We're not strictly required to abort, but at least to leave the context
is an invalid state. For "late" functions like input() and output(),
calling abort() is the easiest way to do that. Do it systematically for
input() and output() by using a wrapper. psa_pake_get_implicit_key() was
already doing it. For "early" function, we can just leave the operation
in its current state which is already invalid.
Restore previous tests about that. Not adding systematic tests, though,
just test the two functions that are the most important, and more likely
to return errors.
Since we now abort in more cases, we need to make sure we don't
invalidate the operation that's going to be re-used later in the test.
For that reason, use a copy of the operation for calls to input() and
output() that are expected to return errors.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Also, the error code changed from INSUFFICIENT_MEMORY to INVALID_DATA.
Temporarily remove a test about aborting the operation on error.
Auto-abort will be re-introduced in the next commit in a more systematic
way.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Test functions must now take a char* argument rather than data_t*. This does
not affect existing test data.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Introduce a unit test to test mbedtls_x509_get_name() and add a testcase
with a corrupt DER-encoded name that causes mbedtls_x509_get_name() to
have to cleanup things it is allocated. If it fails to do this, a memory
leak is detected under Asan builds.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
The format used by the mbedtls_ecjpake_xxx() APIs and that defined by
the PSA Crypto PAKE extension are quite different; the former is
tailored to the needs of TLS while the later is quite generic and plain.
Previously we only addressed some part of this impedance mismatch: the
different number of I/O rounds, but failed to address the part where the
legacy API adds some extras (length bytes, ECParameters) that shouldn't
be present in the PSA Crypto version. See comments in the code.
Add some length testing as well; would have caught the issue.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Use mbedtls_test_read_mpi_core() to read the test data. Among other
benefits, X and Y are now allocated to their exact size, so analyzers (Asan,
Valgrind, Coverity, ...) have a chance of complaining if the tested function
overflows the buffer.
Remove TEST_CF_PUBLIC calls which are no longer necessary.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The length in bytes is used with the 'len' prefix and
the length in limbs is used with the 'limbs' prefix.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
