Add code and unit tests for MBEDTLS_PK_ECxxx in
mbedtls_pk_get_psa_attributes().
This commit only supports built-in ECC (MBEDTLS_ECP_C). A subsequent commit
will handle driver-only ECC.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This feature was an unofficial extension which was never documented.
Now that we are removing the PK dependency in order to use only
functions from RSA module, PEM support is unavailable. Therefore
we explicitly remove it.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Temporary workaround to not run the early data test
in Windows-2013 where there is an issue with
mbedtls_vsnprintf().
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Move the setting of the debug callback to
the endpoint initialization function. That
way, no need to repeat it in various testing
scenarios.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This aims to provide a basis for negative testing
around TLS 1.3 ticket, replacing eventually the
negative tests done in ssl-opt.sh using the
dummy_ticket option.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Add ticket write/parse test functions as defined
by mbedtls_ssl_ticket_write/parse_t. They are
intended to be used in negative testing
involving tickets.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Remove the use of extern and instead use an accessor to get the address
of the test info mutex (defined only if MBEDTLS_TEST_MUTEX_USAGE is
defined, to hopefully stop more general usage)
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Only mbedtls_test_opaque_unwrap_key() is actually needed by other
test drivers to deal with opaque keys. mbedtls_test_opaque_wrap_key()
can be kept private to test_driver_key_management.c.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Make sure that extra UNPOISON calls do not cause the poisoning counter
to underflow and wrap around.
Memory that is unpoisoned multiple times should remain unpoisoned.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Some platforms may support ASan but be C99-only (no C11 support).
These platforms will support ASan metatests but not memory poisoning,
which requires C11 features.
To allow for this, create a separate platform requirement, "poison",
in metatest.c to distinguish generic ASan metatests from ones that
require suppport for memory poisoning.
In practice our platforms support both, so run "poison" tests in
the same all.sh components where we run "asan" ones.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This allows unusually-nested memory poisoning to work correctly, since
it keeps track of whether any buffers are still poisoned, rather than
just disabling poisoning at the first call to the UNPOISON() macro.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Set the C_STANDARD property on the mbedtls_test target to 11.
This requests C11 for the tests only.
If C11 is not supported the build will not fail, since
C_STANDARD_REQUIRED is not set, and memory poisoning will be disabled
by a preprocessor check on __STDC_VERSION__.
Additionally, reintroduce previous C99 enforcement on the rest of the
library.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
