/pkcs7_zerolendata_detached.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_zerolendata.bin":0:0
|
||||
|
||||
PKCS7 Signed Data Verification Fail zero-len data
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C
|
||||
pkcs7_verify:"data_files/pkcs7_zerolendata_detached.der":"data_files/pkcs7-rsa-sha256-2.der":"data_files/pkcs7_zerolendata.bin":0:MBEDTLS_ERR_RSA_VERIFY_FAILED
|
||||
|
||||
PKCS7 Signed Data Verification Pass SHA256 #9
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin":0:0
|
||||
@ -70,13 +106,13 @@ PKCS7 Signed Data Parse Failure Corrupt signerInfo.serial #15.2
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
pkcs7_parse:"data_files/pkcs7_signerInfo_serial_invalid_size.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO
|
||||
|
||||
pkcs7_get_signers_info_set error handling (6213931373035520)
|
||||
depends_on:MBEDTLS_RIPEMD160_C
|
||||
pkcs7_parse:"data_files/pkcs7_get_signers_info_set-missing_free-fuzz_pkcs7-6213931373035520.der":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
|
||||
PKCS7 Signed Data Parse Fail Corrupt signerInfos[2] (6213931373035520)
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
pkcs7_parse:"data_files/pkcs7_signerInfo_2_invalid_tag.der":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
|
||||
|
||||
pkcs7_get_signers_info_set error handling (4541044530479104)
|
||||
depends_on:MBEDTLS_RIPEMD160_C
|
||||
pkcs7_parse:"data_files/pkcs7_get_signers_info_set-leak-fuzz_pkcs7-4541044530479104.der": MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
|
||||
PKCS7 Signed Data Parse Fail Corrupt signerInfos[1].issuerAndSerialNumber.serialNumber, after multi-element .name (4541044530479104)
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
pkcs7_parse:"data_files/pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO
|
||||
|
||||
PKCS7 Only Signed Data Parse Pass #15
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||
@ -98,10 +134,22 @@ PKCS7 Signed Data Hash Verify Fail with multiple signers #18
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_SHA512_C
|
||||
pkcs7_verify:"data_files/pkcs7_data_multiple_signed.der":"data_files/pkcs7-rsa-sha256-1.crt data_files/pkcs7-rsa-sha256-2.crt":"data_files/pkcs7_data.bin":MBEDTLS_MD_SHA512:MBEDTLS_ERR_PKCS7_VERIFY_FAIL
|
||||
|
||||
PKCS7 Signed Data Verify Fail Expired Cert #19
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
PKCS7 Signed Data Verify Pass Expired Cert #19 no TIME_DATE
|
||||
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_HAVE_TIME_DATE
|
||||
pkcs7_verify:"data_files/pkcs7_data_rsa_expired.der":"data_files/pkcs7-rsa-expired.crt":"data_files/pkcs7_data.bin":0:0
|
||||
|
||||
PKCS7 Signed Data Verify Fail Expired Cert #19 have DATE_TIME
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_HAVE_TIME_DATE
|
||||
pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-expired.crt":"data_files/pkcs7_data.bin":0:MBEDTLS_ERR_PKCS7_CERT_DATE_INVALID
|
||||
|
||||
PKCS7 Signed Data Verify Fail Expired Cert #19 no DATE_TIME 1
|
||||
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_HAVE_TIME_DATE
|
||||
pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-expired.crt":"data_files/pkcs7_data.bin":0:MBEDTLS_ERR_RSA_VERIFY_FAILED
|
||||
|
||||
PKCS7 Signed Data Verify Fail Expired Cert #19 no TIME_DATE 2
|
||||
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_HAVE_TIME_DATE
|
||||
pkcs7_verify:"data_files/pkcs7_data_rsa_expired.der":"data_files/pkcs7-rsa-expired.crt":"data_files/pkcs7_data_1.bin":0:MBEDTLS_ERR_RSA_VERIFY_FAILED
|
||||
|
||||
PKCS7 Parse Failure Invalid ASN1: Add null byte to start #20.0
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
pkcs7_asn1_fail:"003082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0"
|
||||
|
||||
@ -125,7 +125,8 @@ void pkcs7_verify(char *pkcs7_file,
|
||||
TEST_ASSERT(file != NULL);
|
||||
|
||||
datalen = st.st_size;
|
||||
ASSERT_ALLOC(data, datalen);
|
||||
/* Special-case for zero-length input so that data will be non-NULL */
|
||||
ASSERT_ALLOC(data, datalen == 0 ? 1 : datalen);
|
||||
buflen = fread((void *) data, sizeof(unsigned char), datalen, file);
|
||||
TEST_EQUAL(buflen, datalen);
|
||||
|
||||
|
||||
23
tests/suites/test_suite_platform_util.data
Normal file
23
tests/suites/test_suite_platform_util.data
Normal file
@ -0,0 +1,23 @@
|
||||
Zeroize len 0, null
|
||||
mbedtls_platform_zeroize:0:1
|
||||
|
||||
Zeroize len 0, non-null
|
||||
mbedtls_platform_zeroize:0:0
|
||||
|
||||
Zeroize len 1
|
||||
mbedtls_platform_zeroize:1:0
|
||||
|
||||
Zeroize len 4
|
||||
mbedtls_platform_zeroize:1:0
|
||||
|
||||
Zeroize len 5
|
||||
mbedtls_platform_zeroize:1:0
|
||||
|
||||
Zeroize len 32
|
||||
mbedtls_platform_zeroize:32:0
|
||||
|
||||
Zeroize len 127
|
||||
mbedtls_platform_zeroize:127:0
|
||||
|
||||
Zeroize len 128
|
||||
mbedtls_platform_zeroize:128:0
|
||||
41
tests/suites/test_suite_platform_util.function
Normal file
41
tests/suites/test_suite_platform_util.function
Normal file
@ -0,0 +1,41 @@
|
||||
/* BEGIN_HEADER */
|
||||
#include "mbedtls/platform_util.h"
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void mbedtls_platform_zeroize(int len, int null)
|
||||
{
|
||||
char buf[130];
|
||||
char *p = NULL;
|
||||
|
||||
TEST_ASSERT(len <= 128);
|
||||
|
||||
/* Write sentinel values */
|
||||
buf[0] = 2;
|
||||
buf[len + 1] = 2;
|
||||
|
||||
/* Write non-zero content */
|
||||
if (!null) {
|
||||
p = &buf[1];
|
||||
for (int i = 0; i < len; i++) {
|
||||
p[i] = 1;
|
||||
}
|
||||
}
|
||||
|
||||
/* Check content is non-zero */
|
||||
TEST_EQUAL(buf[0], 2);
|
||||
for (int i = 0; i < len; i++) {
|
||||
TEST_ASSERT(p[i] == 1);
|
||||
}
|
||||
TEST_EQUAL(buf[len + 1], 2);
|
||||
|
||||
mbedtls_platform_zeroize(p, len);
|
||||
|
||||
/* Check content is zero and sentinels un-changed */
|
||||
TEST_EQUAL(buf[0], 2);
|
||||
for (int i = 0; i < len; i++) {
|
||||
TEST_ASSERT(p[i] == 0);
|
||||
}
|
||||
TEST_EQUAL(buf[len + 1], 2);
|
||||
}
|
||||
/* END_CASE */
|
||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -15,35 +15,35 @@ depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_W
|
||||
sign_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS
|
||||
|
||||
sign_hash transparent driver: in driver RSA PKCS#1 v1.5, raw
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
|
||||
sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":0:PSA_SUCCESS
|
||||
|
||||
sign_hash transparent driver: fallback RSA PKCS#1 v1.5, raw
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_SUPPORTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":0:PSA_SUCCESS
|
||||
|
||||
sign_hash transparent driver: error RSA PKCS#1 v1.5, raw
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
|
||||
sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_GENERIC_ERROR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":0:PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
sign_hash transparent driver: fake RSA PKCS#1 v1.5, raw
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
|
||||
sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":1:PSA_SUCCESS
|
||||
|
||||
sign_hash transparent driver: in driver RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
|
||||
sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS
|
||||
|
||||
sign_hash transparent driver: fallback RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS
|
||||
|
||||
sign_hash transparent driver: error RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
|
||||
sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
sign_hash transparent driver: fake RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
|
||||
sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":1:PSA_SUCCESS
|
||||
|
||||
verify_hash transparent driver: in driver ECDSA SECP256R1 SHA-256
|
||||
@ -71,63 +71,63 @@ depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R
|
||||
verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
verify_hash transparent driver: in driver Key Pair RSA PKCS#1 v1.5 raw
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
|
||||
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":PSA_SUCCESS
|
||||
|
||||
verify_hash transparent driver: fallback Key Pair RSA PKCS#1 v1.5 raw
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_SUPPORTED:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":PSA_SUCCESS
|
||||
|
||||
verify_hash transparent driver: error Key Pair RSA PKCS#1 v1.5 raw
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
|
||||
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_GENERIC_ERROR:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
verify_hash transparent driver: in driver Key Pair RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
|
||||
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
|
||||
|
||||
verify_hash transparent driver: fallback Key Pair RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
|
||||
|
||||
verify_hash transparent driver: error Key Pair RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
|
||||
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
verify_hash transparent driver: in driver Public Key RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
|
||||
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
|
||||
|
||||
verify_hash transparent driver: fallback Public Key RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
|
||||
|
||||
verify_hash transparent driver: error Public Key RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C
|
||||
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
verify_hash transparent driver: in driver Public Key RSA-1024 PSS SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C
|
||||
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS
|
||||
|
||||
verify_hash transparent driver: fallback Public Key RSA-1024 PSS SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS
|
||||
|
||||
verify_hash transparent driver: error Public Key RSA-1024 PSS SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C
|
||||
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
verify_hash transparent driver: in driver Public Key RSA-1024 PSS-any-salt SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C
|
||||
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS
|
||||
|
||||
verify_hash transparent driver: fallback Public Key RSA-1024 PSS-any-salt SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS
|
||||
|
||||
verify_hash transparent driver: error Public Key RSA-1024 PSS-any-salt SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C
|
||||
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
sign_message transparent driver: calculate in driver ECDSA SECP256R1 SHA-256
|
||||
@ -147,19 +147,19 @@ depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_W
|
||||
