mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-30 06:33:06 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
20,510 Commits 170 Branches 263 Tags
Commit Graph

4050 Commits

Author SHA1 Message Date
Neil Armstrong
502da11df1 Initialize PSA crypto in test_suite_pk pk_rsa_decrypt_test_vec() when USE_PSA_CRYPTO is enabled 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-03 16:52:47 +01:00
Neil Armstrong
5b32038ff0 Alternative CSR checks in x509_csr_check when USE_PSA_CRYPTO 
The X509write x509_csr_check reference file depends on
mbedtls_test_rnd_pseudo_rand being used to match the pre-generated data.
This calls x509_crt_verifycsr() like in x509_csr_check_opaque() when
MBEDTLS_USE_PSA_CRYPTO is defined.

Notably using PSA_ALG_DETERMINISTIC_ECDSA() in ecdsa_sign_wrap() makes
this test run without these changes.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-03 16:44:06 +01:00
Neil Armstrong
5f8328b2f6 Initialize PSA crypto in test_suite_x509write for RSA signing tests 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-03 16:39:39 +01:00
Neil Armstrong
c921bfdf30 Fix 80 characters indentation in pk_rsa_encrypt_decrypt_test() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-03 16:33:39 +01:00
Neil Armstrong
7f1055223d Remove pk_rsa_encrypt_test_vec() test in favor to pk_rsa_encrypt_decrypt_test() 
Not checking the encrypt result with PSA makes the test useless.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-03 16:33:39 +01:00
Neil Armstrong
dac2f23a82 Stop checking against reference vector in pk_rsa_encrypt_test_vec when USE_PSA_CRYPTO 
The pk_rsa_encrypt_test_vec() reference vector is calculated while using
mbedtls_test_rnd_pseudo_rand rng source, but since the RNG souce can't
be controlled when USE_PSA_CRYPTO is enabled we can't get the same
result.

The pk_rsa_encrypt_test_vec() fails when switching to mbedtls_test_rnd_std_rand
as rng source.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-03 16:33:39 +01:00
Neil Armstrong
e0df42cbb7 Introduce pk_rsa_encrypt_decrypt_test 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-03 16:33:39 +01:00
Neil Armstrong
445d2192d5 Initialize PSA crypto in test_suite_pk pk_rsa_encrypt_test_vec() & pk_rsa_alt() when USE_PSA_CRYPTO is enabled 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-03 16:33:39 +01:00
Neil Armstrong
fe6da1c35c Fix style issues in mac_sign_verify_multi() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-03 16:29:14 +01:00
Gilles Peskine
052deb941f
Merge pull request #5554 from tom-daubney-arm/fix_uninitialised_buffers_in_tests 
Fix uninitialised buffers in tests - Coverity issue
 2022-03-03 13:30:58 +01:00
Gilles Peskine
d929dbbb25
Merge pull request #5368 from mfil/feature/additional_md_getters 
Add function to get message digest info from context
 2022-03-02 16:44:26 +01:00
Przemek Stekiel
38df86cc6c Simplyfy asymmetric_decrypt() test function 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-02 09:11:04 +01:00
Gilles Peskine
92e08fba4c
Merge pull request #5475 from miudr/fix_issue_5140 
Fix AEAD multipart incorrect offset in test_suite_psa_crypto.function
 2022-03-01 20:45:54 +01:00
Przemek Stekiel
4400be408b Adapt test cases for invalid bits with and without ECC keys enabled 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-01 17:02:46 +01:00
Przemek Stekiel
dcab6ccb3b Return PSA_ERROR_INVALID_ARGUMENT for a public key, and PSA_ERROR_NOT_SUPPORTED for a type that is not handled. 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-01 14:29:49 +01:00
Neil Armstrong
4766f99fe5 Add multi-part mac sign/verify test 
The test is based on the AEAD multi-part test, re-using the
design on aead_multipart_internal_func() to test differnet
sequence of psa_mac_update() for MAC update or verify.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-28 18:37:30 +01:00
Neil Armstrong
60234f87a6 Revert "Introduce new mac_key_policy_multi() variant of mac_key_policy() testing multiple updates occurences" 
This reverts commit 3ccd08b34344268679b81f7634cbf7b0bae87d40.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-28 15:21:38 +01:00
Gilles Peskine
9c656ec718 Fix unused function warning 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-26 19:56:12 +01:00
Glenn Strauss
36872dbd0b Provide means to reset handshake cert list 
Extend mbedtls_ssl_set_hs_own_cert() to reset handshake cert list
if cert provided is null.  Previously, mbedtls_ssl_set_hs_own_cert()
only provided a way to append to the handshake certificate list,
without providing a way to replace the handshake certificate list.

