mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-03 19:13:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
27,313 Commits 172 Branches 263 Tags
Commit Graph

5740 Commits

Author SHA1 Message Date
Gabor Mezei
92ce4c2cbf
Fix ecp variant check 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-07-14 14:43:22 +02:00
Paul Elliott
3c22366695
Merge pull request #7863 from valeriosetti/issue7790 
PK: parse: fix disparity with private Montgomery keys
 2023-07-11 18:02:12 +01:00
Dave Rodgman
84eaefa43e Use designated initializers for mbedtls_mpi 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-11 16:02:46 +01:00
Paul Elliott
88f34e3348
Merge pull request #7703 from gabor-mezei-arm/7598_clone_the_eco_module 
[Bignum] Clone the ECP module
 2023-07-11 15:00:01 +01:00
Valerio Setti
acab57b6b4 test: replace RSA_KEY_PAIR_LEGACY with proper symbols 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-11 14:06:00 +02:00
Valerio Setti
1e6063c8ee test: set MBEDTLS_ECP_DP dependency also for Montgomery curves 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-11 11:28:22 +02:00
Valerio Setti
d476faa595 test: add more tests for Montgomery's invalid masks 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-11 11:28:22 +02:00
Valerio Setti
aed87994da test: verify that Montgomery keys can be fixed on parsing 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-11 11:28:22 +02:00
Valerio Setti
4a09dcc6f6 test: replace ECP_DP_CURVE25519_ENABLED with PSA_WANT_ECC_MONTGOMERY_255 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-11 11:28:22 +02:00
Valerio Setti
ef80d11c1f test: add proper key requirements in X25519 key parsing tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-11 11:28:22 +02:00
Valerio Setti
0a92121716 test: test of Montgomery keys with uncorrect bits whenever PK_HAVE_ECC_KEYS 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-11 11:28:22 +02:00
Gilles Peskine
6aca2c9613
Merge pull request #7716 from mpg/psa-util-internal 
Split psa_util.h between internal and public
 2023-07-10 18:33:23 +02:00
Gilles Peskine
d9f0c76f9e
Merge pull request #7879 from tgonzalezorlandoarm/development 
tests/test_suite_pem: Augment DES test cases with AES: PEM
 2023-07-10 18:28:01 +02:00
Dave Rodgman
f3e488ec40
Merge pull request #7216 from lpy4105/issue/6840/add-getters-for-some-fields 
Add getters for some fields
 2023-07-10 17:14:11 +01:00
Andrzej Kurek
bdb41dd46d Add missing resource deallocation in tests 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-07-10 08:09:50 -04:00
Manuel Pégourié-Gonnard
f614bde912
Merge pull request #7656 from mprse/ffdh_tls13_v2_drivers 
FFDH 4: driver-only parity testing - with TLS 1.3
 2023-07-10 13:08:47 +02:00
Valerio Setti
ee3a4d0d38 debug: replace occurence of ECP_LIGHT with PK_HAVE_ECC_KEYS 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 09:13:57 +02:00
Valerio Setti
6f0441d11e tls: replace occurencies of ECP_LIGHT with PK_HAVE_ECC_KEYS 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 09:13:57 +02:00
Pengyu Lv
db6143364a Add test for endpoint getter 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-07-10 11:33:23 +08:00
Pengyu Lv
30e0870937 Add test for hostname getter 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-07-10 11:33:23 +08:00
Dave Rodgman
7dbd2bf90c
Merge pull request #7441 from gilles-peskine-arm/mbedtls_x509_crt_parse_path-qemu-bug 
More mbedtls_x509_crt_parse_path() tests, and note qemu-user bug when 32-bit code run on 64-bit host
 2023-07-07 19:15:31 +01:00
Manuel Pégourié-Gonnard
461d59b2f8
Merge pull request #7858 from mprse/ffdh_tls13_v2_f 
Make use of FFDH keys in TLS 1.3 - follow-up
 2023-07-07 16:19:35 +02:00
Dave Rodgman
8abb3497ad
Merge branch 'development' into mbedtls_x509_crt_parse_path-qemu-bug 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-07 15:11:35 +01:00
Andrzej Kurek
34ccd8d0b6 Test x509 csr SAN DN and RFC822 generation 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-07-07 08:18:43 -04:00
Manuel Pégourié-Gonnard
9967f11066
Merge pull request #7810 from valeriosetti/issue7771 
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/ECC
 2023-07-07 10:22:47 +02:00
Agathiyan Bragadeesh
3e1e2e1f78 Add dependency MBEDTLS_ECP_NIST_OPTIM for ECP test 
For tests running the ecp_fast_mod with MBEDTLS_ECP_DP_SECPXXXR1 the
dependency MBEDTLS_ECP_NIST_OPTIM has been added as this gives the
curves the optimised reduction function that ecp_fast_mod tests.