sign_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS
|
||||
|
||||
sign_message transparent driver: calculate in driver RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
|
||||
sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS
|
||||
|
||||
sign_message transparent driver: fallback RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS
|
||||
|
||||
sign_message transparent driver: error RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
|
||||
sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
sign_message transparent driver: fake RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
|
||||
sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":1:PSA_SUCCESS
|
||||
|
||||
verify_message transparent driver: calculate in driver ECDSA SECP256R1 SHA-256
|
||||
@ -187,51 +187,51 @@ depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R
|
||||
verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
verify_message transparent driver: calculate in driver RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
|
||||
verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
|
||||
|
||||
verify_message transparent driver: fallback RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
|
||||
|
||||
verify_message transparent driver: error RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
|
||||
verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
verify_message transparent driver: calculate in driver Public Key RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C
|
||||
verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
|
||||
|
||||
verify_message transparent driver: fallback Public Key RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
|
||||
verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
|
||||
|
||||
verify_message transparent driver: error Public Key RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C
|
||||
verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
verify_message transparent driver: calculate in driver Public Key RSA PSS SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C
|
||||
verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5":PSA_SUCCESS
|
||||
|
||||
verify_message transparent driver: fallback Public Key RSA PSS SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS
|
||||
verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5":PSA_SUCCESS
|
||||
|
||||
verify_message transparent driver: error Public Key RSA PSS SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C
|
||||
verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
verify_message transparent driver: calculate in driver Public Key RSA PSS-any-salt SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C
|
||||
verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d":PSA_SUCCESS
|
||||
|
||||
verify_message transparent driver: fallback Public Key RSA PSS-any-salt SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS
|
||||
verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d":PSA_SUCCESS
|
||||
|
||||
verify_message transparent driver: error Public Key RSA PSS-any-salt SHA-256
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C
|
||||
verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
generate_key through transparent driver: fake
|
||||
@ -252,19 +252,19 @@ generate_key through transparent driver: error
|
||||
generate_key:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
validate key through transparent driver: good private key
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
|
||||
validate_key:PSA_SUCCESS:PSA_KEY_LOCATION_LOCAL_STORAGE:130:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
|
||||
|
||||
validate key through transparent driver: good public key
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256
|
||||
validate_key:PSA_SUCCESS:PSA_KEY_LOCATION_LOCAL_STORAGE:131:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
|
||||
|
||||
validate key through transparent driver: fallback private key
|
||||
depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
|
||||
depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
|
||||
validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_LOCATION_LOCAL_STORAGE:132:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
|
||||
|
||||
validate key through transparent driver: fallback public key
|
||||
depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
|
||||
depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
|
||||
validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_LOCATION_LOCAL_STORAGE:133:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
|
||||
|
||||
validate key through transparent driver: error
|
||||
@ -272,11 +272,11 @@ depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
|
||||
validate_key:PSA_ERROR_GENERIC_ERROR:PSA_KEY_LOCATION_LOCAL_STORAGE:134:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
validate key through opaque driver: good private key
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
|
||||
validate_key:PSA_SUCCESS:PSA_CRYPTO_TEST_DRIVER_LOCATION:130:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
|
||||
|
||||
validate key through opaque driver: good public key
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256
|
||||
validate_key:PSA_SUCCESS:PSA_CRYPTO_TEST_DRIVER_LOCATION:131:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
|
||||
|
||||
validate key through opaque driver: error
|
||||
@ -284,35 +284,35 @@ depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
|
||||
validate_key:PSA_ERROR_GENERIC_ERROR:PSA_CRYPTO_TEST_DRIVER_LOCATION:134:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
export_key private to public through driver: fake
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256
|
||||
export_key:PSA_SUCCESS:"0102030405":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"":PSA_SUCCESS
|
||||
|
||||
export_key private to public through driver: in-driver
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256
|
||||
export_key:PSA_SUCCESS:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS
|
||||
|
||||
export_key private to public through driver: fallback
|
||||
depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
|
||||
depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
|
||||
export_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS
|
||||
|
||||
export_key private to public through driver: error
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256
|
||||
export_key:PSA_ERROR_GENERIC_ERROR:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
raw key agreement through driver: fake
|
||||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
|
||||
key_agreement:PSA_ALG_ECDH:PSA_SUCCESS:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"0102030405":PSA_SUCCESS
|
||||
|
||||
raw key agreement through driver: in-driver
|
||||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
|
||||
key_agreement:PSA_ALG_ECDH:PSA_SUCCESS:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"":PSA_SUCCESS
|
||||
|
||||
raw key agreement through driver: fallback
|
||||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ALG_ECDH
|
||||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ALG_ECDH
|
||||
key_agreement:PSA_ALG_ECDH:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"":PSA_SUCCESS
|
||||
|
||||
raw key agreement through driver: error
|
||||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
|
||||
key_agreement:PSA_ALG_ECDH:PSA_ERROR_GENERIC_ERROR:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
PSA symmetric encrypt validation: AES-CTR, 16 bytes, good
|
||||
@ -820,3 +820,48 @@ aead_decrypt_setup:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_G
|
||||
PSA AEAD decrypt setup, AES-GCM, 144 bytes #1, insufficient memory
|
||||
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
|
||||
aead_decrypt_setup:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c87281":"4365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY
|
||||
|
||||
PSA PAKE transparent driver: setup(via input) in-driver forced status
|
||||
pake_operations:"abcd":PSA_ERROR_GENERIC_ERROR:PSA_SUCCESS:"":PSA_ERROR_GENERIC_ERROR:0
|
||||
|
||||
PSA PAKE transparent driver: setup(via output) in-driver forced status
|
||||
pake_operations:"abcd":PSA_ERROR_GENERIC_ERROR:PSA_SUCCESS:"":PSA_ERROR_GENERIC_ERROR:1
|
||||
|
||||
PSA PAKE transparent driver: input in-driver forced status
|
||||
pake_operations:"abcd":PSA_SUCCESS:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR:2
|
||||
|
||||
PSA PAKE transparent driver: output in-driver forced status
|
||||
pake_operations:"abcd":PSA_SUCCESS:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR:3
|
||||
|
||||
PSA PAKE transparent driver: output in-driver forced output
|
||||
pake_operations:"abcd":PSA_SUCCESS:PSA_SUCCESS:"1234":PSA_SUCCESS:3
|
||||
|
||||
PSA PAKE transparent driver: get_key in-driver forced status
|
||||
pake_operations:"abcd":PSA_SUCCESS:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR:4
|
||||
|
||||
PSA PAKE transparent driver: abort in-driver forced status
|
||||
pake_operations:"abcd":PSA_SUCCESS:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR:5
|
||||
|
||||
PSA PAKE transparent driver: setup(via input) fallback not available
|
||||
depends_on:!MBEDTLS_PSA_BUILTIN_PAKE
|
||||
pake_operations:"abcd":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS:"":PSA_ERROR_NOT_SUPPORTED:0
|
||||
|
||||
PSA PAKE transparent driver: setup(via output) fallback not available
|
||||
depends_on:!MBEDTLS_PSA_BUILTIN_PAKE
|
||||
pake_operations:"abcd":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS:"":PSA_ERROR_NOT_SUPPORTED:1
|
||||
|
||||
PSA PAKE transparent driver: input fallback not available
|
||||
depends_on:!MBEDTLS_PSA_BUILTIN_PAKE
|
||||
pake_operations:"abcd":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS:"":PSA_ERROR_NOT_SUPPORTED:2
|
||||
|
||||
PSA PAKE transparent driver: output fallback not available
|
||||
depends_on:!MBEDTLS_PSA_BUILTIN_PAKE
|
||||
pake_operations:"abcd":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS:"":PSA_ERROR_NOT_SUPPORTED:3
|
||||
|
||||
PSA PAKE: ecjpake rounds transparent driver: in-driver success
|
||||
depends_on:PSA_WANT_ALG_JPAKE:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
|
||||
ecjpake_rounds:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"abcdef":0:1
|
||||
|
||||
PSA PAKE: ecjpake rounds transparent driver: fallback success
|
||||
depends_on:PSA_WANT_ALG_JPAKE:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:MBEDTLS_PSA_BUILTIN_ALG_JPAKE
|
||||
ecjpake_rounds:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"abcdef":0:0
|
||||
|
||||
@ -1,6 +1,414 @@
|
||||
/* BEGIN_HEADER */
|
||||
#include "test/drivers/test_driver.h"
|
||||
|
||||
/* Auxiliary variables for pake tests.
