1d33876d37
Fix some preprocessor guards
...
Fix the build in some configurations.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-12 19:07:45 +01:00
74860ddec2
Don't define pk_sign_verify in configurations where it's unused
...
In some configurations (e.g. ECDH but no ECDSA or RSA), the PK module is
useful but cannot perform any signatures. Then modern GCC complains:
```
../source/tests/suites/test_suite_pk.function: In function ‘test_pk_sign_verify’:
../source/tests/suites/test_suite_pk.function:1136:12: error: array subscript 0 is outside array bounds of ‘unsigned char[0]’ [-Werror=array-bounds]
../source/tests/suites/test_suite_pk.function:1094:19: note: while referencing sig’
…
```
This fixes test-ref-configs.pl with a modern GCC (specifically with
config-thread.h).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-12 19:07:45 +01:00
35cb319832
depends.py: set unique configuration names in outcome file
...
Set unique configuration names in the outcome file. This was lost in the
rewrite from depends-*.pl to depends.py.
Fix #7290
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-12 17:32:44 +01:00
157679c0d5
mbedtls_pk_import_into_psa: positive tests with pkparse output
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-12 17:32:44 +01:00
10e9c412c0
mbedtls_pk_import_into_psa: negative tests for different ECC curve
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-12 17:32:44 +01:00
fc3d866ad2
mbedtls_pk_import_into_psa: implement and test
...
Implement mbedtls_pk_import_into_psa for all PK types except RSA_ALT.
This covers importing a key pair, importing a public key and importing
the public part of a key pair.
Test mbedtls_pk_import_into_psa() with the output of
mbedtls_pk_get_psa_attributes(). Also unit-test mbedtls_pk_import_into_psa()
on its own to get extra coverage, mostly for negative cases.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-12 17:32:44 +01:00
fdb809ef86
exercise_key: fix asymmetric encrypt/decrypt with >2028-bit RSA
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-12 17:31:03 +01:00
4781bd9773
exercise_key: allow SIGN_MESSAGE/VERIFY_MESSAGE with PSA_ALG_ANY_HASH
...
There was already code to instantiate the wildcard for sign/verify-hash.
Make that work with sign/verify-message as well.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-12 17:30:27 +01:00
069cec1737
Also check the RSA length for public keys
...
Do for public keys what
"Fix mbedtls_pk_get_bitlen() for RSA with non-byte-aligned sizes"
did for key pairs.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-12 16:59:17 +01:00
54e6b412bd
Generate all test wrappers
...
One was missed due to a typo
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com >
2024-02-12 12:49:22 +00:00
27b48a312f
Generate test wrappers
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com >
2024-02-12 12:49:19 +00:00
a1cf1010cc
Generate test wrappers for mac functions
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com >
2024-02-12 12:07:35 +00:00
45c8586a91
Generate test wrappers for hash functions
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com >
2024-02-12 11:43:03 +00:00
34a074af37
Add missing dependency on PEM
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-12 11:24:10 +01:00
92fb604139
Fix mbedtls_pk_get_bitlen() for RSA with non-byte-aligned sizes
...
Add non-regression tests. Update some test functions to not assume that
byte_length == bit_length / 8.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-12 11:24:08 +01:00
19f1adfc69
New function mbedtls_rsa_get_bitlen()
...
Document, implement and test mbedtls_rsa_get_bitlen().
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-12 11:23:05 +01:00
2e2af414d0
Merge pull request #7604 from zvolin/feature/pkcs5-aes
...
Add AES encrypted keys support for PKCS5 PBES2
2024-02-10 08:46:18 +00:00
48b87ebde3
Choose a curve for tests at compile time
...
This makes it possible to use the curve in test data.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-09 19:31:04 +01:00
4ade8ee5b9
test_suite_pem: more tests for ASN.1 parsing after decoding
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-09 17:44:07 +01:00
a6ac0f1330
Replaced MBEDTLS_GCM_LARGETABLE by MBEDTLS_GCM_LARGE_TABLE. Removed empty comment line in doc block.
