mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-29 13:20:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
30,670 Commits 172 Branches 267 Tags
Commit Graph

11152 Commits

Author SHA1 Message Date
Gilles Peskine
157679c0d5 mbedtls_pk_import_into_psa: positive tests with pkparse output 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 17:32:44 +01:00
Gilles Peskine
10e9c412c0 mbedtls_pk_import_into_psa: negative tests for different ECC curve 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 17:32:44 +01:00
Gilles Peskine
fc3d866ad2 mbedtls_pk_import_into_psa: implement and test 
Implement mbedtls_pk_import_into_psa for all PK types except RSA_ALT.
This covers importing a key pair, importing a public key and importing
the public part of a key pair.

Test mbedtls_pk_import_into_psa() with the output of
mbedtls_pk_get_psa_attributes(). Also unit-test mbedtls_pk_import_into_psa()
on its own to get extra coverage, mostly for negative cases.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 17:32:44 +01:00
Gilles Peskine
fdb809ef86 exercise_key: fix asymmetric encrypt/decrypt with >2028-bit RSA 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 17:31:03 +01:00
Gilles Peskine
4781bd9773 exercise_key: allow SIGN_MESSAGE/VERIFY_MESSAGE with PSA_ALG_ANY_HASH 
There was already code to instantiate the wildcard for sign/verify-hash.
Make that work with sign/verify-message as well.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 17:30:27 +01:00
Gilles Peskine
069cec1737 Also check the RSA length for public keys 
Do for public keys what
"Fix mbedtls_pk_get_bitlen() for RSA with non-byte-aligned sizes"
did for key pairs.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 16:59:17 +01:00
Thomas Daubney
54e6b412bd Generate all test wrappers 
One was missed due to a typo

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:49:22 +00:00
Thomas Daubney
27b48a312f Generate test wrappers 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:49:19 +00:00
Thomas Daubney
a1cf1010cc Generate test wrappers for mac functions 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:07:35 +00:00
Thomas Daubney
45c8586a91 Generate test wrappers for hash functions 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:43:03 +00:00
Gilles Peskine
34a074af37 Add missing dependency on PEM 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 11:24:10 +01:00
Gilles Peskine
92fb604139 Fix mbedtls_pk_get_bitlen() for RSA with non-byte-aligned sizes 
Add non-regression tests. Update some test functions to not assume that
byte_length == bit_length / 8.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 11:24:08 +01:00
Gilles Peskine
19f1adfc69 New function mbedtls_rsa_get_bitlen() 
Document, implement and test mbedtls_rsa_get_bitlen().

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 11:23:05 +01:00
Manuel Pégourié-Gonnard
2e2af414d0
Merge pull request #7604 from zvolin/feature/pkcs5-aes 
Add AES encrypted keys support for PKCS5 PBES2
 2024-02-10 08:46:18 +00:00
Gilles Peskine
48b87ebde3 Choose a curve for tests at compile time 
This makes it possible to use the curve in test data.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-09 19:31:04 +01:00
Valerio Setti
4ade8ee5b9 test_suite_pem: more tests for ASN.1 parsing after decoding 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-09 17:44:07 +01:00
Matthias Schulz
a6ac0f1330 Replaced MBEDTLS_GCM_LARGETABLE by MBEDTLS_GCM_LARGE_TABLE. Removed empty comment line in doc block. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2024-02-09 17:11:54 +01:00
Paul Elliott
5d2bcc63cd Fix typo / improve documentation for test step fns 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-02-09 14:41:24 +00:00
Paul Elliott
54ad01efed Merge remote-tracking branch 'upstream/development' into make_tests_thread_safe 2024-02-09 14:33:58 +00:00
Ryan Everett
67f3568895 Reduce analyze_block_cipher_dispatch exceptions 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-09 13:02:23 +00:00
Ronald Cron
c7fa82ee33 tests: ssl: Improve test parameter sanity check 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-09 09:33:09 +01:00
Valerio Setti
010d23f9af test_suite_[pkparse|x509parse]: fix return values of some PEM related error tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-09 06:42:18 +01:00
Valerio Setti
9de84bd677 rsa: reject buffers with data outside main SEQUENCE when parsing keys 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-09 06:42:18 +01:00
Ryan Everett
75e65fe24b Reformat AES encryption test data in pkcs5 tests 
The added comma is needed so that these tests match the regex exceptions
in analyze_outcomes.py.
Moved the Encryption tests so that they are separate to decryption.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-08 15:44:43 +00:00
Ryan Everett
afb2eee263 Add PKCS5/12 exceptions to analyze_block_cipher_dispatch 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-08 14:31:54 +00:00
Ryan Everett
791fc2e24c Merge remote-tracking branch 'upstream/development' into pkcs5_aes_new 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-08 14:26:29 +00:00
Matthias Schulz
782667883a Fix: 
- Remove unnecessary tests.
- Update description of MBEDTLS_GCM_LARGETABLE parameter.
- Move acceleration defines from gcm.h to gcm.c.
- Remove unnecessary zero setting after shift.
- Fix implementation for big-endian architectures.

Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2024-02-08 13:59:15 +01:00
Janos Follath
7a28738205
Merge pull request #8636 from paul-elliott-arm/new_test_thread_interface 
New test thread interface
 2024-02-08 12:35:40 +00:00
Ronald Cron
90abb224f7 ssl-opt.sh: Establish TLS 1.3 then TLS 1.2 session 
Add a test where first we establish a
TLS 1.3 session, then a TLS 1.2 one
with the same server.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-08 12:12:58 +01:00
Tom Cosgrove
1dbfc8ad3c
Merge pull request #8790 from paul-elliott-arm/fix_ctr_drbg_comment 
Fix confusing comment in ctr drbg thread test
 2024-02-08 11:11:50 +00:00
Ronald Cron
587cfe65ca ssl-opt.sh: Establish TLS 1.2 then TLS 1.3 connection 
Add a test where first we establish a
TLS 1.2 session, then a TLS 1.3 one
with the same server.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-08 12:09:42 +01:00
Manuel Pégourié-Gonnard
b7307630bb
Merge pull request #8703 from valeriosetti/issue7765-guards-in-asn1 
Conversion function between raw and DER ECDSA signatures (guards in ASN1)
 2024-02-08 08:45:30 +00:00
Manuel Pégourié-Gonnard
7bf1e98f44
Merge pull request #8740 from valeriosetti/issue8647 
Move RSA basic key parsing/writing to rsa.c
 2024-02-08 08:35:42 +00:00
Ryan Everett
eb8c665a53 Reformat wrapper generation code 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
0f54727bf4 Restructure wrapper script 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
198a4d98d5 Generate test wrappers for key derivation 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Valerio Setti
1910390b4a psa_util: improve leading zeros check in convert_der_to_raw_single_int() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-07 16:16:58 +01:00
Paul Elliott
bda577bb0b Fix confusing comment in ctr drbg thread test 
Make it clearer where the magic number chosen for entropy_len actually
comes from, and why we chose this value.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-02-07 15:13:46 +00:00
Valerio Setti
ef07fa0fc3 test_suite_psa_crypto_util: add more test for raw->der 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-07 15:16:45 +01:00
Ryan Everett
a8082c43d5 Add MBEDTLS_CIPHER_C dependencies to new pkparse tests 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 13:31:19 +00:00
Matthias Schulz
0767fdadbf Enhance GCM throughput using larger precalculated tables. Also refactored the code for shorter tables and moved the check for available accelerators to the context initialization code. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2024-02-07 13:17:50 +01:00
Paul Elliott
292b1dc1e1
Merge pull request #8789 from paul-elliott-arm/fix_tsan_gcc 
Stop platform test failures with GCC and TSAN
 2024-02-07 11:32:39 +00:00
Manuel Pégourié-Gonnard
1d7bc1ecdf
Merge pull request #8717 from valeriosetti/issue8030 
PSA FFDH: feature macros for parameters
 2024-02-07 10:06:03 +00:00
Ronald Cron
b3d42fddae tests: write early data: Add HRR scenario 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron
05600e26f4 tests: write early data: Add "server rejects" scenario 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron
8fe2b01b52 tests: write early data: Add "not sent" scenario 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron
2fbbba9c51 tests: ssl: Add write early data unit test 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Xiaokang Qian
30bb7ce9a2 Add test case for early data writing 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron
54a3829453 ssl_client2: Simplify early_data option 
No need to define specific early data,
the idea is rather to just send the
usual request data as early data
instead of standard application data.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Paul Elliott
e053cb2f12 Stop platform test failures with GCC and TSAN 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-02-06 18:10:43 +00:00