|
||||
Global to silent the compiler when unused. */
|
||||
size_t pake_expected_hit_count = 0;
|
||||
int pake_in_driver = 0;
|
||||
#if defined(PSA_WANT_ALG_JPAKE) && defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) && \
|
||||
defined(PSA_WANT_ECC_SECP_R1_256) && defined(PSA_WANT_ALG_SHA_256)
|
||||
static void ecjpake_do_round(psa_algorithm_t alg, unsigned int primitive,
|
||||
psa_pake_operation_t *server,
|
||||
psa_pake_operation_t *client,
|
||||
int client_input_first,
|
||||
int round)
|
||||
{
|
||||
unsigned char *buffer0 = NULL, *buffer1 = NULL;
|
||||
size_t buffer_length = (
|
||||
PSA_PAKE_OUTPUT_SIZE(alg, primitive, PSA_PAKE_STEP_KEY_SHARE) +
|
||||
PSA_PAKE_OUTPUT_SIZE(alg, primitive, PSA_PAKE_STEP_ZK_PUBLIC) +
|
||||
PSA_PAKE_OUTPUT_SIZE(alg, primitive, PSA_PAKE_STEP_ZK_PROOF)) * 2;
|
||||
/* The output should be exactly this size according to the spec */
|
||||
const size_t expected_size_key_share =
|
||||
PSA_PAKE_OUTPUT_SIZE(alg, primitive, PSA_PAKE_STEP_KEY_SHARE);
|
||||
/* The output should be exactly this size according to the spec */
|
||||
const size_t expected_size_zk_public =
|
||||
PSA_PAKE_OUTPUT_SIZE(alg, primitive, PSA_PAKE_STEP_ZK_PUBLIC);
|
||||
/* The output can be smaller: the spec allows stripping leading zeroes */
|
||||
const size_t max_expected_size_zk_proof =
|
||||
PSA_PAKE_OUTPUT_SIZE(alg, primitive, PSA_PAKE_STEP_ZK_PROOF);
|
||||
size_t buffer0_off = 0;
|
||||
size_t buffer1_off = 0;
|
||||
size_t s_g1_len, s_g2_len, s_a_len;
|
||||
size_t s_g1_off, s_g2_off, s_a_off;
|
||||
size_t s_x1_pk_len, s_x2_pk_len, s_x2s_pk_len;
|
||||
size_t s_x1_pk_off, s_x2_pk_off, s_x2s_pk_off;
|
||||
size_t s_x1_pr_len, s_x2_pr_len, s_x2s_pr_len;
|
||||
size_t s_x1_pr_off, s_x2_pr_off, s_x2s_pr_off;
|
||||
size_t c_g1_len, c_g2_len, c_a_len;
|
||||
size_t c_g1_off, c_g2_off, c_a_off;
|
||||
size_t c_x1_pk_len, c_x2_pk_len, c_x2s_pk_len;
|
||||
size_t c_x1_pk_off, c_x2_pk_off, c_x2s_pk_off;
|
||||
size_t c_x1_pr_len, c_x2_pr_len, c_x2s_pr_len;
|
||||
size_t c_x1_pr_off, c_x2_pr_off, c_x2s_pr_off;
|
||||
psa_status_t status;
|
||||
|
||||
ASSERT_ALLOC(buffer0, buffer_length);
|
||||
ASSERT_ALLOC(buffer1, buffer_length);
|
||||
|
||||
switch (round) {
|
||||
case 1:
|
||||
/* Server first round Output */
|
||||
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE,
|
||||
buffer0 + buffer0_off,
|
||||
512 - buffer0_off, &s_g1_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(s_g1_len, expected_size_key_share);
|
||||
s_g1_off = buffer0_off;
|
||||
buffer0_off += s_g1_len;
|
||||
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PUBLIC,
|
||||
buffer0 + buffer0_off,
|
||||
512 - buffer0_off, &s_x1_pk_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(s_x1_pk_len, expected_size_zk_public);
|
||||
s_x1_pk_off = buffer0_off;
|
||||
buffer0_off += s_x1_pk_len;
|
||||
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PROOF,
|
||||
buffer0 + buffer0_off,
|
||||
512 - buffer0_off, &s_x1_pr_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_LE_U(s_x1_pr_len, max_expected_size_zk_proof);
|
||||
s_x1_pr_off = buffer0_off;
|
||||
buffer0_off += s_x1_pr_len;
|
||||
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE,
|
||||
buffer0 + buffer0_off,
|
||||
512 - buffer0_off, &s_g2_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(s_g2_len, expected_size_key_share);
|
||||
s_g2_off = buffer0_off;
|
||||
buffer0_off += s_g2_len;
|
||||
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PUBLIC,
|
||||
buffer0 + buffer0_off,
|
||||
512 - buffer0_off, &s_x2_pk_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(s_x2_pk_len, expected_size_zk_public);
|
||||
s_x2_pk_off = buffer0_off;
|
||||
buffer0_off += s_x2_pk_len;
|
||||
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PROOF,
|
||||
buffer0 + buffer0_off,
|
||||
512 - buffer0_off, &s_x2_pr_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_LE_U(s_x2_pr_len, max_expected_size_zk_proof);
|
||||
s_x2_pr_off = buffer0_off;
|
||||
buffer0_off += s_x2_pr_len;
|
||||
|
||||
if (client_input_first == 1) {
|
||||
/* Client first round Input */
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_KEY_SHARE,
|
||||
buffer0 + s_g1_off, s_g1_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PUBLIC,
|
||||
buffer0 + s_x1_pk_off,
|
||||
s_x1_pk_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PROOF,
|
||||
buffer0 + s_x1_pr_off,
|
||||
s_x1_pr_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_KEY_SHARE,
|
||||
buffer0 + s_g2_off,
|
||||
s_g2_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PUBLIC,
|
||||
buffer0 + s_x2_pk_off,
|
||||
s_x2_pk_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PROOF,
|
||||
buffer0 + s_x2_pr_off,
|
||||
s_x2_pr_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
}
|
||||
|
||||
/* Adjust for indirect client driver setup in first pake_output call. */
|
||||
pake_expected_hit_count++;
|
||||
|
||||
/* Client first round Output */
|
||||
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE,
|
||||
buffer1 + buffer1_off,
|
||||
512 - buffer1_off, &c_g1_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(c_g1_len, expected_size_key_share);
|
||||
c_g1_off = buffer1_off;
|
||||
buffer1_off += c_g1_len;
|
||||
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PUBLIC,
|
||||
buffer1 + buffer1_off,
|
||||
512 - buffer1_off, &c_x1_pk_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(c_x1_pk_len, expected_size_zk_public);
|
||||
c_x1_pk_off = buffer1_off;
|
||||
buffer1_off += c_x1_pk_len;
|
||||
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PROOF,
|
||||
buffer1 + buffer1_off,
|
||||
512 - buffer1_off, &c_x1_pr_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_LE_U(c_x1_pr_len, max_expected_size_zk_proof);
|
||||
c_x1_pr_off = buffer1_off;
|
||||
buffer1_off += c_x1_pr_len;
|
||||
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE,
|
||||
buffer1 + buffer1_off,
|
||||
512 - buffer1_off, &c_g2_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(c_g2_len, expected_size_key_share);
|
||||
c_g2_off = buffer1_off;
|
||||
buffer1_off += c_g2_len;
|
||||
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PUBLIC,
|
||||
buffer1 + buffer1_off,
|
||||
512 - buffer1_off, &c_x2_pk_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(c_x2_pk_len, expected_size_zk_public);
|
||||
c_x2_pk_off = buffer1_off;
|
||||
buffer1_off += c_x2_pk_len;
|
||||
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PROOF,
|
||||
buffer1 + buffer1_off,
|
||||
512 - buffer1_off, &c_x2_pr_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_LE_U(c_x2_pr_len, max_expected_size_zk_proof);
|
||||
c_x2_pr_off = buffer1_off;
|
||||
buffer1_off += c_x2_pr_len;
|
||||
|
||||
if (client_input_first == 0) {
|
||||
/* Client first round Input */
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_KEY_SHARE,
|
||||
buffer0 + s_g1_off, s_g1_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PUBLIC,
|
||||
buffer0 + s_x1_pk_off,
|
||||
s_x1_pk_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PROOF,
|
||||
buffer0 + s_x1_pr_off,
|
||||
s_x1_pr_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_KEY_SHARE,
|
||||
buffer0 + s_g2_off,
|
||||
s_g2_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PUBLIC,
|
||||
buffer0 + s_x2_pk_off,
|
||||
s_x2_pk_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PROOF,
|
||||
buffer0 + s_x2_pr_off,
|
||||
s_x2_pr_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
}
|
||||
|
||||
/* Server first round Input */
|
||||
status = psa_pake_input(server, PSA_PAKE_STEP_KEY_SHARE,
|
||||
buffer1 + c_g1_off, c_g1_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(server, PSA_PAKE_STEP_ZK_PUBLIC,
|
||||
buffer1 + c_x1_pk_off, c_x1_pk_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(server, PSA_PAKE_STEP_ZK_PROOF,
|
||||
buffer1 + c_x1_pr_off, c_x1_pr_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(server, PSA_PAKE_STEP_KEY_SHARE,
|
||||
buffer1 + c_g2_off, c_g2_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(server, PSA_PAKE_STEP_ZK_PUBLIC,
|
||||
buffer1 + c_x2_pk_off, c_x2_pk_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(server, PSA_PAKE_STEP_ZK_PROOF,
|
||||
buffer1 + c_x2_pr_off, c_x2_pr_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
break;
|
||||
|
||||
case 2:
|
||||
/* Server second round Output */
|
||||
buffer0_off = 0;
|
||||
|
||||
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE,
|
||||
buffer0 + buffer0_off,
|
||||
512 - buffer0_off, &s_a_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(s_a_len, expected_size_key_share);
|
||||
s_a_off = buffer0_off;
|
||||
buffer0_off += s_a_len;
|
||||
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PUBLIC,
|
||||
buffer0 + buffer0_off,
|
||||
512 - buffer0_off, &s_x2s_pk_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(s_x2s_pk_len, expected_size_zk_public);
|
||||
s_x2s_pk_off = buffer0_off;
|
||||
buffer0_off += s_x2s_pk_len;
|
||||
PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PROOF,
|
||||
buffer0 + buffer0_off,
|
||||
512 - buffer0_off, &s_x2s_pr_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_LE_U(s_x2s_pr_len, max_expected_size_zk_proof);
|
||||
s_x2s_pr_off = buffer0_off;
|
||||
buffer0_off += s_x2s_pr_len;
|
||||
|
||||
if (client_input_first == 1) {
|
||||
/* Client second round Input */
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_KEY_SHARE,
|
||||
buffer0 + s_a_off, s_a_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PUBLIC,
|
||||
buffer0 + s_x2s_pk_off,
|
||||
s_x2s_pk_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PROOF,
|
||||
buffer0 + s_x2s_pr_off,
|
||||
s_x2s_pr_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
}
|
||||
|
||||
/* Client second round Output */
|
||||
buffer1_off = 0;
|
||||
|
||||
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE,
|
||||
buffer1 + buffer1_off,
