mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-09 01:13:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
27,223 Commits 174 Branches 263 Tags
Commit Graph

5676 Commits

Author SHA1 Message Date
Gilles Peskine
ead1766b5f Fix PBKDF2 with empty salt segment on platforms where malloc(0)=NULL 
"Fix PBKDF2 with empty salt on platforms where malloc(0)=NULL" took care of
making an empty salt work. But it didn't fix the case of an empty salt
segment followed by a non-empty salt segment, which still invoked memcpy
with a potentially null pointer as the source. This commit fixes that case,
and also simplifies the logic in the function a little.

Test data obtained with:
```
pip3 install cryptodome
python3 -c 'import sys; from Crypto.Hash import SHA256; from Crypto.Protocol.KDF import PBKDF2; cost = int(sys.argv[1], 0); salt = bytes.fromhex(sys.argv[2]); password = bytes.fromhex(sys.argv[3]); n = int(sys.argv[4], 0); print(PBKDF2(password=password, salt=salt, dkLen=n, count=cost, hmac_hash_module=SHA256).hex())' 1 "" "706173737764" 64
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-20 22:05:16 +02:00
David Horstmann
cfae6a1ae9 Fix incorrect detection of HardwareModuleName 
The hardware module name otherName SAN contains 2 OIDs:

 OtherName ::= SEQUENCE {
      type-id    OBJECT IDENTIFIER,
      value      [0] EXPLICIT ANY DEFINED BY type-id }

 HardwareModuleName ::= SEQUENCE {
                           hwType OBJECT IDENTIFIER,
                           hwSerialNum OCTET STRING }

The first, type-id, is the one that identifies the otherName as a
HardwareModuleName. The second, hwType, identifies the type of hardware.

This change fixes 2 issues:

1. We were erroneously trying to identify HardwareModuleNames by looking
at hwType, not type-id.
2. We accidentally inverted the check so that we were checking that
hwType did NOT match HardwareModuleName.

This fix ensures that type-id is correctly checked to make sure that it
matches the OID for HardwareModuleName.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-18 19:31:39 +01:00
Kusumit Ghoderao
8eb55891ad Add tests in derive_key for pbkdf2 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-08-18 22:04:31 +05:30
Kusumit Ghoderao
1dd596541b Add tests in derive_key_type for pbkdf2 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-08-18 22:04:31 +05:30
Kusumit Ghoderao
1fe806a1a0 Add tests in derive_key_export for pbkdf2 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-08-18 22:04:31 +05:30
Kusumit Ghoderao
e8f6a0d791 Add tests for derive_key_exercise for pbkdf2 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-08-18 22:04:31 +05:30
Kusumit Ghoderao
ac7a04ac15 Move parse_binary_string function to psa_crypto_helpers 
Add test code for pbkdf2 in psa_exercise_key

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-08-18 22:04:16 +05:30
Kusumit Ghoderao
5cad47df8a Modify test description 
The test data was generated using the python script.
PBKDF2_AES_CMAC_PRF_128 test vectors are generated using PyCryptodome library:
https://github.com/Legrandin/pycryptodome

Steps to generate test vectors:
1. pip install pycryptodome
2. Use the python script below to generate Derived key (see description for details):

Example usage:
pbkdf2_cmac.py <password> <salt> <number_of_iterations> <derived_key_len>
derive_output.py 4a30314e4d45 54687265616437333563383762344f70656e54687265616444656d6f 16384 16

password         : 4a30314e4d45
salt             : 54687265616437333563383762344f70656e54687265616444656d6f
input cost       : 16384
derived key len  : 16
output           : 8b27beed7e7a4dd6c53138c879a8e33c

"""
from Crypto.Protocol.KDF import PBKDF2
from Crypto.Hash import CMAC
from Crypto.Cipher import AES
import sys

def main():
    #check args
    if len(sys.argv) != 5:
        print("Invalid number of arguments. Expected: <password> <salt> <input_cost> <derived_key_len>")
        return

    password    = bytes.fromhex(sys.argv[1])
    salt        = bytes.fromhex(sys.argv[2])
    iterations  = int(sys.argv[3])
    dklen       = int(sys.argv[4])

    # If password is not 16 bytes then we need to use CMAC to derive the password
    if len(password) != 16:
        zeros     = bytes.fromhex("00000000000000000000000000000000")
        cobj_pass = CMAC.new(zeros, msg=password, ciphermod=AES, mac_len=16)
        passwd    = bytes.fromhex(cobj_pass.hexdigest())
    else:
        passwd = password

    cmac_prf = lambda p,s: CMAC.new(p, s, ciphermod=AES, mac_len=16).digest()

    actual_output = PBKDF2(passwd, salt=salt, dkLen=dklen, count=iterations, prf=cmac_prf)

    print('password         : ' + password.hex())
    print('salt             : ' + salt.hex())
    print('input cost       : ' + str(iterations))
    print('derived key len  : ' + str(dklen))
    print('output           : ' + actual_output.hex())

if __name__ == "__main__":
    main()
"""

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-08-18 12:49:07 +05:30
Gilles Peskine
73936868b8 Merge remote-tracking branch 'development' into psa_crypto_config-in-full 
Conflicts:
* tests/scripts/all.sh: component_test_crypto_full_no_cipher was removed
  in the development branch.
