mbedtls

mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	f4ceb16813	Fix dependencies for SHA-3 MD dispatch tests Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-09-24 09:48:46 +02:00
Manuel Pégourié-Gonnard	cc21ad441a	Add SHA-3 support to libtestdriver1 Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-09-24 09:48:45 +02:00
Gilles Peskine	ae3cda9541	Merge pull request #8092 from silabs-Kusumit/PBKDF2_output_key PBKDF2: test output_key	2023-09-22 18:01:06 +00:00
Gilles Peskine	18e1d11cfe	Merge pull request #1049 from waleed-elmelegy-arm/Switch-pkparse-to-mbedtls_pkcs5_pbe2_ext Switch pkparse to use new pkcs5/12 pbe functions	2023-09-22 18:06:50 +02:00
Dave Rodgman	9fc868012c	Fix test error Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-22 10:56:13 +01:00
Gilles Peskine	193f94276e	Merge pull request #1071 from gilles-peskine-arm/ssl_decrypt_stream_short_buffer Fix buffer overread in mbedtls_ssl_decrypt_buf with stream cipher	2023-09-22 11:43:03 +02:00
Dave Rodgman	fbe74a9e51	Add mbedtls_ct_error_if, with tests Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-22 09:58:25 +01:00
Dave Rodgman	9d0869140b	Remove tests for mbedtls_ct_int_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-21 21:54:08 +01:00
Dave Rodgman	f1915f623d	Improve testing for mbedtls_ct_int_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-21 19:22:59 +01:00
Dave Rodgman	cc3c670670	Fix compiler cast warning Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-21 16:33:26 +01:00
Waleed Elmelegy	3643947a1e	Add correct dependencies for AES-192/256 cipher tests Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-21 16:22:15 +01:00
Waleed Elmelegy	38202a2b18	Improve pkparse test dependencies and changelog Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-21 15:21:10 +01:00
Waleed Elmelegy	f4e665101d	Add more tests to check setting padding mode Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-21 14:04:35 +01:00
Dave Rodgman	93b3228d42	Add tests for mbedtls_ct_error_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-21 13:50:51 +01:00
Waleed Elmelegy	556a0790f6	Fix code style in pkparse tests Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-21 09:19:56 +01:00
Waleed Elmelegy	9d4d8ebaf2	Add PKCS5/12 dependecies to pkparse tests Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-21 08:45:56 +01:00
Gilles Peskine	29d0bfba0d	Rename option where concatenated with -D Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-20 23:11:33 +02:00
Waleed Elmelegy	15bcf38e88	Add test pkparse test dependencies Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-20 20:02:16 +01:00
Waleed Elmelegy	1db5cdaf57	Add tests to test pkcs8 parsing of encrypted keys Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-20 19:29:02 +01:00
Waleed Elmelegy	d527896b7e	Switch pkparse to use new mbedtls_pkcs12_pbe_ext function Switch pkparse to use new mbedtls_pkcs12_pbe_ext function and deprecate mbedtls_pkcs12_pbe function. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-20 19:29:02 +01:00
Waleed Elmelegy	c9f4040f7f	Switch pkparse to use new mbedtls_pkcs5_pbes2_ext function Switch pkparse to use new mbedtls_pkcs5_pbes2_ext function and deprecate mbedtls_pkcs5_pbes2 function. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-20 19:28:28 +01:00
Manuel Pégourié-Gonnard	5edb942708	Merge pull request #8041 from mpg/tfm-p256m Test TF-M config with p256-m driver	2023-09-20 16:09:56 +00:00
Paul Elliott	5382ba6987	Merge pull request #8230 from gilles-peskine-arm/test_tls1_2_ecjpake_compatibility-avoid-build-race Work around a race condition in parallel builds	2023-09-20 15:53:04 +00:00
Gilles Peskine	edc8456e01	Work around a race condition in parallel builds Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-20 15:03:18 +02:00
Gilles Peskine	eda1b1f744	Merge pull request #7921 from valeriosetti/issue7613 TLS: Clean up ECDSA dependencies	2023-09-20 12:47:55 +00:00
Dave Rodgman	143f5f7c68	Add mbedtls_ct_bool_if and mbedtls_ct_bool_if_else_0 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-19 21:52:13 +01:00
Dave Rodgman	1cfc43c77b	Rename mbedtls_ct_bool_xor to mbedtls_ct_bool_ne Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-19 18:39:33 +01:00
Dave Rodgman	986006e567	Make TEST_CALLOC_NONNULL more robust Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-19 18:30:25 +01:00
Dave Rodgman	6568f60358	Simplify mbedtls_ct_memcmp_partial test Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-19 17:48:24 +01:00
Dave Rodgman	2c9f86b3b6	Add docs for mbedtls_ct_memcmp_partial test Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-19 17:48:13 +01:00
Dave Rodgman	28bc1ab923	Use exact bounds for allocations in mbedtls_ct_memcmp_partial test Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-19 17:34:57 +01:00
Dave Rodgman	a328635305	Introduce TEST_CALLOC_NONNULL Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-19 17:34:39 +01:00
Dave Rodgman	ba600b2fd9	Remove expected param from mbedtls_ct_memcmp_partial test Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-19 17:26:13 +01:00
Waleed Elmelegy	071b69f47b	Add correct dependency to DES3 test Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-19 11:24:49 +01:00
Dave Rodgman	771ac65b0c	Add tests for mbedtls_ct_memcmp_partial Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-19 09:10:59 +01:00
Gilles Peskine	d2e004e401	Test mbedtls_ssl_decrypt_buf(): stream cipher, negative cases Test mbedtls_ssl_decrypt_buf() with a null cipher (the only type of stream cipher we support). Test the good case (to make sure the test code constructs the input correctly), test with an invalid MAC, and test with a shortened input. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-18 19:07:50 +02:00
