1
0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-10-24 20:10:17 +08:00
Commit Graph

58 Commits

Author SHA1 Message Date
Gilles Peskine
989c13dece Remove ad hoc is_valid_for_signature method
Use the new generic is_public method.

Impact on generated cases: there are new HMAC test cases for SIGN_HASH. It
was a bug that these test cases were previously not generated.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 16:15:44 +02:00
Gilles Peskine
c2fc241e46 Test attempts to use a public key for a private-key operation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
23cb12ef9f A key agreement algorithm can contain a key derivation
PSA_ALG_KEY_AGREEMENT(..., kdf) is a valid key derivation algorithm
when kdf is one.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
390543381c Add knowledge of the compatibility of key types and algorithms
Determine key types that are compatible with an algorithm based on
their names.

Key derivation and PAKE are not yet supported.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
0dacd4d266 Add knowledge of algorithms
Determine the category of operations supported by an algorithm based
on its name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
2a71b72bd5 Add missing type annotation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
aeb8d66525 Ensure files get closed when they go out of scope
This is automatic in CPython but not guaranteed by the language. Be friendly
to other Python implementations.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-03-04 20:18:28 +01:00
Przemyslaw Stekiel
e2b50957df test_case.py: add new line between test cases
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-11-09 14:40:35 +01:00
Przemyslaw Stekiel
1ab3a5ca98 generate_psa_tests.py: add key generation result to test case argument list, add comments
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-11-09 12:01:19 +01:00
Przemyslaw Stekiel
997caf835c Add test class for key generation
Genertae test_suite_psa_crypto_generate_key.generated.data.
Use test_suite_psa_crypto_generate_key.function as a test function.

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-11-09 11:55:58 +01:00
Gilles Peskine
35115f9c1a New algorithm PSA_ALG_RSA_PSS_ANY_SALT
This is a variant of PSA_ALG_RSA_PSS which currently has exactly the same
behavior, but is intended to have a different behavior when verifying
signatures.

In a subsequent commit, PSA_ALG_RSA_PSS will change to requiring the salt
length to be what it would produce when signing, as is currently documented,
whereas PSA_ALG_RSA_PSS_ANY_SALT will retain the current behavior of
allowing any salt length (including 0).

Changes in this commit:

* New algorithm constructor PSA_ALG_RSA_PSS_ANY_SALT.
* New predicates PSA_ALG_IS_RSA_PSS_STANDARD_SALT (corresponding to
  PSA_ALG_RSA_PSS) and PSA_ALG_IS_RSA_PSS_ANY_SALT (corresponding to
  PSA_ALG_RSA_PSS_ANY_SALT).
* Support for the new predicates in macro_collector.py (needed for
  generate_psa_constant_names).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-28 10:06:38 +02:00
Gilles Peskine
3545103fd4 Break out algorithm_tester() as a separate method
No intended behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-27 21:38:56 +02:00
gabor-mezei-arm
e4b7499f74 Refactor handlibg of the key usage flags
Move implicit usage flags handling to the StorageKey class.
Create a subclass for test case data.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 15:29:24 +02:00
gabor-mezei-arm
5071a2e30e Use regexp pattern instaed of string
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 11:19:41 +02:00
gabor-mezei-arm
7e0d724d40 Keep the imported classes sorted
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 11:17:14 +02:00
gabor-mezei-arm
805c735a8b Move key type validation to crypto_knowledge
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 21:36:58 +02:00
gabor-mezei-arm
acfcc18697 Rename variables and funcions
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 19:39:31 +02:00
gabor-mezei-arm
e84d321317 Use string in dict instead of Expr object
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 16:54:11 +02:00
gabor-mezei-arm
927742ec71 Add better name for variables
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 16:41:35 +02:00
gabor-mezei-arm
044fefcdfb Add test case generation for usage extensions when loading keys
Add test cases validating that if a stored key only had the hash policy,
then after loading it psa_get_key_attributes reports that it also has the
message policy, and the key can be used with message functions.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 15:28:36 +02:00
gabor-mezei-arm
15c1f03f78 Add key usage policy extension support for key generation
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 15:28:34 +02:00
Gilles Peskine
efb584d4c0 Add storage tests for lifetimes
Test keys with various persistence levels, enumerated from the
metadata tests.