 2023-08-17 19:46:34 +02:00
Kusumit Ghoderao
e4d634cd87 Add tests with higher input costs for pbkdf2 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-08-17 21:16:14 +05:30
Janos Follath
f2334b7b39 Remove new bignum when not needed 
New bignum modules are only needed when the new ecp_curves module is
present. Remove them when they are not needed to save code size.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-17 14:36:59 +01:00
Gilles Peskine
294be94922
Merge pull request #7818 from silabs-Kusumit/PBKDF2_cmac_implementation 
PBKDF2 CMAC implementation
 2023-08-17 11:15:16 +00:00
Gilles Peskine
d370f93898
Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn 
OPC UA - add support for RFC822 and DirectoryName SubjectAltNames when generating CSR's
 2023-08-16 09:19:46 +00:00
Kusumit Ghoderao
6c104b9b3b Modify derive output test cases and add actual output 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-08-16 11:47:24 +05:30
Paul Elliott
6da3d83f33 Fix resource leak in test failure case 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-08-11 16:28:06 +01:00
Manuel Pégourié-Gonnard
26b7c93d9d
Merge pull request #7992 from valeriosetti/issue7755 
driver-only ECC: BN.x509 testing
 2023-08-10 19:41:09 +00:00
Manuel Pégourié-Gonnard
54da1a69a2
Merge pull request #7578 from daverodgman/safer-ct5 
Improve constant-time interface
 2023-08-10 16:57:39 +00:00
Tom Cosgrove
e7700a7d0a
Merge pull request #7936 from AgathiyanB/assert-false-macro 
Add TEST_FAIL macro for tests
 2023-08-10 15:01:34 +00:00
Valerio Setti
3580f448eb test: solve test disparities for x509[parse/write] suites 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-10 14:50:43 +02:00
Dave Rodgman
ac69b45486 Document and test mbedtls_ct_size_if_else_0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 12:18:13 +01:00
Dave Rodgman
98ddc01a7c Rename ...if0 to ...else_0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 12:11:31 +01:00
Dave Rodgman
b7825ceb3e Rename uint->bool operators to reflect input types 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 11:58:18 +01:00
Valerio Setti
c5d85e5ead test: remove BIGNUM dependencies from pk[parse/write] suites 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-10 06:43:23 +02:00
Gilles Peskine
a79256472c
Merge pull request #7788 from marekjansta/fix-x509-ec-algorithm-identifier 
Fixed x509 certificate generation to conform to RFCs when using ECC key
 2023-08-07 19:14:54 +00:00
Minos Galanakis
2cae936107 test_suite_ecp: Moved curve bitlenth check after quasi reduction. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-08-07 16:49:22 +01:00
Minos Galanakis
831a2e6369 test_suite_ecp: Fixed curve bit-length. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-08-07 16:45:54 +01:00
Dave Rodgman
953f2a4780
Merge pull request #7892 from AgathiyanB/fix-coverage-MBEDTLS_ECP_NIST_OPTIM-disabled 
Add dependency MBEDTLS_ECP_NIST_OPTIM for ECP test
 2023-08-07 14:37:08 +00:00
Dave Rodgman
4dd89310e9 Update w.r.t. test macro name changes from #6253 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-07 11:49:12 +01:00
Dave Rodgman
c98f8d996a
Merge branch 'development' into safer-ct5 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-07 11:47:35 +01:00
Dave Rodgman
2ec9892f24
Merge pull request #6253 from tom-cosgrove-arm/rename-assert_compare-to-test_assert_compare 
Rename test macros `ASSERT_COMPARE()`, `ASSERT_ALLOC()` and `ASSERT_ALLOC_WEAK()`
 2023-08-04 13:45:10 +00:00
Dave Rodgman
003a5e1ca7
Merge pull request #1046 from Mbed-TLS/merge_3.4.1 
Merge 3.4.1
 2023-08-03 18:23:37 +01:00
Dave Rodgman