|
||||
512 - buffer1_off, &c_a_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(c_a_len, expected_size_key_share);
|
||||
c_a_off = buffer1_off;
|
||||
buffer1_off += c_a_len;
|
||||
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PUBLIC,
|
||||
buffer1 + buffer1_off,
|
||||
512 - buffer1_off, &c_x2s_pk_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(c_x2s_pk_len, expected_size_zk_public);
|
||||
c_x2s_pk_off = buffer1_off;
|
||||
buffer1_off += c_x2s_pk_len;
|
||||
PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PROOF,
|
||||
buffer1 + buffer1_off,
|
||||
512 - buffer1_off, &c_x2s_pr_len));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_LE_U(c_x2s_pr_len, max_expected_size_zk_proof);
|
||||
c_x2s_pr_off = buffer1_off;
|
||||
buffer1_off += c_x2s_pr_len;
|
||||
|
||||
if (client_input_first == 0) {
|
||||
/* Client second round Input */
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_KEY_SHARE,
|
||||
buffer0 + s_a_off, s_a_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PUBLIC,
|
||||
buffer0 + s_x2s_pk_off,
|
||||
s_x2s_pk_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PROOF,
|
||||
buffer0 + s_x2s_pr_off,
|
||||
s_x2s_pr_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
}
|
||||
|
||||
/* Server second round Input */
|
||||
status = psa_pake_input(server, PSA_PAKE_STEP_KEY_SHARE,
|
||||
buffer1 + c_a_off, c_a_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(server, PSA_PAKE_STEP_ZK_PUBLIC,
|
||||
buffer1 + c_x2s_pk_off, c_x2s_pk_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
status = psa_pake_input(server, PSA_PAKE_STEP_ZK_PROOF,
|
||||
buffer1 + c_x2s_pr_off, c_x2s_pr_len);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
exit:
|
||||
mbedtls_free(buffer0);
|
||||
mbedtls_free(buffer1);
|
||||
}
|
||||
#endif /* PSA_WANT_ALG_JPAKE */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||
/* Sanity checks on the output of RSA encryption.
|
||||
*
|
||||
@ -2567,3 +2975,302 @@ exit:
|
||||
PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */
|
||||
void pake_operations(data_t *pw_data, int forced_status_setup_arg, int forced_status_arg,
|
||||
data_t *forced_output, int expected_status_arg,
|
||||
int fut)
|
||||
{
|
||||
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||
psa_status_t forced_status = forced_status_arg;
|
||||
psa_status_t forced_status_setup = forced_status_setup_arg;
|
||||
psa_status_t expected_status = expected_status_arg;
|
||||
psa_pake_operation_t operation = psa_pake_operation_init();
|
||||
psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init();
|
||||
psa_key_derivation_operation_t implicit_key =
|
||||
PSA_KEY_DERIVATION_OPERATION_INIT;
|
||||
psa_pake_primitive_t primitive = PSA_PAKE_PRIMITIVE(
|
||||
PSA_PAKE_PRIMITIVE_TYPE_ECC,
|
||||
PSA_ECC_FAMILY_SECP_R1, 256);
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
unsigned char *input_buffer = NULL;
|
||||
const size_t size_key_share = PSA_PAKE_INPUT_SIZE(PSA_ALG_JPAKE, primitive,
|
||||
PSA_PAKE_STEP_KEY_SHARE);
|
||||
unsigned char *output_buffer = NULL;
|
||||
size_t output_len = 0;
|
||||
size_t output_size = PSA_PAKE_OUTPUT_SIZE(PSA_ALG_JPAKE, primitive,
|
||||
PSA_PAKE_STEP_KEY_SHARE);
|
||||
int in_driver = (forced_status_setup_arg == PSA_SUCCESS);
|
||||
|
||||
ASSERT_ALLOC(input_buffer,
|
||||
PSA_PAKE_INPUT_SIZE(PSA_ALG_JPAKE, primitive,
|
||||
PSA_PAKE_STEP_KEY_SHARE));
|
||||
memset(input_buffer, 0xAA, size_key_share);
|
||||
|
||||
ASSERT_ALLOC(output_buffer,
|
||||
PSA_PAKE_INPUT_SIZE(PSA_ALG_JPAKE, primitive,
|
||||
PSA_PAKE_STEP_KEY_SHARE));
|
||||
memset(output_buffer, 0x55, output_size);
|
||||
|
||||
PSA_INIT();
|
||||
|
||||
mbedtls_test_driver_pake_hooks = mbedtls_test_driver_pake_hooks_init();
|
||||
|
||||
if (pw_data->len > 0) {
|
||||
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
|
||||
psa_set_key_algorithm(&attributes, PSA_ALG_JPAKE);
|
||||
psa_set_key_type(&attributes, PSA_KEY_TYPE_PASSWORD);
|
||||
PSA_ASSERT(psa_import_key(&attributes, pw_data->x, pw_data->len,
|
||||
&key));
|
||||
}
|
||||
|
||||
psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE);
|
||||
psa_pake_cs_set_primitive(&cipher_suite, primitive);
|
||||
psa_pake_cs_set_hash(&cipher_suite, PSA_ALG_SHA_256);
|
||||
|
||||
mbedtls_test_driver_pake_hooks.forced_status = forced_status_setup;
|
||||
|
||||
/* Collecting input stage (no driver entry points) */
|
||||
|
||||
TEST_EQUAL(psa_pake_setup(&operation, &cipher_suite),
|
||||
PSA_SUCCESS);
|
||||
|
||||
TEST_EQUAL(psa_pake_set_role(&operation, PSA_PAKE_ROLE_SERVER),
|
||||
PSA_SUCCESS);
|
||||
|
||||
TEST_EQUAL(psa_pake_set_password_key(&operation, key),
|
||||
PSA_SUCCESS);
|
||||
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0);
|
||||
|
||||
/* Computation stage (driver entry points) */
|
||||
|
||||
switch (fut) {
|
||||
case 0: /* setup (via input) */
|
||||
/* --- psa_pake_input (driver: setup, input) --- */
|
||||
mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup;
|
||||
mbedtls_test_driver_pake_hooks.forced_status = forced_status;
|
||||
TEST_EQUAL(psa_pake_input(&operation, PSA_PAKE_STEP_KEY_SHARE,
|
||||
input_buffer, size_key_share),
|
||||
expected_status);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 1);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.setup, 1);
|
||||
break;
|
||||
|
||||
case 1: /* setup (via output) */
|
||||
/* --- psa_pake_output (driver: setup, output) --- */
|
||||
mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup;
|
||||
mbedtls_test_driver_pake_hooks.forced_status = forced_status;
|
||||
TEST_EQUAL(psa_pake_output(&operation, PSA_PAKE_STEP_KEY_SHARE,
|
||||
output_buffer, output_size, &output_len),
|
||||
expected_status);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 1);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.setup, 1);
|
||||
break;
|
||||
|
||||
case 2: /* input */
|
||||
/* --- psa_pake_input (driver: setup, input, abort) --- */
|
||||
mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup;
|
||||
mbedtls_test_driver_pake_hooks.forced_status = forced_status;
|
||||
TEST_EQUAL(psa_pake_input(&operation, PSA_PAKE_STEP_KEY_SHARE,
|
||||
input_buffer, size_key_share),
|
||||
expected_status);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, in_driver ? 3 : 1);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.setup, 1);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.input, in_driver ? 1 : 0);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.abort, in_driver ? 1 : 0);
|
||||
break;
|
||||
|
||||
case 3: /* output */
|
||||
/* --- psa_pake_output (driver: setup, output, (abort)) --- */
|
||||
mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup;
|
||||
mbedtls_test_driver_pake_hooks.forced_status = forced_status;
|
||||
if (forced_output->len > 0) {
|
||||
mbedtls_test_driver_pake_hooks.forced_output = forced_output->x;
|
||||
mbedtls_test_driver_pake_hooks.forced_output_length = forced_output->len;
|
||||
}
|
||||
TEST_EQUAL(psa_pake_output(&operation, PSA_PAKE_STEP_KEY_SHARE,
|
||||
output_buffer, output_size, &output_len),
|
||||
expected_status);
|
||||
|
||||
if (forced_output->len > 0) {
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, in_driver ? 2 : 1);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.setup, 1);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.output, in_driver ? 1 : 0);
|
||||
TEST_EQUAL(output_len, forced_output->len);
|
||||
TEST_EQUAL(memcmp(output_buffer, forced_output->x, output_len), 0);
|
||||
} else {
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, in_driver ? 3 : 1);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.setup, 1);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.output, in_driver ? 1 : 0);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.abort, in_driver ? 1 : 0);
|
||||
}
|
||||
break;
|
||||
|
||||
case 4: /* get_implicit_key */
|
||||
/* Call driver setup indirectly */
|
||||
TEST_EQUAL(psa_pake_input(&operation, PSA_PAKE_STEP_KEY_SHARE,
|
||||
input_buffer, size_key_share),
|
||||
PSA_SUCCESS);
|
||||
|
||||
/* Simulate that we are ready to get implicit key. */
|
||||
operation.computation_stage.jpake.input_step = PSA_PAKE_STEP_DERIVE;
|
||||
operation.computation_stage.jpake.output_step = PSA_PAKE_STEP_DERIVE;
|
||||
|
||||
/* --- psa_pake_get_implicit_key --- */
|
||||
mbedtls_test_driver_pake_hooks.forced_status = forced_status;
|
||||
memset(&mbedtls_test_driver_pake_hooks.hits, 0,
|
||||
sizeof(mbedtls_test_driver_pake_hooks.hits));
|
||||
TEST_EQUAL(psa_pake_get_implicit_key(&operation, &implicit_key),
|
||||
expected_status);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 2);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.implicit_key, 1);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.abort, 1);
|
||||
|
||||
break;
|
||||
|
||||
case 5: /* abort */
|
||||
/* Call driver setup indirectly */
|
||||
TEST_EQUAL(psa_pake_input(&operation, PSA_PAKE_STEP_KEY_SHARE,
|
||||
input_buffer, size_key_share),
|
||||
PSA_SUCCESS);
|
||||
|
||||
/* --- psa_pake_abort --- */
|
||||
mbedtls_test_driver_pake_hooks.forced_status = forced_status;
|
||||
memset(&mbedtls_test_driver_pake_hooks.hits, 0,
|
||||
sizeof(mbedtls_test_driver_pake_hooks.hits));
|
||||
TEST_EQUAL(psa_pake_abort(&operation), expected_status);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 1);
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.abort, 1);
|
||||
break;
|
||||
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
||||
/* Clean up */
|
||||
mbedtls_test_driver_pake_hooks.forced_setup_status = PSA_SUCCESS;
|
||||
mbedtls_test_driver_pake_hooks.forced_status = PSA_SUCCESS;
|
||||
TEST_EQUAL(psa_pake_abort(&operation), PSA_SUCCESS);
|
||||
exit:
|
||||
/*
|
||||
* Key attributes may have been returned by psa_get_key_attributes()
|
||||
* thus reset them as required.