For read-only keys, do not attempt to create or destroy the key
through the API, only to read a key that has been injected into
storage directly through filesystem access.

Do not test keys with a non-default location, since they require a
driver and we do not yet have a dependency mechanism to require the
presence of a driver for a specific location value.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-28 12:53:15 +02:00
Gilles Peskine
4c7da69c2b Collect lifetime constructors
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-28 12:53:15 +02:00
Gilles Peskine
e02263da34 Add lifetime metadata tests
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-27 21:10:09 +02:00
Gilles Peskine
46d3a3782d Document include_intermediate in PSAMacroEnumerator
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 19:35:25 +02:00
Gilles Peskine
08966e6fbc Remove duplicates from enumerated test inputs
When generating expressions to construct test case data, there can be
duplicate values, for example if a value of the form C(A) is present
as such in test_suite_psa_crypto_metadata.data and also constructed by
enumerating the argument A for the constructor C. Eliminate such
duplicates in generate_expressions.

This commit removes many test cases that were exact duplicates (and
were near-duplicates differing only in whitespace before the
whitespace normalization).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 19:35:05 +02:00
Gilles Peskine
0a93c1b1ce Normalize whitespace in test arguments
Avoid ending up with test cases that only differ in whitespace in an
argument.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 19:34:47 +02:00
Gilles Peskine
b93f854f4c Expand psa_generate_tests to support constructor arguments
In macro_collector.py, base InputsForTest on PSAMacroEnumerator rather
than PSAMacroCollector. It didn't make much sense to use
PSAMacroCollector anymore since InputsForTest didn't use anything
other than the constructor.

psa_generate_tests now generates arguments for more macros.
In particular, it now collects macro arguments from
test_suite_psa_crypto_metadata. Algorithms with parameters are now
supported.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 19:34:09 +02:00
Gilles Peskine
0ba69a462e Fix KeyType with parameters passed in the name argument
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 19:31:21 +02:00
Gilles Peskine
d6d2d6a7d7 Use InputsForTest in generate_psa_tests
In generate_psa_tests, use InputsForTest rather than PSAMacroCollector
to gather values. This way, the enumeration of values to test includes
values used in metadata tests in addition to constructors parsed from
header files. This allows greater coverage of values built from
constructors with arguments. This doesn't make a difference yet, but
it will once algorithm constructors with arguments are supported in
generate_psa_tests.

Make the injection of numerical values optional. They are useful for
test_psa_constant_names, so keep them there. Don't use them for
not-supported tests: they might make sense, but the current code
wouldn't work since it doesn't know how to make up fake key material
or what dependencies to generate. Don't use them for storage tests:
they only make sense for supported values.

Don't inject 'PSA_SUCCESS': that's superfluous.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 19:31:21 +02:00
Gilles Peskine
3cf3a8ebdf Move InputsForTest to macro_collector.py
This is useful to generate PSA tests for more than constant names.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 19:31:21 +02:00
Gilles Peskine
77e47c05f3 Add key material for twisted Edwards curves
Add the test keys from RFC 8032 (§7.1 Ed25519 "TEST 1", §7.4 Ed448 "Blank").
This replaces the generic byte-sized data used for unknown key types
which no longer works now that Ed25519 is considered to have 255 bits.

Re-generate the automatically generated test data accordingly.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-29 15:08:10 +02:00
Gilles Peskine
a00abc6b65 Consistently describe Ed25519 as a 255-bit curve
The coordinates are over $F_{2^{255}-19}$, so by the general
definition of the bit size associated with the curve in the
specification, the value for size attribute of keys is 255.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-29 14:55:44 +02:00
Gilles Peskine
67546802fe New elliptic curve family: twisted Edwards
Add an elliptic curve family for the twisted Edwards curves
Edwards25519 and Edwards448 ("Goldilocks"). As with Montgomery curves,
since these are the only two curves in common use, the family has a
generic name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-29 14:55:44 +02:00
Gilles Peskine
f8223abb16 Cover all key types
Generate test cases for all key types. These test cases cover the key
representation (checked with export) and the encoding of the key type and
the bit-size.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-10 23:22:35 +01:00
Gilles Peskine
2352396808 Obtain the values of expressions by running C code
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-10 23:22:35 +01:00
Gilles Peskine
e00944807c New python module to encode a PSA key for storage
Construct an object given the attributes and material for a PSA crypto key
and get the Mbed TLS storage representation.

