db305ff42e
X.509: Improve negative testing for SubjectAltName parsing
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-02-07 05:10:29 -05:00
ae8f8c435c
Fix X.509 SAN parsing
...
Fixes #2838 . See the issue description for more information.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-02-07 05:10:27 -05:00
a0c806aac1
Merge pull request #7003 from lpy4105/issue/do-not-run-x86-tests-on-arm64
...
all.sh: test_m32_xx is not supported on arm64 host
2023-02-07 10:26:10 +01:00
4c77601832
Merge pull request #6975 from davidhorstmann-arm/c-build-helper-improvements
...
Minor improvements to `c_build_helper.py`
2023-02-07 10:25:59 +01:00
b3b85ddf4a
Disable macro conflict check
...
It cause full configuration test fail
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-02-07 17:11:54 +08:00
e908c57f95
Disable clang tests
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-02-07 17:11:53 +08:00
32f977e820
Add arm64 tests on travis ci
...
Due to time limitation of travis, the job is spited into
two job
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-02-07 17:11:53 +08:00
e51eddce38
disable aesce when ASM not available
...
Change-Id: Icd53a620cc3aed437b0e0e022ca5a36f29caeea1
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-02-07 17:11:53 +08:00
2bb3d8101f
Add en(de)crypt routine
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-02-07 17:11:53 +08:00
e096da1af6
Add inverse key function
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-02-07 17:11:52 +08:00
3f2fb71072
Add key expansion for encrypt
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-02-07 17:11:52 +08:00
b95c776c43
Add linux runtime detection
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-02-07 17:11:52 +08:00
49231319fd
Add empty aesce files
...
For time being, we only support gcc and clang
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-02-07 17:11:52 +08:00
2fddfd7f8f
Add AESCE confige options
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-02-07 17:11:51 +08:00
3f9961bfca
compat.sh: remove G_CLIENT_PRIO as it's not used
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com >
2023-02-07 16:36:51 +08:00
a89c4d51f7
compat.sh: display "no" even if $VERIFY=YES for PSK test cases
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com >
2023-02-07 16:36:51 +08:00
5d646e705d
compat.sh: do not filter PSK ciphersuites for GnuTLS if $VERIFY=YES
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com >
2023-02-07 16:36:51 +08:00
c66a46f734
compat.sh: remove check_openssl_server_bug
...
As there is no $VERIFY for PSK test cases,
check_openssl_server_bug is not functional in compat.sh.
Signed-off-by: Yanray Wang <yanray.wang@arm.com >
2023-02-07 16:36:51 +08:00
35c0eadf0f
compat.sh: avoid running duplicate test cases for PSK
...
With the introduction of PSK_TESTS,
- Either `compat.sh -V NO` or `compat.sh -V YES` runs the PSK tests
- `compat.sh` or `compat.sh -V "NO YES"` runs PSK tests only once
Signed-off-by: Yanray Wang <yanray.wang@arm.com >
2023-02-07 16:36:51 +08:00
dae7057e1f
compat.sh: ignore $VERIFY in PSK TYPE
...
There is no need to provide CA file in PSK. Thus VERIFY is
meaningless for PSK. This change omits the arguments passed to
the client and server for $VERIFY=YES.
Signed-off-by: Yanray Wang <yanray.wang@arm.com >
2023-02-07 16:36:20 +08:00
1cdddacc62
pk_wrap: use proper macros for sign and verify
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-02-07 08:02:23 +01:00
5c593af271
pk_wrap: fix comment on closing #endif
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-02-07 08:02:23 +01:00
0568decc0c
ecdsa: add comment for ecdsa_context
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-02-07 08:02:23 +01:00
24138d9f83
pk_wrap: re-use identical functions for eckey and ecdsa when possible
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-02-07 08:02:23 +01:00
7ca1318256
pk: add new symbol for generic ECDSA capability
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-02-07 08:02:23 +01:00
bf74f52920
test: add a comment specifying why restartable cannot be tested
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-02-07 08:02:23 +01:00
9e30dd882d
removing a leftover printf from debug
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-02-07 08:02:23 +01:00
4836374088
test: ECDSA driver only: fixing disparities in tests
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-02-07 08:02:23 +01:00
ab363d9fe1
pk/pk_wrap: replace ECDSA_C with generic ECDSA capabilities' defines
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-02-07 08:02:23 +01:00
cf084ae256
pk: add generic defines for ECDSA capabilities
...
