mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-06 19:13:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
27,669 Commits 172 Branches 263 Tags
Commit Graph

9848 Commits

Author SHA1 Message Date
Dave Rodgman
33e1f42307 Fix use of mbedtls_psa_safer_memcmp in test code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 18:17:29 +01:00
David Horstmann
9cc6b2f446 Add missing import in test_psa_compliance.py 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 17:36:35 +01:00
David Horstmann
fd9264e65b Fix pylint errors 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 16:21:15 +01:00
Gilles Peskine
a878b663cf
Merge pull request #8090 from silabs-Kusumit/PBKDF2_higher_cost_tests 
PBKDF2: tests with higher input costs
 2023-08-29 14:00:17 +00:00
David Horstmann
41c316d3b2 Move -B switch into a single argument 
This will prevent CMake from mistaking the build directory for the
source directory

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 14:57:23 +01:00
Waleed Elmelegy
79b6e26b1b Improve mbedtls_pkcs5_pbes2_ext function test data 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-29 14:55:03 +01:00
David Horstmann
b48822c816 Appease pylint by renaming variables 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 14:12:53 +01:00
David Horstmann
beaee2604f Test PSA compliance: Build only the crypto target 
Use CMake's -t option to build only the crypto target. Parameterize the
crypto target to have the right name depending on whether this is Mbed
TLS or PSA Crypto.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 14:01:52 +01:00
David Horstmann
c69074dcf6 Tidy up reference to Mbed TLS in help message 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 13:46:11 +01:00
David Horstmann
2ba89bece6 Disable pylint error in CMake command 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 10:37:29 +01:00
David Horstmann
3b8984af5c Remove or qualify references to Mbed TLS 
Either remove exclusive references to Mbed TLS or accompany them with
references to "PSA Crypto".

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 10:32:26 +01:00
David Horstmann
f757069269 Rename 'mbedtls_dir' -> 'root_dir' 
This makes it more repo-agnostic

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 10:27:13 +01:00
David Horstmann
98af198a30 Correctly detect presence of the built library 
Use the repo-specific test not just the Mbed TLS specific one.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 10:25:54 +01:00
David Horstmann
58cf7c6c38 Use repo detection functions at start of all.sh 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 10:15:05 +01:00
David Horstmann
d02b5f8f56 Separate directory discernment into 2 functions 
Have separate in_mbedtls_repo() and in_psa_crypto_repo() functions

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-29 09:55:56 +01:00
Dave Rodgman
d395590597
Merge pull request #7579 from daverodgman/safer-ct-asm 
Arm assembly implementation of constant time primitives
 2023-08-28 08:26:29 +00:00
Gilles Peskine
8ca2041145
Merge pull request #8074 from tgonzalezorlandoarm/tg/allowlist 
Implement allowlist of test cases that are legitimately not executed
 2023-08-24 18:03:20 +00:00
David Horstmann
0ac57ca6c6 Rename is_psa_crypto -> in_psa_crypto_repo 
(For consistency with all.sh)

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:18 +01:00
David Horstmann
7f93d22ad9 Rename psa_crypto_lib_filename to just crypto_lib_filename 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:18 +01:00
David Horstmann
4dcddcfae2 Parameterize out of source build directory 
Use CMake to build the library out-of-source (rather than make)
in tests/scripts/test_psa_compliance.py and add a script argument for
the out-of-source build directory.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:18 +01:00
David Horstmann
76a7738537 Invert logic for repo detection in all.sh 
Instead of:
    ! in_psa_crypto_repo()
use
    in_mbedtls_repo()