|
||||
*/
|
||||
psa_reset_key_attributes(&attributes);
|
||||
mbedtls_free(input_buffer);
|
||||
mbedtls_free(output_buffer);
|
||||
psa_destroy_key(key);
|
||||
mbedtls_test_driver_pake_hooks =
|
||||
mbedtls_test_driver_pake_hooks_init();
|
||||
PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 */
|
||||
void ecjpake_rounds(int alg_arg, int primitive_arg, int hash_arg,
|
||||
int derive_alg_arg, data_t *pw_data,
|
||||
int client_input_first, int in_driver)
|
||||
{
|
||||
psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init();
|
||||
psa_pake_operation_t server = psa_pake_operation_init();
|
||||
psa_pake_operation_t client = psa_pake_operation_init();
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
psa_algorithm_t hash_alg = hash_arg;
|
||||
psa_algorithm_t derive_alg = derive_alg_arg;
|
||||
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_key_derivation_operation_t server_derive =
|
||||
PSA_KEY_DERIVATION_OPERATION_INIT;
|
||||
psa_key_derivation_operation_t client_derive =
|
||||
PSA_KEY_DERIVATION_OPERATION_INIT;
|
||||
pake_in_driver = in_driver;
|
||||
/* driver setup is called indirectly through pake_output/pake_input */
|
||||
if (pake_in_driver) {
|
||||
pake_expected_hit_count = 2;
|
||||
} else {
|
||||
pake_expected_hit_count = 1;
|
||||
}
|
||||
|
||||
PSA_INIT();
|
||||
|
||||
mbedtls_test_driver_pake_hooks = mbedtls_test_driver_pake_hooks_init();
|
||||
|
||||
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
|
||||
psa_set_key_algorithm(&attributes, alg);
|
||||
psa_set_key_type(&attributes, PSA_KEY_TYPE_PASSWORD);
|
||||
PSA_ASSERT(psa_import_key(&attributes, pw_data->x, pw_data->len,
|
||||
&key));
|
||||
|
||||
psa_pake_cs_set_algorithm(&cipher_suite, alg);
|
||||
psa_pake_cs_set_primitive(&cipher_suite, primitive_arg);
|
||||
psa_pake_cs_set_hash(&cipher_suite, hash_alg);
|
||||
|
||||
/* Get shared key */
|
||||
PSA_ASSERT(psa_key_derivation_setup(&server_derive, derive_alg));
|
||||
PSA_ASSERT(psa_key_derivation_setup(&client_derive, derive_alg));
|
||||
|
||||
if (PSA_ALG_IS_TLS12_PSK_TO_MS(derive_alg)) {
|
||||
PSA_ASSERT(psa_key_derivation_input_bytes(&server_derive,
|
||||
PSA_KEY_DERIVATION_INPUT_SEED,
|
||||
(const uint8_t *) "", 0));
|
||||
PSA_ASSERT(psa_key_derivation_input_bytes(&client_derive,
|
||||
PSA_KEY_DERIVATION_INPUT_SEED,
|
||||
(const uint8_t *) "", 0));
|
||||
}
|
||||
|
||||
if (!pake_in_driver) {
|
||||
mbedtls_test_driver_pake_hooks.forced_setup_status = PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
PSA_ASSERT(psa_pake_setup(&server, &cipher_suite));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0);
|
||||
PSA_ASSERT(psa_pake_setup(&client, &cipher_suite));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0);
|
||||
|
||||
|
||||
PSA_ASSERT(psa_pake_set_role(&server, PSA_PAKE_ROLE_SERVER));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0);
|
||||
PSA_ASSERT(psa_pake_set_role(&client, PSA_PAKE_ROLE_CLIENT));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0);
|
||||
PSA_ASSERT(psa_pake_set_password_key(&server, key));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0);
|
||||
PSA_ASSERT(psa_pake_set_password_key(&client, key));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0);
|
||||
|
||||
/* First round */
|
||||
ecjpake_do_round(alg, primitive_arg, &server, &client,
|
||||
client_input_first, 1);
|
||||
|
||||
/* Second round */
|
||||
ecjpake_do_round(alg, primitive_arg, &server, &client,
|
||||
client_input_first, 2);
|
||||
|
||||
/* After the key is obtained operation is aborted.
|
||||
Adapt counter of expected hits. */
|
||||
if (pake_in_driver) {
|
||||
pake_expected_hit_count++;
|
||||
}
|
||||
|
||||
PSA_ASSERT(psa_pake_get_implicit_key(&server, &server_derive));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
|
||||
/* After the key is obtained operation is aborted.
