Do for public keys what
"Fix mbedtls_pk_get_bitlen() for RSA with non-byte-aligned sizes"
did for key pairs.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add non-regression tests. Update some test functions to not assume that
byte_length == bit_length / 8.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The added comma is needed so that these tests match the regex exceptions
in analyze_outcomes.py.
Moved the Encryption tests so that they are separate to decryption.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Make it clearer where the magic number chosen for entropy_len actually
comes from, and why we chose this value.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Normally, if an elliptic curve is enabled in the legacy API then it's also
enabled in the PSA API. In particular, if the legacy API has at least one
curve then that curve also works with PSA. There is an exception with
secp224k1 which PSA does not support. In a build with secp224k1 as the only
legacy curve, MBEDTLS_PK_HAVE_ECC_KEYS is enabled (because you can use the
curve through PK) but PSA does not support any elliptic curve, so we can't
run PK-PSA bridge tests.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The only real contraint on the raw buffer is that it is large
enough to contain 2 coordinates. Larger buffers are therefore
allowed and the extra data will simply be ignored.
Note = trying to impose a strict sizing on the raw buffer causes
several failures in test suites. This suggests that it is
quite common to use larger buffer to store raw signatures.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Remove the keyLength parameter from the AES-256 tests.
Add MBEDTLS_CIPHER_PADDING_PKCS7 to the dependencies.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Use PSA_VENDOR_ECC_MAX_CURVE_BITS instead of a specific curve since
what we care about is only bit-size not the curve itself.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
These values are not mathematically valid as signature, but as
for what it concerns with ECDSA conversion functions, 0 values
in DER format should be translated to 0 values in raw format.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Allow the function to support DER buffers than what it is nominally
required by the provided coordinates. In other words let's ignore
padding zeros in the raw number.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Temporary workaround to not run the early data test
in Windows-2013 where there is an issue with
mbedtls_vsnprintf().
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
We'll test more fully by adding a call to mbedtls_pk_import_into_psa() once
that function is implemented.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The test code to construct test keys and the implementation had matching
errors: both assumed that there was a PSA public key object. Fix this.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