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:18 +01:00
David Horstmann
e31014a681 Tweak test_psa_compliance pylint annotations 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:18 +01:00
David Horstmann
1d09184291 Modify test_psa_compliance.py for psa-crypto repo 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:18 +01:00
David Horstmann
9a6c45b436 Make all.sh PSA-crypto-friendly 
Introduce changes needed to run all.sh in the psa-crypto repo. Where
behaviour must differ, detect that we are in the psa-crypto repo by
checking for the 'core' directory.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-24 15:18:11 +01:00
Tomás González
d43cab3f5c Correct analyze_outcomes identation 
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
 2023-08-24 09:12:40 +01:00
Agathiyan Bragadeesh
733766bc71 Remove trailing whitespace in data file. 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-23 15:44:52 +01:00
Agathiyan Bragadeesh
de84f9d67a Add test for rejecting empty AttributeValue 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-23 11:44:04 +01:00
Gilles Peskine
e65bba4dd2
Merge pull request #7803 from gilles-peskine-arm/psa-low-hash-mac-size 
Start testing the PSA built-in drivers: hashes
 2023-08-22 11:19:41 +00:00
Tomás González
a0631446b5 Correct analyze_outcomes.py identation 
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
 2023-08-22 12:18:04 +01:00
Agathiyan Bragadeesh
ea3e83f36a Amend test in test_suite_x509write 
Needed since we now reject escaped null hexpairs in strings

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
01e9392c3f Add malformatted DER test for string_to_names 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
cab79188ca Remove redundant tests in test_suite_x509write 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
a0ba8aab2e Add test for non ascii x509 subject name 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
a953f8ab36 Remove duplicate test in test_suite_x509write 
The test for outputing a hexstring representation is actually
testing dn_gets, and is tested in test_suite_x509parse.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
957ca0595d Accept short name/ber encoded data in DNs 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
afdb187bbc Add more comprehensive string to name tests 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
e59dedbce2 Add test reject null characters in string to names 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
5ca9848513 Reword test in test_suite_x509write 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
47cc76f070 Update x509 test for numericoid/hexstring output 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
ef299d6735 Add more tests for RFC 4514 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
404b4bb9ab Add x509 tests for upper and lowercase hexpairs 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
dba8a641fe Add and update tests for x509write and x509parse 
Due to change in handling non-ascii characters, existing tests had to be
updated to handle the new implementation. New tests and certificates
are added to test the escaping functionality in edge cases.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:52 +01:00
Agathiyan Bragadeesh
ef2decbe4a Escape hexpairs characters RFC 4514 
Converts none ascii to escaped hexpairs in mbedtls_x509_dn_gets and
interprets hexpairs in mbedtls_x509_string_to_names.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:38:16 +01:00
Agathiyan Bragadeesh
48513b8639 Escape special characters RFC 4514 
This escapes special characters according to RFC 4514 in
mbedtls_x509_dn_gets and de-escapes in mbedtls_x509_string_to_names.
This commit does not handle hexpairs.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:38:16 +01:00
Tomás González
5022311c9d Tidy up allow list definition 
* Don't break string literals in the allow list definition
 * Comment each test that belongs to the allow list is there.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
 2023-08-22 09:54:28 +01:00
Tomás González
7ebb18fbd6 Make non-executed tests that are not in the allow list an error 
* Turn the warnings produced when finding non-executed tests that
   are not in the allow list into errors.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
 2023-08-22 09:47:49 +01:00
Gilles Peskine
6d14c2b858 Remove dead code 
Do explain why we don't test a smaller buffer in addition to testing the
nominal size and a larger buffer.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-22 09:59:50 +02:00
Gilles Peskine
c9187c5866 New test suite for the low-level hash interface 
Some basic test coverage for now:

* Nominal operation.
* Larger output buffer.
* Clone an operation and use it after the original operation stops.

Generate test data automatically. For the time being, only do that for
hashes that Python supports natively. Supporting all algorithms is future
work.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-22 09:59:42 +02:00
Tom Cosgrove
17d5081ffb
Merge pull request #8099 from gilles-peskine-arm/split-config_psa-prepare 
Prepare to split config_psa.h
 2023-08-22 07:30:46 +00:00
Gilles Peskine
fdb722384b Move PSA information and dependency automation into their own module 
This will let us use these features from other modules (yet to be created).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-21 18:32:11 +02:00