324 Commits

Author SHA1 Message Date
Michael Schuster
275b698ee7 Use correct test case conditionals for helper functions in tests/suites
Fix unused-function errors.

Signed-off-by: Michael Schuster <michael@schuster.ms>
2024-08-06 12:09:13 +01:00
Michael Schuster
31b1cb8601 Adjust spacing in tests/suites function sources
Signed-off-by: Michael Schuster <michael@schuster.ms>
2024-08-06 12:09:13 +01:00
Michael Schuster
b1e33fb707 Fix missing-prototype errors in tests/suites
Signed-off-by: Michael Schuster <michael@schuster.ms>
2024-08-06 12:09:13 +01:00
Elena Uziunaite
3b7cde48be Code style fix
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
2024-06-17 15:56:01 +01:00
Elena Uziunaite
4c882db6fc Fix compiler warnings in test_suite_pk.function
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
2024-06-17 15:55:51 +01:00
David Horstmann
ea09152be9 Update file paths for moved files
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2024-05-31 15:51:41 +01:00
Ronald Cron
f313902890 Fix "maybe-uninitialized" warning with GCC 11.3
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-05-22 09:12:19 +02:00
Valerio Setti
5e965845d6 generate_test_keys: split group_id and key bitsize in the generated structure
- group_id is only used for EC keys;
- key bitsize only for RSA.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-22 05:20:47 +02:00
Valerio Setti
690ab4548c test_suite_pk: fix guards for pk_psa_setup()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 09:52:01 +02:00
Valerio Setti
e98c37877b test_suite_pk: remove PK_PARSE_C unnecessary dependencies
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:37 +02:00
Valerio Setti
7903385e0f test_suite_pk: remove RSA key generation/size dependencies
- MBEDTLS_GENPRIME is removed because now we rely on predefined
  RSA keys.
- MBEDTLS_RSA_GEN_KEY_MIN_BITS is replaced with RSA_KEY_SIZE which
  is set on top of test_suite_pk to a value which is supported
  in the predefined_keys[] array.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:37 +02:00
Valerio Setti
ab4b01bbbe test_suite_pk: enhance pk_psa_setup() to support all key types
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:37 +02:00
Valerio Setti
7ee12b7669 test_suite_pk: use pk_setup() instead of mbedtls_rsa_gen_key() in pk_psa_wrap_sign_ext()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:37 +02:00
Valerio Setti
73932e3b83 test_suite_pk: use predefined RSA keys in pk_setup_for_type()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
5a07cff575 test_suite_pk: rename pk_genkey() and pk_psa_genkey()
- pk_genkey -> pk_setup
- pk_psa_genkey -> pk_psa_setup

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
83ddd43e86 test_suite_pk: fix get_predefined_key_data() return value
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
04ee26404b generate_test_keys: generate also look-up table in script
Remove static declaration of look-up table from test_suite_pk
and generate it automatically with Python.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
65953e227a generate_test_keys: generate arrays for all keys in asymmetric_key_data.py
Only unused (from test_suite_pk point of view) EC curves are skipped.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
f38640d07d generate_test_keys: generate also RSA public key arrays
This is to manage RSA and EC keys in the same way in order to
prepare for the following commits.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
7affeef725 generate_test_keys: use keys from asymmetric_key_data.py
asymmetric_key_data.py already provides EC/RSA key pair values that
are suitable for generate_test_keys.py. So instead of re-generating
the keys using gen_key program, we use those keys.

This commit also:
- extends asymmetric_key_data.py to introduce
RSA bit sizes that are used in test_suite_pk but were missing from
asymmetric_key_data.py.
- updates test_keys.h with new keys.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
b9a3f79a2a test_suite_pk: minor code fixes and comments improvements
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
09e9872037 test_suite_pk: fix guards
Now that key generation has been replaced with parsing predefined
keys, guards for MBEDTLS_PK_PARSE_C need to be added in test
code.
This commits also removes remaining usage of GENPRIME.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
bdb7ae1dad test_suite_pk: add python script to generate predefined keys
This commit adds "generate_test_keys.py" script to generate
predefined keys used in test_suite_pk. Keys are generated with
"programs/pkey/gen_key" tool and converted to C array using
the python script.

tests/src/test_keys.h is automatically generated using the
above mentioned script.

test_suite_pk is updated in order to use the new format.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
88ab0d4ec9 test_suite_pk: simplify pk_psa_genkey()
Instead of using PK module to import/export the key in a PSA friendly
format:

- for RSA keys we use the DER input data directly;
- for EC keys we extract the private key manually.

This helps avoiding dependencies from PK_WRITE and PK_PARSE.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
9658e777b6 test_suite_pk: simplify pk_genkey()
Add pk_info parameter in order to ease the requirements on the provided
PK context. Now it can simply be initialized, but not setup.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
0b15050d5b test_suite_pk: fix key_id initialization value
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
cca2d437d2 test_suite_pk: use look-up table instead of file for the predefined keys
This helps dropping dependency on FS_IO.
This commit also removes DER files that were previusly added and which
are not more needed/used.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
5ec934119d test_suite_pk: remove PSA_WANT_KEY_TYPE_[ECC/RSA]_KEY_PAIR_GENERATE dependencies
EC and RSA keys are now loaded from a file so there is no need
to generate them at runtime.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
cdb5a7d4f4 test_suite_pk: modify pk_psa_genkey() in order to use predefined keys
Use predefined keys instead of generating them at runtime as already
done for pk_genkey().

