1
0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-06-09 16:09:39 +08:00

10618 Commits

Author SHA1 Message Date
Jerry Yu
064dd2b870 Adjust check order
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2024-02-02 17:31:20 +01:00
Valerio Setti
f15e13ead7 test_suite_x509parse: remove useless include of rsa.h
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-02 16:44:22 +01:00
Gilles Peskine
d078386287 Smoke tests for mbedtls_pk_get_psa_attributes after parsing
We'll test more fully by adding a call to mbedtls_pk_import_into_psa() once
that function is implemented.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-02 13:22:23 +01:00
Gilles Peskine
cb3b4cae0a Fix handling of ECC public keys under MBEDTLS_PK_USE_PSA_EC_DATA
The test code to construct test keys and the implementation had matching
errors: both assumed that there was a PSA public key object. Fix this.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-02 13:22:23 +01:00
Valerio Setti
c9dd8611f8 test_suite_psa_crypto_util: add missing new line at the end of file
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-02 12:34:06 +01:00
Valerio Setti
684d78fcfa test_suite_rsa: improve key parsing tests for extra data
2 scenarios are taken into account:
- syntactically valid extra data inside the SEQUENCE
- extra data outside the SEQUENCE
A single integer is used as extra data in both cases.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-02 12:30:16 +01:00
Valerio Setti
c701cb2835 test_suite_rsa: improve rsa_key_write_incremental()
Output buffer is tested from being 1 single byte up to twice
what it is strictly required to contain the output data.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-02 11:10:04 +01:00
Valerio Setti
5922cb9309 pkparse: keep legacy PK error codes when RSA key parsing fails
This helps in reverting the changes to test_suite_x509parse.data
when the RSA key parsing fails.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-02 09:21:25 +01:00
Gilles Peskine
591e83d139 Add missing implied usage
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-01 21:33:44 +01:00
Gilles Peskine
a1a7b08057 Fix typo in dependency
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-01 21:32:29 +01:00
Gilles Peskine
793920c1ff mbedtls_pk_get_psa_attributes: opaque: require specified usage
In the MBEDTLS_PK_OPAQUE, have mbedtls_pk_get_psa_attributes() require the
specified usage to be enabled for the specified key. Otherwise the following
call to mbedtls_pk_import_into_psa() is unlikely to result in a key with a
useful policy, so the call to mbedtls_pk_get_psa_attributes() was probably
an error.