The code to generate the storage representation was written based on the
specification in docs/architecture/mbed-crypto-storage-specification.md,
without looking at the code.

The data in the unit tests is from the AES-128 format_storage_data_check
test case in test_suite_psa_crypto_persistent_key.data, tweaked manually.

This commit creates a basic framework for using symbolic values for
attributes, but does not yet implement obtaining the corresponding numerical
values from an external source.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-10 23:22:35 +01:00
Gilles Peskine
33c601cb73 Hook up PSAMacroCollector to PSAMacroEnumerator
Make it possible to enumerate the key types, algorithms, etc.
collected by PSAMacroCollector.

This commit ensures that all fields of PSAMacroEnumerator are filled
by code inspection. Testing of the result may reveal more work to be
done in later commits.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-10 23:22:35 +01:00
Gilles Peskine
22fcf1b5f5 Move PSAMacroEnumerator to macro_collector
It's useful for more than test_psa_constant_names.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-10 23:22:35 +01:00
Gilles Peskine
10ab267afb Add some type annotations
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-10 23:22:35 +01:00
Gilles Peskine
d75adfcb3b KeyType: do a sanity check on the key type expression
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 18:05:27 +01:00
Gilles Peskine
4fbffcd144 Do not require typing_extensions at runtime
There are type annotations that indirectly depend on the
typing_extensions module (on Python 3.5-3.7: Protocol was added to the
core typing module in 3.8). The typing_extensions module is not
installed by default, so the code didn't run on a pristine Python
installation.

To avoid depending on a non-default module, make the dependency on
typing_extensions optional. (It's still required to run mypy, but
installing mypy takes care of providing typing_extensions.) If it
isn't available, provide a substitute definition that's just good
enough to get the scripts to run.

Move this ugly code to its own module to avoid the temptation of
spreading such ugliness all over the place. It's likely to be used in
other modules anyway.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:58:29 +01:00
Gilles Peskine
fa3c69a60f Improve documentation of crypto_knowledge.KeyType
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:58:29 +01:00
Gilles Peskine
505cc641de Use the base name of the generating script, not the full path
Otherwise the generation is sensitive to trivial differences such as
running `tests/scripts/generate_psa_tests.py` vs
`./tests/scripts/generate_psa_tests.py` vs an absolute path.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine
0ac258ed0b Don't consider secp192r1
SECP192R1 is declared in the PSA API specification, but it's an old
one that Mbed TLS doesn't support and even OpenSSL doesn't support.
We don't have test vectors for it. Just skip it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine
0cbaf056fa Add some randomly generated keys
RSA-1536:
```
openssl genrsa 1536 2>/dev/null | openssl rsa -outform DER -pubout |hexlify
```
then formatted manually.

ECC except Montgomery:
```
function e { openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:$1 -text |perl -0777 -pe 's/.*\npriv:([\n 0-9a-f:]*)pub:([\n 0-9a-f:]*).*/"$1","$2"/s or die; y/\n ://d; s/,/,\n              /;' |xsel -b; }
```

Curve448:
```
openssl genpkey -algorithm x448
```
then formatted manually.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine
6f6483f2d2 New module for key material for asymmetric key types
Asymmetric keys can't just be arbitrary byte strings: the public key
has to match the private key and the private key usually has
nontrivial constraints.

In order to have deterministic test data and not to rely on
cryptographic dependencies in the Python script, hard-code some test
keys.

In this commit, copy some test keys from test_suite_psa_crypto.data.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine
8ffb585659 New function to write a whole .data file
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Gilles Peskine
db2f575c9d New Python module for generating Mbed TLS test cases
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Gilles Peskine
397b0287b1 Create sample key material for symmetric keys
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00