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
8bfa7fd930 test_suite_pk: use a single helper function to generate PSA keys
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Valerio Setti
dfc1915d39 test_suite_pk: modify pk_genkey() in order to use predefined keys
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-17 05:28:36 +02:00
Bence Szépkúti
4ee6ddca86
Merge pull request #9004 from valeriosetti/issue8903-backport
[Backport 3.6] Test gap: mbedtls_pk_check_pair with MBEDTLS_PK_OPAQUE
2024-04-04 13:44:31 +00:00
Valerio Setti
b2840b0aac test_suite_pk: add failing check for sign_ext() in pk_psa_wrap_sign_ext()
If the wrapped key has a PKCS1 v1.5 signature algorithm, then try
to call sign_ext() to perform PSA RSS. Of course this will fail
because it's not supported by the wrapped key.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-04 09:42:01 +02:00
Valerio Setti
7e9711ae07 test_suite_pk: test check_pair() also with opaque RSA keys
check_pair() is not supported by opaque RSA keys, but we want
to be sure that calling this functions fails nicely instead
for crashing.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-04-04 07:02:47 +02:00
Manuel Pégourié-Gonnard
611f899c0c
Merge pull request #8957 from valeriosetti/issue8836
Unify consistency tests for mbedtls_pk_import_into_psa and mbedtls_pk_copy_from_psa
2024-03-22 08:57:45 +00:00
Valerio Setti
2833050bb6 test_suite_pk: fix guards in pk_psa_sign()
If the public key is exported with mbedtls_pk_write_pubkey_der()
it should be re-imported with mbedtls_pk_parse_public_key().
Alternative options (when PK_WRITE is not defined), i.e.
mbedtls_ecp_point_write_binary() and mbedtls_rsa_write_pubkey(),
export the key in a different format which cannot be parsed by
pk_parse module so mbedtls_ecp_point_read_binary() and
mbedtls_rsa_parse_pubkey() should be used respectively in this
case.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-21 05:24:12 +01:00
Valerio Setti
144c27b0f3 pkwrite: add new internal symbol for the max supported public key DER length
This is also used in pk_psa_sign() to properly size buffers holding
the public key.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-20 17:10:35 +01:00
Valerio Setti
027796c0cc test_suite_pk: uniformly generate RSA and EC keys in pk_psa_sign()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-20 16:55:35 +01:00
Valerio Setti
6fb2586dfd test_suite_pk: fix guards in pk_psa_sign()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-20 16:55:14 +01:00
Valerio Setti
1b533ab205 test_suite_pk: test also RSA OAEP in pk_wrap_rsa_decrypt_test_vec()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-20 15:43:33 +01:00
Valerio Setti
480dfc7ad7 test_suite_pk: fix guards in pk_psa_sign()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-20 12:24:29 +01:00
Valerio Setti
237424b84f test_suite_pk: simplify pk_copy_from_psa_success()
Use mbedtls_test_key_consistency_psa_pk() to verify that the
generated PK contexts match with the original PSA keys instead
of doing sign/verify and encrypt/decrypt.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-20 12:10:38 +01:00
Valerio Setti
f71c060cb2 test_suite_pk: properly size buffers for public keys in pk_psa_sign()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-19 19:35:37 +01:00
Valerio Setti
aa9cc49879 test_suite_pk: test also RSA keys with PKCS1 v2.1 padding mode in pk_psa_sign()
Previously only only PKCS1 v1.5 was tested.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-19 19:03:55 +01:00
Valerio Setti
d971b7834b test_suite_pk: fix RSA issue in pk_psa_sign() when !PK_[PARSE|WRITE]_C are defined
This bug was not found until now because:
- !PK_[WRITE|PARSE]_C is only tested in component_full_no_pkparse_pkwrite()
- the test only case concerning RSA key had MBEDTLS_PK_WRITE_C as dependency
  so it was not executed in that component.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-19 15:55:32 +01:00
Valerio Setti
c262561424 test_suite_pk: rename some variables in pk_psa_sign()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-19 15:55:32 +01:00
Valerio Setti
d38480b0e0 test_suite_pk: reshape pk_psa_sign()
The behavior of the functions is kept intact. Changes concern:
- generate the initial PK context using PSA parameters only; this
  allows to remove 1 input parameter for the test function.
- add/fix comments.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-19 15:55:32 +01:00
Gilles Peskine
b2b9068264
Merge pull request #8942 from valeriosetti/fix-null-dereference
[Bugfix] Fix null dereference in `mbedtls_pk_verify_ext()`
2024-03-19 10:47:29 +00:00
Valerio Setti
da47518554 test_suite_pk: always test verify_ext with opaque keys in pk_psa_wrap_sign_ext()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-19 09:54:46 +01:00
Valerio Setti
d59caf4e51 test_suite_pk: extend pk_psa_wrap_sign_ext()
Try to perform verify_ext() using the opaque context when the
key type is MBEDTLS_PK_RSASSA_PSS. This currently leads to a
crash while running the test suite and this will be fixed by
the next commit.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-03-18 16:20:14 +01:00