Adjust the existing test cases accordingly and add a few negative test
cases.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-01 21:31:27 +01:00
Gilles Peskine
e45d51f7b5 Clearer variable names
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-01 20:53:11 +01:00
Gilles Peskine
e2a77f21ea Use PSA_INIT with test that requires PSA
USE_PSA_INIT is for test code that doesn't use PSA functions when
USE_PSA_CRYPTO is disabled.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-01 20:53:04 +01:00
Gilles Peskine
2e54854d16 Copypasta
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-01 20:53:04 +01:00
Gilles Peskine
ae2668be97 Don't use mbedtls_pk_ec in our own code
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-01 20:53:04 +01:00
Gilles Peskine
7e353ba37a Create auxiliary function for repeated code
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-01 20:46:19 +01:00
Gilles Peskine
19411635a5 Test enrollment algorithm for the non-OPAQUE case
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-01 20:42:28 +01:00
Ronald Cron
38dbab9f8d tests: ssl: Adjust early data test
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-01 20:10:41 +01:00
Ronald Cron
78a38f607c tls13: srv: Do not use early_data_status
Due to the scope reduction for
mbedtls_ssl_read_early_data(), on
server as early data state variable
we now only need a flag in the
handshake context indicating if
the server has accepted early data
or not.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-01 20:10:35 +01:00
Valerio Setti
56cfe2fab6 test_suite_rsa: improve rsa_parse_write_pkcs1_key() and rsa_key_write_incremental()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-01 17:53:26 +01:00
Valerio Setti
201e643509 rsa: simplify mbedtls_rsa_parse_pubkey() input parameters
In this way mbedtls_rsa_parse_pubkey() and mbedtls_rsa_parse_key()
input parameter list is the same.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-01 17:19:37 +01:00
Valerio Setti
135ebde273 rsa: rename parse/write functions in order to follow the standard format
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-01 17:00:29 +01:00
Jerry Yu
579bd4d46b Update early data test
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-01 16:40:47 +01:00
Jerry Yu
192e0f9b1d ssl_server2: Add read early data support
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-01 16:40:47 +01:00
Valerio Setti
3ecb395fb9 test_suite_psa_crypto_util: fix tests for 0-length and one 0x00 byte for r and s
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-01 15:26:24 +01:00
Dave Rodgman
ba8e9addd9 Fix test dependencies
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-01 13:54:46 +00:00
Ronald Cron
11cc41265b
Merge pull request #8711 from ronald-cron-arm/tls13-ticket-and-early-data-unit-test
Add TLS 1.3 ticket and early data unit tests
2024-02-01 13:15:55 +00:00
Paul Elliott
ae942ece47 Fix style issues
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-02-01 12:44:01 +00:00
Paul Elliott
24e9a32c83 Refactor to help future other implementations
Improve the definition of mbedtls_test_thread_t to assist adding future
threading implementations, when they happen.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-02-01 12:26:23 +00:00
Dave Rodgman
6823247376 Fix compile warning in tests
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-31 15:59:06 +00:00
Ronald Cron
eb84534ee3 Use TEST_EQUAL instead of TEST_ASSERT where possible
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-31 15:23:38 +01:00
Ronald Cron
5de9c6f295 Fix and add comments in ticket and early data test function
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-31 15:23:33 +01:00
Ronald Cron
095a3a5a29 Fix PSA init and done macros in TLS unit tests
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-31 15:02:09 +01:00
Ronald Cron
faf026c67c Explain purpose of test specific write/parse ticket functions
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-31 14:32:11 +01:00
Valerio Setti
efcc555002 test_suite_psa_crypto_util: add test with 0-length s
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-31 11:15:37 +01:00
Valerio Setti
a888645bb8 test_suite_rsa: add test for key write with incremental output size
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-31 10:42:00 +01:00
Valerio Setti
91372f5549 test_suite_rsa: add more test cases for RSA key parsing
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-30 17:26:38 +01:00
Valerio Setti
f988f95b9a test_suite_bignum: add test function: mpi_zero_length_buffer_is_null()
The goal is to test all the bignum's functions that accept a buffer
and its length and verify that they do not crash if a NULL pointer
is passed in as buffer and 0 length is specified.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-30 16:28:09 +01:00
Valerio Setti
76e4c6352d test_suite_aria: remove NOT_DEFINED dependency from aria_invalid_param()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-30 16:28:06 +01:00
Valerio Setti
252311d41e test_suite_psa_crypto_util: add test with 0-length for r
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-30 15:50:28 +01:00
Valerio Setti
98e1931a0a test_suite_psa_crypto_util: alloc/free buffer inside loop in ecdsa_raw_to_der_incremental()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-30 15:46:02 +01:00
Tom Cosgrove
d4c373a597 Refactor all.sh clang version detection code
Prevents a script failure when attempting to run build_aes_armce on a system without clang

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2024-01-30 13:56:38 +00:00
Tom Cosgrove
9e4eeff6e0 Fix comment about verison of clang required for 'build_aes_armce'
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2024-01-30 13:51:18 +00:00
Gilles Peskine
03aa9bc226 Switch pk_setup_for_type() to return MBEDTLS_ERR_xxx
Use mbedtls return codes rather than a boolean "has test not failed?".

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-30 11:18:42 +01:00
Gilles Peskine
3da3c0a000 Always call psa_crypto_init when testing mbedtls_pk_get_psa_attributes
mbedtls_pk_get_psa_attributes() actually works without having initialized
the PSA subsystem, because it doesn't call any non-client PSA API functions.
But the function is only useful in conjunction with the PSA API: it's
meant to be followed by importing a key with the resulting attributes. We
don't advertize it to work without an up-and-running PSA subsystem, and
there's no need to test it without an up-and-running PSA subsystem as we
were (accidentally) doing.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-30 10:22:29 +01:00
Gilles Peskine
f8c2cd1489 Update preprocessor guard comment
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-30 10:18:36 +01:00
Gilles Peskine
e0c13cffb3 Update some msg descriptions
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-30 10:17:49 +01:00
Valerio Setti
307ce2cff5 test_psa_compliance: use the last upstream release of psa-arch-tests
Release: v23.06_API1.5_ADAC_EAC
This fixes all the issues that were previously added as exceptions.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-30 09:25:07 +01:00
Valerio Setti
7a795fd951 suite_psa_crypto_util: add more test cases for DER->RAW
- r with MSb set
- Invalid r (only 1 zero byte)

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-29 18:08:42 +01:00
Valerio Setti
ee5238fcf4 suite_psa_crypto_util: add more testing for mbedtls_ecdsa_raw_to_der()
A new test function is added, ecdsa_raw_to_der_incremental, that tests
incremental output DER buffer sizes checking that only the correct one
(tested at last) works correctly.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-29 17:45:18 +01:00