mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-11 09:40:38 +00:00

Author	SHA1	Message	Date
Gilles Peskine	fc3d866ad2	mbedtls_pk_import_into_psa: implement and test Implement mbedtls_pk_import_into_psa for all PK types except RSA_ALT. This covers importing a key pair, importing a public key and importing the public part of a key pair. Test mbedtls_pk_import_into_psa() with the output of mbedtls_pk_get_psa_attributes(). Also unit-test mbedtls_pk_import_into_psa() on its own to get extra coverage, mostly for negative cases. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-02-12 17:32:44 +01:00
Gilles Peskine	069cec1737	Also check the RSA length for public keys Do for public keys what "Fix mbedtls_pk_get_bitlen() for RSA with non-byte-aligned sizes" did for key pairs. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-02-12 16:59:17 +01:00
Gilles Peskine	34a074af37	Add missing dependency on PEM Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-02-12 11:24:10 +01:00
Gilles Peskine	92fb604139	Fix mbedtls_pk_get_bitlen() for RSA with non-byte-aligned sizes Add non-regression tests. Update some test functions to not assume that byte_length == bit_length / 8. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-02-12 11:24:08 +01:00
Gilles Peskine	19f1adfc69	New function mbedtls_rsa_get_bitlen() Document, implement and test mbedtls_rsa_get_bitlen(). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-02-12 11:23:05 +01:00
Manuel Pégourié-Gonnard	2e2af414d0	Merge pull request #7604 from zvolin/feature/pkcs5-aes Add AES encrypted keys support for PKCS5 PBES2	2024-02-10 08:46:18 +00:00
Gilles Peskine	48b87ebde3	Choose a curve for tests at compile time This makes it possible to use the curve in test data. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-02-09 19:31:04 +01:00
Valerio Setti	4ade8ee5b9	test_suite_pem: more tests for ASN.1 parsing after decoding Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-09 17:44:07 +01:00
Paul Elliott	54ad01efed	Merge remote-tracking branch 'upstream/development' into make_tests_thread_safe	2024-02-09 14:33:58 +00:00
Valerio Setti	010d23f9af	test_suite_[pkparse\|x509parse]: fix return values of some PEM related error tests Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-09 06:42:18 +01:00
Valerio Setti	9de84bd677	rsa: reject buffers with data outside main SEQUENCE when parsing keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-09 06:42:18 +01:00
Ryan Everett	75e65fe24b	Reformat AES encryption test data in pkcs5 tests The added comma is needed so that these tests match the regex exceptions in analyze_outcomes.py. Moved the Encryption tests so that they are separate to decryption. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-08 15:44:43 +00:00
Ryan Everett	791fc2e24c	Merge remote-tracking branch 'upstream/development' into pkcs5_aes_new Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-08 14:26:29 +00:00
Janos Follath	7a28738205	Merge pull request #8636 from paul-elliott-arm/new_test_thread_interface New test thread interface	2024-02-08 12:35:40 +00:00
Tom Cosgrove	1dbfc8ad3c	Merge pull request #8790 from paul-elliott-arm/fix_ctr_drbg_comment Fix confusing comment in ctr drbg thread test	2024-02-08 11:11:50 +00:00
Manuel Pégourié-Gonnard	b7307630bb	Merge pull request #8703 from valeriosetti/issue7765-guards-in-asn1 Conversion function between raw and DER ECDSA signatures (guards in ASN1)	2024-02-08 08:45:30 +00:00
Manuel Pégourié-Gonnard	7bf1e98f44	Merge pull request #8740 from valeriosetti/issue8647 Move RSA basic key parsing/writing to rsa.c	2024-02-08 08:35:42 +00:00
Valerio Setti	1910390b4a	psa_util: improve leading zeros check in convert_der_to_raw_single_int() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-07 16:16:58 +01:00
Paul Elliott	bda577bb0b	Fix confusing comment in ctr drbg thread test Make it clearer where the magic number chosen for entropy_len actually comes from, and why we chose this value. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-02-07 15:13:46 +00:00
Valerio Setti	ef07fa0fc3	test_suite_psa_crypto_util: add more test for raw->der Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-07 15:16:45 +01:00
Ryan Everett	a8082c43d5	Add MBEDTLS_CIPHER_C dependencies to new pkparse tests Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-07 13:31:19 +00:00
Manuel Pégourié-Gonnard	1d7bc1ecdf	Merge pull request #8717 from valeriosetti/issue8030 PSA FFDH: feature macros for parameters	2024-02-07 10:06:03 +00:00
Ronald Cron	b3d42fddae	tests: write early data: Add HRR scenario Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-07 08:06:46 +01:00
Ronald Cron	05600e26f4	tests: write early data: Add "server rejects" scenario Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-07 08:06:46 +01:00
