mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-06 12:40:02 +00:00

Author	SHA1	Message	Date
Valerio Setti	862d14e694	generate_test_keys: minor improvements Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-04-15 17:58:43 +02:00
Valerio Setti	776dce51d3	asymmetric_key_data: fix public RSA-2048 key Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-04-15 17:41:21 +02:00
Valerio Setti	8f40460b2b	generate_test_keys: fix mypy issue for imported path Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-04-15 15:09:10 +02:00
Valerio Setti	6bda5f5717	generate_test_keys: use keys from asymmetric_key_data.py asymmetric_key_data.py already provides EC/RSA key pair values that are suitable for generate_test_keys.py. So instead of re-generating the keys using gen_key program, we use those keys. This commit also: - extends asymmetric_key_data.py to introduce RSA bit sizes that are used in test_suite_pk but were missing from asymmetric_key_data.py. - updates test_keys.h with new keys. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-04-10 12:33:21 +02:00
Valerio Setti	ab38fc7c11	test_suite_pk: minor code fixes and comments improvements Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-04-03 14:10:36 +02:00
Valerio Setti	3e22bf2a31	generate_test_keys.py: minor improvements - remove BEGIN_FILE/END_FILE lines from output header file. - add single disclaimer at the beginning of the file instead of having it repeated for every array. - improved exception message for missing key generation program. This commits also regenerates "test_keys.h" in order to fully comply with the new format. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-04-03 14:10:36 +02:00
Valerio Setti	26bc9c2fb8	test_suite_pk: fix guards Now that key generation has been replaced with parsing predefined keys, guards for MBEDTLS_PK_PARSE_C need to be added in test code. This commits also removes remaining usage of GENPRIME. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-04-02 15:27:50 +02:00
Valerio Setti	390f276822	pk: fix unused variable in copy_from_psa() key_bits is unused when neither MBEDTLS_RSA_C or MBEDTLS_PK_HAVE_ECC_KEYS are defined. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-04-02 11:31:33 +02:00
Valerio Setti	7126ba52e0	test_suite_pk: add python script to generate predefined keys This commit adds "generate_test_keys.py" script to generate predefined keys used in test_suite_pk. Keys are generated with "programs/pkey/gen_key" tool and converted to C array using the python script. tests/src/test_keys.h is automatically generated using the above mentioned script. test_suite_pk is updated in order to use the new format. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-04-02 10:11:34 +02:00
Valerio Setti	28c41ad2e9	test_suite_pk: simplify pk_psa_genkey() Instead of using PK module to import/export the key in a PSA friendly format: - for RSA keys we use the DER input data directly; - for EC keys we extract the private key manually. This helps avoiding dependencies from PK_WRITE and PK_PARSE. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-29 12:47:33 +01:00
Valerio Setti	d8896d650f	test_suite_pk: simplify pk_genkey() Add pk_info parameter in order to ease the requirements on the provided PK context. Now it can simply be initialized, but not setup. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-29 09:50:20 +01:00
Valerio Setti	fdef82c9de	test_suite_pk: fix key_id initialization value Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-28 16:10:34 +01:00
Valerio Setti	56708133ea	test_suite_pk: use look-up table instead of file for the predefined keys This helps dropping dependency on FS_IO. This commit also removes DER files that were previusly added and which are not more needed/used. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-28 16:10:13 +01:00
Valerio Setti	5b94a02535	test_suite_pk: remove PSA_WANT_KEY_TYPE_[ECC/RSA]_KEY_PAIR_GENERATE dependencies EC and RSA keys are now loaded from a file so there is no need to generate them at runtime. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-27 12:37:41 +01:00
Valerio Setti	d44f99a8a5	test_suite_pk: modify pk_psa_genkey() in order to use predefined keys Use predefined keys instead of generating them at runtime as already done for pk_genkey(). Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-27 12:37:40 +01:00
Valerio Setti	c43a7a522e	test_suite_pk: use a single helper function to generate PSA keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-27 12:36:15 +01:00
Valerio Setti	414daf1d07	test_suite_pk: modify pk_genkey() in order to use predefined keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-27 12:36:14 +01:00
Valerio Setti	561e29e5da	test-data: add predefined RSA and EC keys Automatically generated with the following bash script: ``` LIST="secp521r1 brainpoolP512r1 secp384r1 brainpoolP384r1 secp256r1 secp256k1 brainpoolP256r1 secp224r1 secp224k1 secp192r1 secp192k1 x25519 x448" for item in $LIST; do ./programs/pkey/gen_key type=ec ec_curve=$item filename="tests/data_files/ec_$item.der" format=der done LIST="1024 1026 1028 1030 2048 4096" for item in $LIST; do ./programs/pkey/gen_key type=rsa rsa_keysize=$item filename="tests/data_files/rsa_$item.der" format=der done ``` Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-27 12:33:30 +01:00
Manuel Pégourié-Gonnard	611f899c0c	Merge pull request #8957 from valeriosetti/issue8836 Unify consistency tests for mbedtls_pk_import_into_psa and mbedtls_pk_copy_from_psa	2024-03-22 08:57:45 +00:00
Manuel Pégourié-Gonnard	e2925efa42	Merge pull request #8967 from ronald-cron-arm/improve-version-selection-tests-titles ssl-opt.sh: Improve version selection test titles	2024-03-22 08:52:39 +00:00
Manuel Pégourié-Gonnard	2107feb7a6	Merge pull request #8586 from lpy4105/issue/fix-fake-case-listed-in-compat_sh Fix fake cases listed of compat.sh	2024-03-21 15:05:11 +00:00