|
||||
Adapt counter of expected hits. */
|
||||
if (pake_in_driver) {
|
||||
pake_expected_hit_count++;
|
||||
}
|
||||
|
||||
PSA_ASSERT(psa_pake_get_implicit_key(&client, &client_derive));
|
||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total,
|
||||
pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count);
|
||||
exit:
|
||||
psa_key_derivation_abort(&server_derive);
|
||||
psa_key_derivation_abort(&client_derive);
|
||||
psa_destroy_key(key);
|
||||
psa_pake_abort(&server);
|
||||
psa_pake_abort(&client);
|
||||
PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -221,6 +221,13 @@ void sign_fail(int key_type_arg, data_t *key_data,
|
||||
uint8_t input[1] = { 'A' };
|
||||
uint8_t output[PSA_SIGNATURE_MAX_SIZE] = { 0 };
|
||||
size_t length = SIZE_MAX;
|
||||
psa_sign_hash_interruptible_operation_t sign_operation =
|
||||
psa_sign_hash_interruptible_operation_init();
|
||||
|
||||
psa_verify_hash_interruptible_operation_t verify_operation =
|
||||
psa_verify_hash_interruptible_operation_init();
|
||||
|
||||
|
||||
|
||||
PSA_INIT();
|
||||
|
||||
@ -237,6 +244,13 @@ void sign_fail(int key_type_arg, data_t *key_data,
|
||||
psa_sign_hash(key_id, alg,
|
||||
input, sizeof(input),
|
||||
output, sizeof(output), &length));
|
||||
|
||||
TEST_STATUS(expected_status,
|
||||
psa_sign_hash_start(&sign_operation, key_id, alg,
|
||||
input, sizeof(input)));
|
||||
|
||||
PSA_ASSERT(psa_sign_hash_abort(&sign_operation));
|
||||
|
||||
if (!private_only) {
|
||||
/* Determine a plausible signature size to avoid an INVALID_SIGNATURE
|
||||
* error based on this. */
|
||||
@ -253,6 +267,13 @@ void sign_fail(int key_type_arg, data_t *key_data,
|
||||
psa_verify_hash(key_id, alg,
|
||||
input, sizeof(input),
|
||||
output, output_length));
|
||||
|
||||
TEST_STATUS(expected_status,
|
||||
psa_verify_hash_start(&verify_operation, key_id, alg,
|
||||
input, sizeof(input),
|
||||
output, output_length));
|
||||
|
||||
PSA_ASSERT(psa_verify_hash_abort(&verify_operation));
|
||||
}
|
||||
|
||||
exit:
|
||||
|
||||
@ -8,19 +8,19 @@ ecjpake_setup:PSA_ALG_SHA_256:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAK
|
||||
|
||||
PSA PAKE: invalid primitive type
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_DH, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_SETUP:PSA_ERROR_NOT_SUPPORTED
|
||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_DH, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED
|
||||
|
||||
PSA PAKE: invalid primitive family
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_K1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_SETUP:PSA_ERROR_NOT_SUPPORTED
|
||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_K1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED
|
||||
|
||||
PSA PAKE: invalid primitive bits
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 128):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_SETUP:PSA_ERROR_NOT_SUPPORTED
|
||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 128):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED
|
||||
|
||||
PSA PAKE: invalid hash
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_1:PSA_PAKE_ROLE_SERVER:0:ERR_IN_SETUP:PSA_ERROR_NOT_SUPPORTED
|
||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_1:PSA_PAKE_ROLE_SERVER:0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED
|
||||
|
||||
PSA PAKE: duplicate a valid setup
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||
@ -28,7 +28,7 @@ ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_
|
||||
|
||||
PSA PAKE: ecjpake setup invalid role NONE
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_NONE:0:ERR_IN_SET_ROLE:PSA_ERROR_NOT_SUPPORTED
|
||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_NONE:0:ERR_IN_OUTPUT:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA PAKE: wrong password key type
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||
@ -70,10 +70,6 @@ PSA PAKE: input buffer too large
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:1:ERR_INJECT_WRONG_BUFFER_SIZE:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
PSA PAKE: valid input operation after a failure
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:1:ERR_INJECT_VALID_OPERATION_AFTER_FAILURE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA PAKE: invalid output
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_EMPTY_IO_BUFFER:PSA_ERROR_INVALID_ARGUMENT
|
||||
@ -90,10 +86,6 @@ PSA PAKE: output buffer too small
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_WRONG_BUFFER_SIZE:PSA_ERROR_BUFFER_TOO_SMALL
|
||||
|
||||
PSA PAKE: valid output operation after a failure
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_VALID_OPERATION_AFTER_FAILURE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA PAKE: check rounds w/o forced errors
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
|
||||
ecjpake_rounds:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"abcdef":0:0:ERR_NONE
|
||||
@ -201,3 +193,12 @@ ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_E
|
||||
PSA PAKE: ecjpake size macros
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
|
||||
ecjpake_size_macros:
|
||||
|
||||
PSA PAKE: input getters: password
|
||||
pake_input_getters_password
|
||||
|
||||
PSA PAKE: input getters: cipher suite
|
||||
pake_input_getters_cipher_suite
|
||||
|
||||
PSA PAKE: input getters: role
|
||||
pake_input_getters_role
|
||||
|
||||
@ -590,10 +590,10 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg,
|
||||
TEST_EQUAL(psa_pake_set_role(&operation, role),
|
||||
expected_error);
|
||||
TEST_EQUAL(psa_pake_output(&operation, PSA_PAKE_STEP_KEY_SHARE,
|
||||
NULL, 0, NULL),
|
||||
output_buffer, 0, &output_len),
|
||||
expected_error);
|
||||
TEST_EQUAL(psa_pake_input(&operation, PSA_PAKE_STEP_KEY_SHARE,
|
||||
NULL, 0),
|
||||
output_buffer, 0),
|
||||
expected_error);
|
||||
TEST_EQUAL(psa_pake_get_implicit_key(&operation, &key_derivation),
|
||||
expected_error);
|
||||
@ -633,7 +633,8 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg,
|
||||
|
||||
if (test_input) {
|
||||
SETUP_CONDITIONAL_CHECK_STEP(psa_pake_input(&operation,
|
||||
PSA_PAKE_STEP_ZK_PROOF, NULL, 0),
|
||||
PSA_PAKE_STEP_ZK_PROOF,
|
||||
output_buffer, 0),
|
||||
ERR_INJECT_EMPTY_IO_BUFFER);
|
||||
|
||||
SETUP_CONDITIONAL_CHECK_STEP(psa_pake_input(&operation,
|
||||
@ -665,7 +666,8 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg,
|
||||
} else {
|
||||
SETUP_CONDITIONAL_CHECK_STEP(psa_pake_output(&operation,
|
||||
PSA_PAKE_STEP_ZK_PROOF,
|
||||
NULL, 0, NULL),
|
||||
output_buffer, 0,
|
||||
&output_len),
|
||||
ERR_INJECT_EMPTY_IO_BUFFER);
|
||||
|
||||
SETUP_CONDITIONAL_CHECK_STEP(psa_pake_output(&operation,
|
||||
@ -728,6 +730,7 @@ void ecjpake_rounds_inject(int alg_arg, int primitive_arg, int hash_arg,
|
||||
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
|
||||
psa_set_key_algorithm(&attributes, alg);
|
||||
psa_set_key_type(&attributes, PSA_KEY_TYPE_PASSWORD);
|
||||
|
||||
PSA_ASSERT(psa_import_key(&attributes, pw_data->x, pw_data->len,
|
||||
&key));
|
||||
|
||||
@ -905,3 +908,136 @@ void ecjpake_size_macros()
|
||||
PSA_PAKE_INPUT_MAX_SIZE);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */
|
||||
void pake_input_getters_password()
|
||||
{
|
||||
psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init();
|
||||
psa_pake_operation_t operation = psa_pake_operation_init();
|
||||
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
const char *password = "password";
|
||||
uint8_t password_ret[20] = { 0 }; // max key length is 20 bytes
|
||||
size_t password_len_ret = 0;
|
||||
size_t buffer_len_ret = 0;
|
||||
|
||||
psa_pake_primitive_t primitive = PSA_PAKE_PRIMITIVE(
|
||||
PSA_PAKE_PRIMITIVE_TYPE_ECC,
|
||||
PSA_ECC_FAMILY_SECP_R1, 256);
|
||||
|
||||
PSA_INIT();
|
||||
|
||||
psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE);
|
||||
psa_pake_cs_set_primitive(&cipher_suite, primitive);
|
||||
psa_pake_cs_set_hash(&cipher_suite, PSA_ALG_SHA_256);
|
||||
|
||||
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
|
||||
psa_set_key_algorithm(&attributes, PSA_ALG_JPAKE);
|
||||
psa_set_key_type(&attributes, PSA_KEY_TYPE_PASSWORD);
|
||||
|
||||
PSA_ASSERT(psa_pake_setup(&operation, &cipher_suite));
|
||||
|
||||
PSA_ASSERT(psa_import_key(&attributes, (uint8_t *) password, strlen(password), &key));
|
||||
|
||||
TEST_EQUAL(psa_crypto_driver_pake_get_password(&operation.data.inputs,
|
||||
(uint8_t *) &password_ret,
|
||||
10, &buffer_len_ret),
|
||||
PSA_ERROR_BAD_STATE);
|
||||
|
||||
TEST_EQUAL(psa_crypto_driver_pake_get_password_len(&operation.data.inputs, &password_len_ret),
|
||||
PSA_ERROR_BAD_STATE);
|
||||
|
||||
PSA_ASSERT(psa_pake_set_password_key(&operation, key));
|
||||
|
||||
TEST_EQUAL(psa_crypto_driver_pake_get_password_len(&operation.data.inputs, &password_len_ret),
|
||||
PSA_SUCCESS);
|
||||
|
||||
TEST_EQUAL(password_len_ret, strlen(password));
|
||||
|
||||
TEST_EQUAL(psa_crypto_driver_pake_get_password(&operation.data.inputs,
|
||||
(uint8_t *) &password_ret,
|
||||
password_len_ret - 1,
|
||||
&buffer_len_ret),
|
||||
PSA_ERROR_BUFFER_TOO_SMALL);
|
||||
|
||||
TEST_EQUAL(psa_crypto_driver_pake_get_password(&operation.data.inputs,
|
||||
(uint8_t *) &password_ret,
|
||||
password_len_ret,
|
||||
&buffer_len_ret),
|
||||
PSA_SUCCESS);
|
||||
|
||||
TEST_EQUAL(buffer_len_ret, strlen(password));
|
||||
PSA_ASSERT(memcmp(password_ret, password, buffer_len_ret));
|
||||
exit:
|
||||
PSA_ASSERT(psa_destroy_key(key));
|
||||
PSA_ASSERT(psa_pake_abort(&operation));
|
||||
PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */
|
||||
void pake_input_getters_cipher_suite()
|
||||
{
|
||||
psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init();
|
||||
psa_pake_operation_t operation = psa_pake_operation_init();
|
||||
psa_pake_cipher_suite_t cipher_suite_ret = psa_pake_cipher_suite_init();
|
||||
|
||||
psa_pake_primitive_t primitive = PSA_PAKE_PRIMITIVE(