a0fc9987da Merge branch 'development' into merge_3.4.1 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-03 15:56:59 +01:00
Dave Rodgman
6f80ac4979
Merge pull request #7864 from waleed-elmelegy-arm/enforce-min-RSA-key-size 
Enforce minimum key size when generating RSA key size
 2023-08-03 12:57:52 +00:00
Gilles Peskine
6919546ddf Update more test dependencies when using test-ca.key 
Those test cases aren't actually executed due to another typo which is
beyond the scope of this commit and will be resolved in
https://github.com/Mbed-TLS/mbedtls/pull/8029 . But update DES to AES anyway.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-03 12:02:14 +02:00
Waleed Elmelegy
d4e7fe09b3 Change tests to work on different MBEDTLS_RSA_GEN_KEY_MIN_BITS configs 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-02 16:59:59 +00:00
Gilles Peskine
a824f8bc91 Update test dependencies when using test-ca.key 
"tests/data_files/test-ca.key" is now encrypted using AES instead of DES.
Update test dependencies accordingly. This fixes `depends.py cipher_id`.

This is a partial cherry-pick of 1a4cc5e92ca8dbffa5606e4da84eb02e1c70e83d
(done manually because the context on the same line is different).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-02 16:38:21 +02:00
Kusumit Ghoderao
6eff0b2258 Remove test vector 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-08-02 17:22:49 +05:30
Gilles Peskine
550d147078 Bump version to 3.4.1 
```
./scripts/bump_version.sh --version 3.4.1
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-02 12:50:23 +02:00
Gilles Peskine
267bee9be8
Merge pull request #7903 from valeriosetti/issue7773 
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/DH
 2023-08-02 10:16:44 +00:00
Gilles Peskine
50745e7e35 Update failing unit tests to use the moved data files 
After upgrading certificates, some parsing unit tests are failing because
the new certificates have a different expiry date, by design. Switch those
test cases to using the moved copy of the old data (as we did in a more
systematic way in the development branch).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-02 12:12:53 +02:00
Bence Szépkúti
895074e3f9
Merge pull request #8002 from valeriosetti/issue7904 
PSA maximum size macro definitions should take support into account
 2023-08-02 05:57:28 +00:00
Dave Rodgman
926d8da47e Fix test dependency 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 17:28:26 +01:00
Dave Rodgman
378280e57f Revert "Move constant_flow.h into the main library" 
This reverts commit fd78c34e23c95a49b0c0790b714aee7cd85335c9.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 17:22:55 +01:00
Dave Rodgman
fd78c34e23 Move constant_flow.h into the main library 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:48:33 +01:00
Dave Rodgman
04a334af55 Make const-time test not depend on internal knowledge of mbedtls_ct_condition_t 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:48:33 +01:00
Valerio Setti
f5051efa81 test: properly size output buffer in key_agreement_fail() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-31 11:35:48 +02:00
Xiaokang Qian
d0657b0015 ecp_mod_p448 has been moved to ecp_mod_p_generic_raw, remove here 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Xiaokang Qian
e25597dad7 Make ecp_mode_xxx functions depend on the new macro 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Dave Rodgman
c2ad3ad62a Fix error in test vectors 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-28 16:44:18 +01:00
Valerio Setti
1eacae865e test: check exported length against proper MAX_SIZE 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-28 17:29:48 +02:00