The idea is to state what are ECDSA capabilities independently from how
this is achieved
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-02-07 08:02:23 +01:00
4e0278d710
test: ECDSA driver only: disable ECP_RESTARTABLE
...
This is not yet supported in driver only implementation
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-02-07 08:02:23 +01:00
4e26df99aa
test: ECDSA driver_only: verify disparities in PK
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-02-07 08:02:23 +01:00
63aae68b8f
Fix documentation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-02-06 16:24:08 +01:00
f31c9e441b
Merge pull request #7019 from tom-cosgrove-arm/dont-use-cast-assignment-in-ssl_server2.c
...
Don't use cast-assignment in ssl_server.c
2023-02-06 12:13:08 +00:00
1aabe5c4d7
Fix typos
...
Signed-off-by: Jan Bruckner <jan@janbruckner.de >
2023-02-06 12:54:53 +01:00
aa31b19395
Extend test framework for Record Size Limit Extension
...
Fixes #7006
Signed-off-by: Jan Bruckner <jan@janbruckner.de >
2023-02-06 12:54:29 +01:00
cced3521cb
Fix style in test_suite_md.function
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-02-06 12:37:02 +01:00
94c9c96c94
Merge pull request #6998 from aditya-deshpande-arm/fix-example-programs-usage
...
Fix incorrect dispatch to USAGE in example programs, which causes uninitialized memory to be used
2023-02-06 09:53:50 +00:00
81cf5ad347
Improve tests/scripts/depends.py code
...
As suggested by gilles-peskine-arm.
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com >
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-02-06 10:48:43 +01:00
50886c25f3
pkcs7/test: Add test for parsing a disabled algorithm
...
If the digest algorithm is not compiled into Mbedtls,
then any pkcs7 structure which uses this algorithm
should fail with MBEDTLS_ERR_PKCS7_INVALID_ALG.
Add test for this case.
Signed-off-by: Nick Child <nick.child@ibm.com >
2023-02-03 20:33:12 +00:00
6291cc2444
pkcs7/test: Remove f strings in generator script
...
MbedTLS CI uses python v3.5, f strings are not supported
until v3.6 . Remove f string's from generate_pkcs7_tests.py.
Signed-off-by: Nick Child <nick.child@ibm.com >
2023-02-03 20:33:12 +00:00
de85725507
Don't use cast-assignment in ssl_server.c
...
Would have used mbedtls_put_unaligned_uint32(), but alignment.h is in library/.
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2023-02-03 16:38:05 +00:00
9b45f6bb68
Fix more argc checks
...
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com >
2023-02-03 16:15:30 +00:00
10ada35019
Merge pull request #7022 from daverodgman/3DES-warning
...
Improve warnings for DES/3DES
2023-02-03 16:41:34 +01:00
0cfb08ddf1
Merge pull request #6922 from mprse/csr_v3
...
Parsing v3 extensions from a CSR - v.2
2023-02-03 16:41:11 +01:00
f5e2331f8a
Use TEST_EQUAL when applicable in test_suite_md
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-02-03 12:51:03 +01:00
b707bedca4
Avoid unnecessary copy in test_suite_md
...
Also avoids buffer with an arbitrary size while at it.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-02-03 12:32:41 +01:00
4ba98f5350
Use MBEDTLS_MD_MAX_SIZE in test_suite_md
...
Not only was the size of 100 arbitrary, it's also not great for testing:
using MBEDTLS_MD_MAX_SIZE will get us an ASan error if it ever is too
small.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-02-03 12:25:53 +01:00
c90514ee11
Use MD type not string to in MD test data
...
For all test that want to use a hash, identify it by its numerical type
rather than a string. The motivation is that when we isolate the
MD-light subset from the larger MD, it won't have support for string
identifiers. Do the change for all tests, not just those that will
exercise functions in MD-light, for the sake of uniformity and because
numerical identifiers just feel better.
Note: mbedtls_md_info_from_string is still tested in md_info().
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-02-03 12:13:10 +01:00
80c552556a
Merge pull request #6791 from yanrayw/6675-change-some-key-generation-funcs-to-static
...
TLS 1.3: Key Generation: change some key generation functions to static
2023-02-03 11:56:35 +01:00