|
||||
PSA_PAKE_PRIMITIVE_TYPE_ECC,
|
||||
PSA_ECC_FAMILY_SECP_R1, 256);
|
||||
|
||||
PSA_INIT();
|
||||
|
||||
psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE);
|
||||
psa_pake_cs_set_primitive(&cipher_suite, primitive);
|
||||
psa_pake_cs_set_hash(&cipher_suite, PSA_ALG_SHA_256);
|
||||
|
||||
TEST_EQUAL(psa_crypto_driver_pake_get_cipher_suite(&operation.data.inputs, &cipher_suite_ret),
|
||||
PSA_ERROR_BAD_STATE);
|
||||
|
||||
PSA_ASSERT(psa_pake_setup(&operation, &cipher_suite));
|
||||
|
||||
TEST_EQUAL(psa_crypto_driver_pake_get_cipher_suite(&operation.data.inputs, &cipher_suite_ret),
|
||||
PSA_SUCCESS);
|
||||
|
||||
PSA_ASSERT(memcmp(&cipher_suite_ret, &cipher_suite, sizeof(cipher_suite)));
|
||||
|
||||
exit:
|
||||
PSA_ASSERT(psa_pake_abort(&operation));
|
||||
PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */
|
||||
void pake_input_getters_role()
|
||||
{
|
||||
psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init();
|
||||
psa_pake_operation_t operation = psa_pake_operation_init();
|
||||
psa_pake_role_t role_ret = PSA_PAKE_ROLE_NONE;
|
||||
|
||||
psa_pake_primitive_t primitive = PSA_PAKE_PRIMITIVE(
|
||||
PSA_PAKE_PRIMITIVE_TYPE_ECC,
|
||||
PSA_ECC_FAMILY_SECP_R1, 256);
|
||||
|
||||
PSA_INIT();
|
||||
|
||||
psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE);
|
||||
psa_pake_cs_set_primitive(&cipher_suite, primitive);
|
||||
psa_pake_cs_set_hash(&cipher_suite, PSA_ALG_SHA_256);
|
||||
|
||||
PSA_ASSERT(psa_pake_setup(&operation, &cipher_suite));
|
||||
|
||||
TEST_EQUAL(psa_crypto_driver_pake_get_role(&operation.data.inputs, &role_ret),
|
||||
PSA_ERROR_BAD_STATE);
|
||||
|
||||
PSA_ASSERT(psa_pake_set_role(&operation, PSA_PAKE_ROLE_SERVER));
|
||||
|
||||
TEST_EQUAL(psa_crypto_driver_pake_get_role(&operation.data.inputs, &role_ret),
|
||||
PSA_SUCCESS);
|
||||
|
||||
TEST_EQUAL(role_ret, PSA_PAKE_ROLE_SERVER);
|
||||
exit:
|
||||
PSA_ASSERT(psa_pake_abort(&operation));
|
||||
PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
@ -42,87 +42,87 @@ Save larger than maximum-size persistent raw key
|
||||
save_large_persistent_key:PSA_CRYPTO_MAX_STORAGE_SIZE + 1:PSA_ERROR_NOT_SUPPORTED
|
||||
|
||||
Persistent key destroy
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C
|
||||
persistent_key_destroy:2:1:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
|
||||
|
||||
Persistent key destroy after restart
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C
|
||||
persistent_key_destroy:17:1:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
|
||||
|
||||
Persistent key import (RSA)
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C
|
||||
persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_SUCCESS
|
||||
|
||||
Persistent key import with restart (RSA)
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C
|
||||
persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":1:PSA_SUCCESS
|
||||
|
||||
Persistent key import (RSA) invalid key id (VENDOR_MIN)
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C
|
||||
persistent_key_import:256:PSA_KEY_ID_VENDOR_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
Persistent key import (RSA) invalid key id (VOLATILE_MIN)
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C
|
||||
persistent_key_import:256:PSA_KEY_ID_VOLATILE_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
Persistent key import (RSA) invalid key id (VENDOR_MAX)
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C
|
||||
persistent_key_import:256:PSA_KEY_ID_VENDOR_MAX:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
Persistent key import garbage data, should fail
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C
|
||||
persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"11111111":0:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
import/export persistent raw key: 1 byte
|
||||
import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:0
|
||||
|
||||
import/export persistent key RSA public key: good, 1024-bit
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C
|
||||
import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:0
|
||||
|
||||
import/export persistent key RSA keypair: good, 1024-bit
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C
|
||||
import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:0:0
|
||||
|
||||
import/export persistent raw key file not exist: 1 byte
|
||||
import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:1
|
||||
|
||||
import/export persistent key RSA public key file not exist: 1024-bit
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C
|
||||
import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:1
|
||||
|
||||
import/export persistent key RSA keypair file not exist: 1024-bit
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C
|
||||
import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:0:1
|
||||
|
||||
import/export-persistent symmetric key: 16 bytes
|
||||
depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C
|
||||
import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:0:0
|
||||
|
||||
import/export persistent raw key with restart: 1 byte
|
||||
import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:0
|
||||
|
||||
import/export persistent key RSA public key with restart: good, 1024-bit
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C
|
||||
import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1:0
|
||||
|
||||
import/export persistent key RSA keypair with restart: good, 1024-bit
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C
|
||||
import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:1:0
|
||||
|
||||
import/export persistent raw key file not exist with restart: 1 byte
|
||||
import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:1
|
||||
|
||||
import/export persistent key RSA public key file not exist with restart: 1024-bit
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C
|
||||
import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1:1
|
||||
|
||||
import/export persistent key RSA keypair file not exist with restart: 1024-bit
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C
|
||||
import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:1:1
|
||||
|
||||
import/export-persistent symmetric key with restart: 16 bytes
|
||||
depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
|
||||
depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C
|
||||
import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:1:0
|
||||
|
||||
Destroy invalid id: 0
|
||||
|
||||
@ -280,11 +280,11 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_
|
||||
handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:0
|
||||
|
||||
Handshake, ECDHE-ECDSA-WITH-AES-256-CCM
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:0
|
||||
|
||||
Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
||||
handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:0
|
||||
|
||||
Handshake, PSK-WITH-AES-128-CBC-SHA
|
||||
@ -308,11 +308,11 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_
|
||||
handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:1
|
||||
|
||||
DTLS Handshake, ECDHE-ECDSA-WITH-AES-256-CCM
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:1
|
||||
|
||||
DTLS Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
||||
handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:1
|
||||
|
||||
DTLS Handshake, PSK-WITH-AES-128-CBC-SHA
|
||||
@ -420,23 +420,23 @@ depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:
|
||||
handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
|
||||
|
||||
Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, non-opaque
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM
|
||||
|
||||
Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_ANY_HASH
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM
|
||||
|
||||
Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_SHA_256
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM
|
||||
|
||||
Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad alg
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
|
||||
|
||||
Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad usage
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
|
||||
|
||||
Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, non-opaque
|
||||
@ -456,23 +456,23 @@ depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER
|
||||
handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
|
||||
|
||||
Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, non-opaque
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
||||
handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
|
||||
|
||||
Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_ANY_HASH
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
|
||||
|
||||
Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_SHA_384
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
|
||||
|
||||
Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing alg
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
|
||||
|
||||
Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing usage
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
|
||||
|
||||
Sending app data via TLS, MFL=512 without fragmentation
|
||||
@ -3133,7 +3133,7 @@ SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #1
|
||||
# - App data payload: 70696e67
|
||||
# - Complete record: 1703030015c74061535eb12f5f25a781957874742ab7fb305dd5
|
||||
# - Padding used: No (== granularity 1)
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_ECDSA_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
ssl_tls13_record_protection:MBEDTLS_TLS1_3_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"70696e67":"c74061535eb12f5f25a781957874742ab7fb305dd5"
|
||||
|
||||
SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2
|
||||
@ -3144,7 +3144,7 @@ SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2
|
||||
# - App data payload: 706f6e67
|
||||