Signed-off-by: Agathiyan Bragadeesh <agabra02@e127300.arm.com>
 2023-07-06 15:40:19 +01:00
Tomás González
3719f9ec91 tests/test_suite_pem: Augment DES test cases with AES: PEM 
A few negative test cases in test_suite_pem.data rely on DES
(“invalid iv”, “malformed”). DES is deprecated.
Construct similar test cases using AES.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
 2023-07-06 14:21:23 +01:00
Manuel Pégourié-Gonnard
a30c5cfc66 Use minimal include in test_suite_random 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:47:29 +02:00
Manuel Pégourié-Gonnard
d55d66f5ec Fix missing includes 
Some files relied on psa_util.h to provide the includes they need.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:47:28 +02:00
Manuel Pégourié-Gonnard
2be8c63af7 Create psa_util_internal.h 
Most functions in psa_util.h are going to end up there (except those
that can be static in one file), but I wanted to have separate commits
for file creation and moving code around, so for now the new file's
pretty empty but that will change in the next few commits.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:42:33 +02:00
Dave Rodgman
8dda131a0a Test OID lookup for every hash algorithm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-06 09:52:20 +01:00
Gabor Mezei
2a7bcaf8af
Use only MBEDTLS_ECP_WITH_MPI_UINT to switch between the ecp variants 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-07-06 10:37:51 +02:00
Dave Rodgman
6cc1734f3e Fix test dependency 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-05 20:27:45 +01:00
Dave Rodgman
0c2d1afaf3 Fix free before pointers initialised 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-05 20:23:09 +01:00
Dave Rodgman
f324a74fab Add tests for MBEDTLS_MD_SHA3_xxx_VIA_PSA 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-05 19:55:15 +01:00
Dave Rodgman
76814b6207 fix missing include 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-05 19:38:21 +01:00
Dave Rodgman
c0a0990b6e Improve testing of md/PSA alg identifier macro conversions 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-05 19:17:50 +01:00
Dave Rodgman
7bb7602a66 Add OID tests for SHA-3 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-05 19:03:21 +01:00
Dave Rodgman
3d0c8255aa
Merge pull request #7825 from daverodgman/cipher_wrap_size 
Cipher wrap size improvement
 2023-07-05 15:45:48 +01:00
Przemek Stekiel
7ac93bea8c Adapt names: dh -> xxdh 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-07-05 09:26:26 +02:00
Przemek Stekiel
6f199859b6 Adapt handshake fields to ffdh 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-07-05 09:25:00 +02:00
Przemek Stekiel
84f4ff1dd3 Minor adaptations after ffdh was enabled for tls1.3 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-07-05 09:12:08 +02:00
Kusumit Ghoderao
7333ed3efa Add max iterations test case for cmac 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:17:03 +05:30
Kusumit Ghoderao
d80183864a Add test case for zero input cost 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:17:02 +05:30
Kusumit Ghoderao
671320633c Add test cases for key and plain inputs 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:17:02 +05:30
Kusumit Ghoderao
9d4c74f25c Add test cases for output validation of pbkdf2 cmac 
PBKDF2_AES_CMAC_PRF_128 test vectors are generated using PyCryptodome library:
https://github.com/Legrandin/pycryptodome

Steps to generate test vectors:
1. pip install pycryptodome
2. Use the python script below to generate Derived key (see description for details):

Example usage:
pbkdf2_cmac.py <password> <salt> <number_of_iterations> <derived_key_len>
derive_ms.py 4a30314e4d45 54687265616437333563383762344f70656e54687265616444656d6f 16384 16

password         : 4a30314e4d45
salt             : 54687265616437333563383762344f70656e54687265616444656d6f
input cost       : 16384
derived key len  : 16
output           : 8b27beed7e7a4dd6c53138c879a8e33c

"""
from Crypto.Protocol.KDF import PBKDF2
from Crypto.Hash import CMAC
from Crypto.Cipher import AES
import sys

def main():
    #check args
    if len(sys.argv) != 5:
        print("Invalid number of arguments. Expected: <password> <salt> <input_cost> <derived_key_len>")
        return

    password    = bytes.fromhex(sys.argv[1])
    salt        = bytes.fromhex(sys.argv[2])
    iterations  = int(sys.argv[3])
    dklen       = int(sys.argv[4])

    # If password is not 16 bytes then we need to use CMAC to derive the password
    if len(password) != 16:
        zeros     = bytes.fromhex("00000000000000000000000000000000")
        cobj_pass = CMAC.new(zeros, msg=password, ciphermod=AES, mac_len=16)
        passwd    = bytes.fromhex(cobj_pass.hexdigest())
    else:
        passwd = password

    cmac_prf = lambda p,s: CMAC.new(p, s, ciphermod=AES, mac_len=16).digest()

    actual_output = PBKDF2(passwd, salt=salt, dkLen=dklen, count=iterations, prf=cmac_prf)

    print('password         : ' + password.hex())
    print('salt             : ' + salt.hex())
    print('input cost       : ' + str(iterations))
    print('derived key len  : ' + str(dklen))
    print('output           : ' + actual_output.hex())

if __name__ == "__main__":
    main()
"""

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:17:01 +05:30
Kusumit Ghoderao
1d3fca21b1 Add test cases for input validation of pbkdf2 cmac 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:17:01 +05:30
Andrzej Kurek
cf669b058b Add a dummy usage of a pointer in tests 
This way clang with O1 doesn't optimize it.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-07-03 10:42:27 -04:00
Dave Rodgman
0d539c222c
Merge pull request #7702 from silabs-Kusumit/PBKDF2_out_of_range_input_cost 
PBKDF2: Out of range input cost
 2023-07-03 09:58:22 +01:00
Manuel Pégourié-Gonnard
56b159a12a
Merge pull request #7627 from mprse/ffdh_tls13_v2 
Make use of FFDH keys in TLS 1.3 v.2
 2023-07-03 10:12:33 +02:00