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-02-25 19:55:48 -05:00
Neil Armstrong
3ccd08b343 Introduce new mac_key_policy_multi() variant of mac_key_policy() testing multiple updates occurences 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-25 16:15:08 +01:00
Neil Armstrong
ee9686b446 Fix style issue in hash_setup() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-25 15:47:34 +01:00
Neil Armstrong
e858996413 Use PSA version of mbedtls_ct_hmac() in mbedtls_ssl_decrypt_buf() 
Due to mbedtls_ct_hmac() implementation the decryption MAC key
must be exportable.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-25 15:17:50 +01:00
Neil Armstrong
2968d306e4 Implement mbedtls_ct_hmac() using PSA hash API 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-25 15:16:50 +01:00
Neil Armstrong
cf8841a076 Remove non-PSA MAC keys in mbedtls_ssl_transform when MBEDTLS_USE_PSA_CRYPTO is defined 
Also remove last usage of non-PSA MAC keys in ssl_decrypt_non_etm_cbc() SSL test.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-25 15:16:49 +01:00
Neil Armstrong
4f091290bd Remove Obsolete SSLs tests with truncated MAC tags & NULL/CBC cipher 
These tests are related to an obsolete feature removed from the library.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-25 15:16:49 +01:00
Neil Armstrong
f4cc062935 Setup MAC PSA keys in build_transforms() to pass ssl_crypt_record() with PSA crypto 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-25 15:16:49 +01:00
Neil Armstrong
46a1760922 Allow USE_PSA_CRYPTO for handshake TLS tests 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-25 15:16:49 +01:00
Przemyslaw Stekiel
aeaa4f0651 Code optimization 
- fix codding style
- fix comments and descriptions
- add helper function for montgomery curve
- move N-2 calculation outside the loop
- fix access to <data> bytes: *data[x] -> (*data)[x]

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel
f6c2c87492 Fix ECC derivation tests 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel
7b6e61a132 Add test vectors for ECC key excercise 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel
50fcc535e5 Add Weierstrass curve/bits consistancy check + negative test vectors 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel
02cf12ff92 Enable tests for Montgomery curves 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel
8590f3b5ff Enable related test vectors 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel
696b120650 Add tests for ECC key derivation 
Test code and test vectors are taken from PR #5218

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-22 13:35:26 +01:00
Neil Armstrong
66a479f8fb Add Cipher Decrypt Fail multi-part case 
Make `PSA symetric decrypt: CCM*-no-tag, input too short (15 bytes)`
depend on MBEDTLS_CCM_C otherwise the multi-part test fails on
the missing CCM* instead on the input length validity for CCM*.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
d8dba4e0aa Add Cipher Encrypt Fail multi-part case 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
3ee335dbe3 Add Cipher Encrypt multi-part case 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
752d811015 Add AEAD Key Policy check multi-part cases 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
78aeaf8ad7 Add Cipher Key Policy check one-shot cases 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
3af9b97a29 Add Multipart Message authentication Compute & Verify cases 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
ca30a00aad Add Multipart Hash Compute & Compare tests 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
55a1be1f48 Add Multipart Hash Compare fail tests 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
161ec5c368 Add Multipart Hash Compute fail tests 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
edb20865c7 Add One-Shot Hash setup test 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Przemyslaw Stekiel
d9fa99917e Extend test coverage for transparent driver decryption. 
Encryption is not deterministic and can not be verified by a know-answer test.
Encryption is already verified via encrypt-decrypt test.

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-22 09:36:35 +01:00
Ronald Cron
4579a972bf
Merge pull request #5426 from gilles-peskine-arm/ssl-get-version-3.1 
Add accessors to mbedtls_ssl_context: user data, version
ABI-API-checking fails which was expected as this PR adds a new field in mbedtls_ssl_context and mbedtls_ssl_config.
 2022-02-21 17:03:24 +01:00
Manuel Pégourié-Gonnard
e3a2dd787e
Merge pull request #5521 from AndrzejKurek/rsa-pss-use-psa 
Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO
 2022-02-21 16:58:57 +01:00
Gabor Mezei
4fded1359a
Use PSA_INIT() 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-02-21 15:47:24 +01:00
Gabor Mezei
c5efb8e58b
Use PSA error code 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-02-21 15:46:38 +01:00
Gabor Mezei
5d7d201b87
Update test 
Testing the hash length in this context is not applicable because there is no way
to specify it when calling mbedtls_psa_hkdf_extract.
Change to test invalid `alg` parameter.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-02-21 15:46:33 +01:00