# - Complete record: 1703030015370e5f168afa7fb16b663ecdfca3dbb81931a90ca7
|
||||
# - Padding used: No (== granularity 1)
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_ECDSA_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
ssl_tls13_record_protection:MBEDTLS_TLS1_3_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"706f6e67":"370e5f168afa7fb16b663ecdfca3dbb81931a90ca7"
|
||||
|
||||
SSL TLS 1.3 Record Encryption RFC 8448 Example #1
|
||||
@ -3163,7 +3163,7 @@ SSL TLS 1.3 Record Encryption RFC 8448 Example #1
|
||||
# 62 97 4e 1f 5a 62 92 a2 97 70 14 bd 1e 3d ea e6
|
||||
# 3a ee bb 21 69 49 15 e4
|
||||
# - Padding used: No (== granularity 1)
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_ECDSA_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
ssl_tls13_record_protection:MBEDTLS_TLS1_3_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"a23f7054b62c94d0affafe8228ba55cbefacea42f914aa66bcab3f2b9819a8a5b46b395bd54a9a20441e2b62974e1f5a6292a2977014bd1e3deae63aeebb21694915e4"
|
||||
|
||||
SSL TLS 1.3 Record Encryption RFC 8448 Example #2
|
||||
@ -3182,12 +3182,12 @@ SSL TLS 1.3 Record Encryption RFC 8448 Example #2
|
||||
# fc c4 9c 4b f2 e5 f0 a2 1c 00 47 c2 ab f3 32 54
|
||||
# 0d d0 32 e1 67 c2 95 5d
|
||||
# - Padding used: No (== granularity 1)
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_ECDSA_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
ssl_tls13_record_protection:MBEDTLS_TLS1_3_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Application secrets derivation helper
|
||||
# Vector from RFC 8448
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_ECDSA_C:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_PK_CAN_ECDSA_SOME:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
ssl_tls13_derive_application_secrets:PSA_ALG_SHA_256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1":"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691":"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Resumption secrets derivation helper
|
||||
|
||||
@ -18,6 +18,12 @@
|
||||
#include <constant_time_internal.h>
|
||||
#include <test/constant_flow.h>
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#define PSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
|
||||
psa_to_ssl_errors, \
|
||||
psa_generic_status_to_mbedtls)
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
|
||||
@ -1159,6 +1165,12 @@ int mbedtls_ssl_write_fragment(mbedtls_ssl_context *ssl, unsigned char *buf,
|
||||
int buf_len, int *written,
|
||||
const int expected_fragments)
|
||||
{
|
||||
/* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is
|
||||
* a valid no-op for TLS connections. */
|
||||
if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
|
||||
TEST_ASSERT(mbedtls_ssl_write(ssl, NULL, 0) == 0);
|
||||
}
|
||||
|
||||
int ret = mbedtls_ssl_write(ssl, buf + *written, buf_len - *written);
|
||||
if (ret > 0) {
|
||||
*written += ret;
|
||||
@ -1197,6 +1209,12 @@ int mbedtls_ssl_read_fragment(mbedtls_ssl_context *ssl, unsigned char *buf,
|
||||
int buf_len, int *read,
|
||||
int *fragments, const int expected_fragments)
|
||||
{
|
||||
/* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is
|
||||
* a valid no-op for TLS connections. */
|
||||
if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
|
||||
TEST_ASSERT(mbedtls_ssl_read(ssl, NULL, 0) == 0);
|
||||
}
|
||||
|
||||
int ret = mbedtls_ssl_read(ssl, buf + *read, buf_len - *read);
|
||||
if (ret > 0) {
|
||||
(*fragments)++;
|
||||
@ -1299,27 +1317,27 @@ static int psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform,
|
||||
transform->psa_key_enc, transform->psa_alg);
|
||||
|
||||
if (status != PSA_SUCCESS) {
|
||||
return psa_ssl_status_to_mbedtls(status);
|
||||
return PSA_TO_MBEDTLS_ERR(status);
|
||||
}
|
||||
|
||||
status = psa_cipher_set_iv(&cipher_op, iv, iv_len);
|
||||
|
||||
if (status != PSA_SUCCESS) {
|
||||
return psa_ssl_status_to_mbedtls(status);
|
||||
return PSA_TO_MBEDTLS_ERR(status);
|
||||
}
|
||||
|
||||
status = psa_cipher_update(&cipher_op,
|
||||
input, ilen, output, ilen, olen);
|
||||
|
||||
if (status != PSA_SUCCESS) {
|
||||
return psa_ssl_status_to_mbedtls(status);
|
||||
return PSA_TO_MBEDTLS_ERR(status);
|
||||
}
|
||||
|
||||
status = psa_cipher_finish(&cipher_op,
|
||||
output + *olen, ilen - *olen, &part_len);
|
||||
|
||||
if (status != PSA_SUCCESS) {
|
||||
return psa_ssl_status_to_mbedtls(status);
|
||||
return PSA_TO_MBEDTLS_ERR(status);
|
||||
}
|
||||
|
||||
*olen += part_len;
|
||||
@ -1614,7 +1632,7 @@ static int build_transforms(mbedtls_ssl_transform *t_in,
|
||||
&key_bits);
|
||||
|
||||
if (status != PSA_SUCCESS) {
|
||||
ret = psa_ssl_status_to_mbedtls(status);
|
||||
ret = PSA_TO_MBEDTLS_ERR(status);
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
@ -1633,7 +1651,7 @@ static int build_transforms(mbedtls_ssl_transform *t_in,
|
||||
&t_in->psa_key_enc);
|
||||
|
||||
if (status != PSA_SUCCESS) {
|
||||
ret = psa_ssl_status_to_mbedtls(status);
|
||||
ret = PSA_TO_MBEDTLS_ERR(status);
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
@ -1643,7 +1661,7 @@ static int build_transforms(mbedtls_ssl_transform *t_in,
|
||||
&t_out->psa_key_enc);
|
||||
|
||||
if (status != PSA_SUCCESS) {
|
||||
ret = psa_ssl_status_to_mbedtls(status);
|
||||
ret = PSA_TO_MBEDTLS_ERR(status);
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
@ -1655,7 +1673,7 @@ static int build_transforms(mbedtls_ssl_transform *t_in,
|
||||
&t_in->psa_key_dec);
|
||||
|
||||
if (status != PSA_SUCCESS) {
|
||||
ret = psa_ssl_status_to_mbedtls(status);
|
||||
ret = PSA_TO_MBEDTLS_ERR(status);
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
@ -1665,7 +1683,7 @@ static int build_transforms(mbedtls_ssl_transform *t_in,
|
||||
&t_out->psa_key_dec);
|
||||
|
||||
if (status != PSA_SUCCESS) {
|
||||
ret = psa_ssl_status_to_mbedtls(status);
|
||||
ret = PSA_TO_MBEDTLS_ERR(status);
|
||||
goto cleanup;
|
||||
}
|
||||
}
|
||||
@ -1735,7 +1753,7 @@ static int ssl_tls12_populate_session(mbedtls_ssl_session *session,
|
||||
session->peer_cert_digest,
|
||||
MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN,
|
||||
&hash_size);
|
||||
ret = psa_ssl_status_to_mbedtls(status);
|
||||
ret = PSA_TO_MBEDTLS_ERR(status);
|
||||
#else
|
||||
ret = mbedtls_md(mbedtls_md_info_from_type(
|
||||
MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE),
|
||||
@ -5679,7 +5697,7 @@ void cid_sanity()
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_C */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_PK_CAN_ECDSA_SOME */
|
||||
void raw_key_agreement_fail(int bad_server_ecdhe_key)
|
||||
{
|
||||
enum { BUFFSIZE = 17000 };
|
||||
|
||||
@ -176,7 +176,7 @@ x509_cert_info:"data_files/server3.crt":"cert. version \: 3\nserial number
|
||||
|
||||
X509 CRT information Bitstring in subject name
|
||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_cert_info:"data_files/bitstring-in-dn.pem":"cert. version \: 3\nserial number \: 02\nissuer name \: CN=Test CA 01, ST=Ecnivorp, C=XX, emailAddress=tca@example.com, O=Test CA Authority\nsubject name \: C=XX, O=tca, ST=Ecnivorp, OU=TCA, CN=Client, emailAddress=client@example.com, serialNumber=7101012255, uniqueIdentifier=?7101012255\nissued on \: 2015-03-11 12\:06\:51\nexpires on \: 2025-03-08 12\:06\:51\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n <unsupported>\next key usage \: TLS Web Client Authentication\n"
|
||||
x509_cert_info:"data_files/bitstring-in-dn.pem":"cert. version \: 3\nserial number \: 02\nissuer name \: CN=Test CA 01, ST=Ecnivorp, C=XX, emailAddress=tca@example.com, O=Test CA Authority\nsubject name \: C=XX, O=tca, ST=Ecnivorp, OU=TCA, CN=Client, emailAddress=client@example.com, serialNumber=7101012255, uniqueIdentifier=?7101012255\nissued on \: 2015-03-11 12\:06\:51\nexpires on \: 2025-03-08 12\:06\:51\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n rfc822Name \: client@example.com\next key usage \: TLS Web Client Authentication\n"
|
||||
|
||||
X509 CRT information Non-ASCII string in issuer name and subject name
|
||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
@ -206,6 +206,10 @@ X509 SAN parsing, unsupported otherName name
|
||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_parse_san:"data_files/server5-unsupported_othername.crt":""
|
||||
|
||||
X509 SAN parsing rfc822Name
|
||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_parse_san:"data_files/test_cert_rfc822name.crt.der":"type \: 1\nrfc822Name \: my@other.address\ntype \: 1\nrfc822Name \: second@other.address\n"
|
||||
|
||||
X509 CRL information #1
|
||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
|
||||
mbedtls_x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n"
|
||||
@ -2558,7 +2562,7 @@ X509 OID numstring #4 (larger number)
|
||||
x509_oid_numstr:"2a864886f70d":"1.2.840.113549":15:14
|
||||
|
||||
X509 OID numstring #5 (arithmetic overflow)
|
||||
x509_oid_numstr:"2a8648f9f8f7f6f5f4f3f2f1f001":"":100:MBEDTLS_ERR_OID_BUF_TOO_SMALL
|
||||
x509_oid_numstr:"2a8648f9f8f7f6f5f4f3f2f1f001":"":100:MBEDTLS_ERR_ASN1_INVALID_DATA
|
||||
|
||||
X509 CRT keyUsage #1 (no extension, expected KU)
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
|
||||
@ -279,7 +279,18 @@ int verify_parse_san(mbedtls_x509_subject_alternative_name *san,
|
||||
*p++ = san->san.unstructured_name.p[i];
|
||||
}
|
||||
break;/* MBEDTLS_X509_SAN_DNS_NAME */
|
||||
|
||||
case (MBEDTLS_X509_SAN_RFC822_NAME):
|
||||
ret = mbedtls_snprintf(p, n, "\nrfc822Name : ");
|
||||
MBEDTLS_X509_SAFE_SNPRINTF;
|
||||
if (san->san.unstructured_name.len >= n) {
|
||||
*p = '\0';
|
||||
return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
|
||||
}
|
||||
n -= san->san.unstructured_name.len;
|
||||
for (i = 0; i < san->san.unstructured_name.len; i++) {
|
||||
*p++ = san->san.unstructured_name.p[i];
|
||||
}
|
||||
break;/* MBEDTLS_X509_SAN_RFC822_NAME */
|
||||
default:
|
||||
/*
|
||||
* Should not happen.
|
||||
|
||||
Reference in New Issue
Block a user