minosgalanakis	5a9020f5d4	Merge pull request #8941 from daverodgman/branches-3.6lts Update BRANCHES for 3.6	2024-03-21 13:56:34 +00:00
Manuel Pégourié-Gonnard	32a96d656b	Merge pull request #8951 from valeriosetti/issue8938 mbedtls_pk_setup_opaque always uses PKCS#1v1.5 for RSA keys	2024-03-21 09:08:34 +00:00
Ronald Cron	35884a4301	ssl-opt.sh: Improve version selection test titles Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-21 09:44:28 +01:00
Valerio Setti	2833050bb6	test_suite_pk: fix guards in pk_psa_sign() If the public key is exported with mbedtls_pk_write_pubkey_der() it should be re-imported with mbedtls_pk_parse_public_key(). Alternative options (when PK_WRITE is not defined), i.e. mbedtls_ecp_point_write_binary() and mbedtls_rsa_write_pubkey(), export the key in a different format which cannot be parsed by pk_parse module so mbedtls_ecp_point_read_binary() and mbedtls_rsa_parse_pubkey() should be used respectively in this case. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-21 05:24:12 +01:00
Valerio Setti	ea01efa589	add changelog Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-20 17:19:08 +01:00
Valerio Setti	144c27b0f3	pkwrite: add new internal symbol for the max supported public key DER length This is also used in pk_psa_sign() to properly size buffers holding the public key. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-20 17:10:35 +01:00
Valerio Setti	027796c0cc	test_suite_pk: uniformly generate RSA and EC keys in pk_psa_sign() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-20 16:55:35 +01:00
Valerio Setti	6fb2586dfd	test_suite_pk: fix guards in pk_psa_sign() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-20 16:55:14 +01:00
Valerio Setti	1b533ab205	test_suite_pk: test also RSA OAEP in pk_wrap_rsa_decrypt_test_vec() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-20 15:43:33 +01:00
Valerio Setti	d45836a1c3	pk_wrap: fix algorithm selection in rsa_opaque_decrypt() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-20 15:42:55 +01:00
Valerio Setti	480dfc7ad7	test_suite_pk: fix guards in pk_psa_sign() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-20 12:24:29 +01:00
Valerio Setti	237424b84f	test_suite_pk: simplify pk_copy_from_psa_success() Use mbedtls_test_key_consistency_psa_pk() to verify that the generated PK contexts match with the original PSA keys instead of doing sign/verify and encrypt/decrypt. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-20 12:10:38 +01:00
Valerio Setti	f71c060cb2	test_suite_pk: properly size buffers for public keys in pk_psa_sign() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-19 19:35:37 +01:00
Valerio Setti	aa9cc49879	test_suite_pk: test also RSA keys with PKCS1 v2.1 padding mode in pk_psa_sign() Previously only only PKCS1 v1.5 was tested. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-19 19:03:55 +01:00
Valerio Setti	4f3262de2d	pk_wrap: fix algorithm selection in rsa_opaque_sign_wrap() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-19 15:55:32 +01:00
Valerio Setti	d971b7834b	test_suite_pk: fix RSA issue in pk_psa_sign() when !PK_[PARSE\|WRITE]_C are defined This bug was not found until now because: - !PK_[WRITE\|PARSE]_C is only tested in component_full_no_pkparse_pkwrite() - the test only case concerning RSA key had MBEDTLS_PK_WRITE_C as dependency so it was not executed in that component. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-19 15:55:32 +01:00
Valerio Setti	c262561424	test_suite_pk: rename some variables in pk_psa_sign() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-19 15:55:32 +01:00
Valerio Setti	d38480b0e0	test_suite_pk: reshape pk_psa_sign() The behavior of the functions is kept intact. Changes concern: - generate the initial PK context using PSA parameters only; this allows to remove 1 input parameter for the test function. - add/fix comments. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-19 15:55:32 +01:00
Gilles Peskine	b2b9068264	Merge pull request #8942 from valeriosetti/fix-null-dereference [Bugfix] Fix null dereference in `mbedtls_pk_verify_ext()`	2024-03-19 10:47:29 +00:00
Manuel Pégourié-Gonnard	af14b89824	Merge pull request #8932 from ronald-cron-arm/enable-tls13-by-default Enable TLS 1.3 by default	2024-03-19 09:51:49 +00:00
Valerio Setti	da47518554	test_suite_pk: always test verify_ext with opaque keys in pk_psa_wrap_sign_ext() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-19 09:54:46 +01:00
Valerio Setti	8ad5be0e5d	add changelog Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-18 17:22:52 +01:00
Paul Elliott	92152dc746	Merge pull request #8940 from paul-elliott-arm/add_fixes_to_threading_changelog Add issues fixed to threading MVP changelog entry	2024-03-18 15:30:11 +00:00
Dave Rodgman	0da8c514c3	Replace reference to master Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-03-18 15:25:53 +00:00
Valerio Setti	07500fd874	pk: check PK context type in mbedtls_pk_verify_ext() before trying RSA PSS Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-18 16:22:33 +01:00
Valerio Setti	d59caf4e51	test_suite_pk: extend pk_psa_wrap_sign_ext() Try to perform verify_ext() using the opaque context when the key type is MBEDTLS_PK_RSASSA_PSS. This currently leads to a crash while running the test suite and this will be fixed by the next commit. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-18 16:20:14 +01:00
Dave Rodgman	1fdf9d0a21	Update BRANCHES Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-03-18 14:37:24 +00:00
Dave Rodgman	374704255d	Merge pull request #8939 from daverodgman/codestyle-autogen Codestyle autogen fix	2024-03-18 14:26:59 +00:00
Paul Elliott	f5f48549e2	Add issues fixed to changelog entry Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-03-18 13:52:25 +00:00

1 2 3 4 5 ...

30253 Commits