Ronald Cron	8fe2b01b52	tests: write early data: Add "not sent" scenario Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-07 08:06:46 +01:00
Ronald Cron	2fbbba9c51	tests: ssl: Add write early data unit test Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-07 08:06:46 +01:00
Gilles Peskine	f45589b492	Merge pull request #8198 from silabs-Kusumit/kdf_incorrect_initial_capacity KDF incorrect initial capacity	2024-02-06 17:29:43 +00:00
Gilles Peskine	137e0c1a02	Merge pull request #8761 from valeriosetti/issue4681 Re-introduce enum-like checks from CHECK_PARAMS	2024-02-06 17:29:38 +00:00
Gilles Peskine	fb7001f15b	Merge pull request #8738 from gilles-peskine-arm/pk_import_into_psa-use_usage Implement mbedtls_pk_get_psa_attributes	2024-02-06 17:28:54 +00:00
Valerio Setti	6269f3baf4	Revert "psa_util: allow larger raw buffers in mbedtls_ecdsa_raw_to_der()" This reverts commit d4fc5d9d1c76a6cb978ceb4cc74ec62b111b0007. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-06 16:55:18 +01:00
Ronald Cron	2261ab298f	tests: early data status: Add HRR scenario Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	d6dba675b8	tests: early data status: Add "server rejects" scenario Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	265273e8b3	tests: early data status: Add "not sent" scenario Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	5c208d7daf	tests: ssl: Add scenario param to early data status testing function Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	a7f94e49a8	tests: ssl: Add early data status unit test Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	bfcdc069ef	tests: ssl: Use get TLS 1.3 ticket helper for early data test Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	1f6e4e4a49	tests: ssl: Add helper function to get a TLS 1.3 ticket Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	ced99be007	tests: ssl: Add early data handshake option Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	fb53647b0b	tests: ssl: Move group list to options Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Valerio Setti	2b6a7b37f4	suite_psa_crypto_util: use 521 bits data and bit-size instead of 528 Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-06 16:21:44 +01:00
Valerio Setti	94c5806a64	suite_psa_crypto_util: make ecdsa_raw_to_der_incremental() more readable Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-06 15:49:06 +01:00
Manuel Pégourié-Gonnard	5c9cc0b30f	Merge pull request #8727 from ronald-cron-arm/tls13-ignore-early-data-when-rejected TLS 1.3: SRV: Ignore early data when rejected	2024-02-06 13:16:03 +00:00
Ronald Cron	d0a772740e	tests: early data: Complete the handshake Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 11:15:48 +01:00
Gilles Peskine	735ac3ec05	Fix builds with secp224k1 as the only curve Normally, if an elliptic curve is enabled in the legacy API then it's also enabled in the PSA API. In particular, if the legacy API has at least one curve then that curve also works with PSA. There is an exception with secp224k1 which PSA does not support. In a build with secp224k1 as the only legacy curve, MBEDTLS_PK_HAVE_ECC_KEYS is enabled (because you can use the curve through PK) but PSA does not support any elliptic curve, so we can't run PK-PSA bridge tests. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-02-06 11:11:32 +01:00
Gilles Peskine	8a85673a39	Merge remote-tracking branch 'development' into pk_import_into_psa-use_usage	2024-02-06 10:14:17 +01:00
Valerio Setti	d4fc5d9d1c	psa_util: allow larger raw buffers in mbedtls_ecdsa_raw_to_der() The only real contraint on the raw buffer is that it is large enough to contain 2 coordinates. Larger buffers are therefore allowed and the extra data will simply be ignored. Note = trying to impose a strict sizing on the raw buffer causes several failures in test suites. This suggests that it is quite common to use larger buffer to store raw signatures. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-06 08:42:42 +01:00
Valerio Setti	fe329cea3f	rsa: handle buffer length similarly in private and public key parsing Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-06 08:00:18 +01:00
Ronald Cron	33327dab85	tests: early data: Switch to mnemonics for test scenarios Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-05 18:27:04 +01:00
Valerio Setti	0e60e93c12	test_suite_psa_crypto_util: improve ecdsa_der_to_raw() Check that the parsing always fails if the input is truncated. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-05 17:59:42 +01:00
Ryan Everett	1d5fa22f9d	Fix pkcs5 aes test data Remove the keyLength parameter from the AES-256 tests. Add MBEDTLS_CIPHER_PADDING_PKCS7 to the dependencies. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-05 16:45:38 +00:00

... 3 4 5 6 7 ...

6319 Commits