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com >
2024-02-09 17:11:54 +01:00
5d2bcc63cd
Fix typo / improve documentation for test step fns
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2024-02-09 14:41:24 +00:00
54ad01efed
Merge remote-tracking branch 'upstream/development' into make_tests_thread_safe
2024-02-09 14:33:58 +00:00
67f3568895
Reduce analyze_block_cipher_dispatch exceptions
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-02-09 13:02:23 +00:00
c7fa82ee33
tests: ssl: Improve test parameter sanity check
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-09 09:33:09 +01:00
010d23f9af
test_suite_[pkparse|x509parse]: fix return values of some PEM related error tests
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-09 06:42:18 +01:00
9de84bd677
rsa: reject buffers with data outside main SEQUENCE when parsing keys
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-09 06:42:18 +01:00
75e65fe24b
Reformat AES encryption test data in pkcs5 tests
...
The added comma is needed so that these tests match the regex exceptions
in analyze_outcomes.py.
Moved the Encryption tests so that they are separate to decryption.
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-02-08 15:44:43 +00:00
afb2eee263
Add PKCS5/12 exceptions to analyze_block_cipher_dispatch
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-02-08 14:31:54 +00:00
791fc2e24c
Merge remote-tracking branch 'upstream/development' into pkcs5_aes_new
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-02-08 14:26:29 +00:00
782667883a
Fix:
...
- Remove unnecessary tests.
- Update description of MBEDTLS_GCM_LARGETABLE parameter.
- Move acceleration defines from gcm.h to gcm.c.
- Remove unnecessary zero setting after shift.
- Fix implementation for big-endian architectures.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com >
2024-02-08 13:59:15 +01:00
7a28738205
Merge pull request #8636 from paul-elliott-arm/new_test_thread_interface
...
New test thread interface
2024-02-08 12:35:40 +00:00
90abb224f7
ssl-opt.sh: Establish TLS 1.3 then TLS 1.2 session
...
Add a test where first we establish a
TLS 1.3 session, then a TLS 1.2 one
with the same server.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-08 12:12:58 +01:00
1dbfc8ad3c
Merge pull request #8790 from paul-elliott-arm/fix_ctr_drbg_comment
...
Fix confusing comment in ctr drbg thread test
2024-02-08 11:11:50 +00:00
587cfe65ca
ssl-opt.sh: Establish TLS 1.2 then TLS 1.3 connection
...
Add a test where first we establish a
TLS 1.2 session, then a TLS 1.3 one
with the same server.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-08 12:09:42 +01:00
b7307630bb
Merge pull request #8703 from valeriosetti/issue7765-guards-in-asn1
...
Conversion function between raw and DER ECDSA signatures (guards in ASN1)
2024-02-08 08:45:30 +00:00
7bf1e98f44
Merge pull request #8740 from valeriosetti/issue8647
...
Move RSA basic key parsing/writing to rsa.c
2024-02-08 08:35:42 +00:00
eb8c665a53
Reformat wrapper generation code
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-02-07 17:32:16 +00:00
0f54727bf4
Restructure wrapper script
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-02-07 17:32:16 +00:00
198a4d98d5
Generate test wrappers for key derivation
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-02-07 17:32:16 +00:00
1910390b4a
psa_util: improve leading zeros check in convert_der_to_raw_single_int()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-07 16:16:58 +01:00
bda577bb0b
Fix confusing comment in ctr drbg thread test
...
Make it clearer where the magic number chosen for entropy_len actually
comes from, and why we chose this value.
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2024-02-07 15:13:46 +00:00
ef07fa0fc3
test_suite_psa_crypto_util: add more test for raw->der
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-07 15:16:45 +01:00
a8082c43d5
Add MBEDTLS_CIPHER_C dependencies to new pkparse tests
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-02-07 13:31:19 +00:00
0767fdadbf
Enhance GCM throughput using larger precalculated tables. Also refactored the code for shorter tables and moved the check for available accelerators to the context initialization code.
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com >
2024-02-07 13:17:50 +01:00
292b1dc1e1
Merge pull request #8789 from paul-elliott-arm/fix_tsan_gcc
...
Stop platform test failures with GCC and TSAN
2024-02-07 11:32:39 +00:00
1d7bc1ecdf
Merge pull request #8717 from valeriosetti/issue8030
...
PSA FFDH: feature macros for parameters
2024-02-07 10:06:03 +00:00
b3d42fddae
tests: write early data: Add HRR scenario
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-07 08:06:46 +01:00
05600e26f4
tests: write early data: Add "server rejects" scenario
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-07 08:06:46 +01:00
8fe2b01b52
tests: write early data: Add "not sent" scenario
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-07 08:06:46 +01:00
2fbbba9c51
tests: ssl: Add write early data unit test
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-07 08:06:46 +01:00