Waleed Elmelegy	6d2c5d5f5c	Adjust cipher tests to new requirement of specifying padding mode Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-18 17:41:25 +01:00
Gilles Peskine	9099d3fd76	Refactoring: create mbedtls_test_ssl_prepare_record_mac() No semantic change. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-18 17:21:15 +02:00
Gilles Peskine	bd50d5baec	Merge pull request #8177 from gilles-peskine-arm/generated-files-off-in-release Generated files off in release	2023-09-18 14:11:58 +00:00
Gilles Peskine	68ec3ccc7c	Add missing cleanup Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-18 14:35:52 +02:00
Gilles Peskine	ac5fabed25	Refactoring: prepare to create mbedtls_test_ssl_prepare_record_mac() No semantic change. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-18 14:35:42 +02:00
Gilles Peskine	a3237efefb	Move testing of mbedtls_ssl_decrypt_buf to a new test suite test_suite_ssl is huge and needs splitting. Create a new test suite focused on mbedtls_ssl_decrypt_buf(), which is a complicated function that needs more thorough testing with malformed inputs. At this point, we are only doing negative testing with CBC-non-ETM test suites. This needs to grow. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-18 14:23:13 +02:00
Manuel Pégourié-Gonnard	f299efdb96	Improve a comment Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-09-18 11:19:04 +02:00
Gilles Peskine	67c86e626b	Merge pull request #7961 from gilles-peskine-arm/psa_crypto_config-in-full Enable MBEDTLS_PSA_CRYPTO_CONFIG in the full config	2023-09-18 08:13:12 +00:00
Manuel Pégourié-Gonnard	f7298cd397	Fix some issues in comments Ranging from typos to outdated comment contradicting the code. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-09-18 09:55:24 +02:00
Gilles Peskine	8a7fb2d799	Merge pull request #1055 from waleed-elmelegy-arm/add-new-pkcs12-pbe2-ext-fun Add new pkcs12 pbe2 ext fun	2023-09-15 18:43:03 +02:00
Manuel Pégourié-Gonnard	b95e92cd41	Merge pull request #8076 from valeriosetti/issue8005 Test with ECC and FFDH accelerated and no bignum	2023-09-14 09:12:35 +00:00
Gilles Peskine	0ddffb6de2	Merge pull request #7210 from sergio-nsk/patch-2 Fix llvm error: variable 'default_iv_length' and other may be used uninitialized	2023-09-13 16:38:55 +02:00
Gilles Peskine	3cea3efc25	Merge pull request #8025 from AgathiyanB/accept-numericoid-hexstring-x509 Accept numericoid hexstring x509	2023-09-13 08:54:33 +00:00
Dave Rodgman	da0bb9fae8	Merge pull request #8034 from gilles-peskine-arm/bump_version-doc_mainpage Update capitalization of "Mbed" and fix bump_version.sh	2023-09-13 08:41:20 +00:00
Gilles Peskine	2e38a0d603	More spelling corrections Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-12 19:19:31 +02:00
Gilles Peskine	e820c0abc8	Update spelling "mbed TLS" to "Mbed TLS" The official spelling of the trade mark changed from all-lowercase "mbed" to normal proper noun capitalization "Mbed" a few years ago. We've been using the new spelling in new text but still have the old spelling in a lot of text. This commit updates most occurrences of "mbed TLS": ``` sed -i -e 's/mbed TLS/Mbed TLS/g' $(git ls-files ':!ChangeLog' ':!tests/data_files/*' ':!tests/suites/.data' ':!programs/x509/' ':!configs/tfm') ``` Justification for the omissions: * `ChangeLog`: historical text. * `test/data_files/*`, `tests/suites/.data`, `programs/x509/`: many occurrences are significant names in certificates and such. Changing the spelling would invalidate many signatures and tests. `configs/tfm*`: this is an imported file. We'll follow the upstream updates. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-12 19:18:17 +02:00
Waleed Elmelegy	57d09b72ef	Return back to modifying input parameters in pkcs12_parse_pbe_params Return back to modifying input parameters in pkcs12_parse_pbe_params to avoid change in behaviour. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-12 14:05:10 +01:00
Waleed Elmelegy	a7d206fce6	Check set_padding has been called in mbedtls_cipher_finish Check set_padding has been called in mbedtls_cipher_finish in modes that require padding. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-12 13:39:36 +01:00
Paul Elliott	45b6e5e69f	Prevent potential use of uninitialised data in pkcs7 tests Move the initialisation of the pkcs7 object to before the first possible test failure, otherwise failure in those tests could result in an uninitialised pointer being free'd. Found by coverity. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-09-12 11:58:21 +01:00
Dave Rodgman	49d7223036	Fix test under memsan Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-12 11:03:23 +01:00
Dave Rodgman	70e022b024	code style Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-12 09:29:13 +01:00
Manuel Pégourié-Gonnard	e9d97976b2	Update list of ignored tests Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-09-12 09:50:17 +02:00
Manuel Pégourié-Gonnard	96839e7450	Move common things to common function These should be shared between ref and accel, for meaningful coverage comparison. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-09-12 09:50:17 +02:00
Manuel Pégourié-Gonnard	0509b5878c	Fix INVALID vs NOT_SUPPORTED issue in test suite This fixes the last remaining failure. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-09-12 09:50:17 +02:00
Manuel Pégourié-Gonnard	25b45db3d8	Disable ECP_C in component with p256-m driver Builds, but 20 test cases failing in test_suite_psa_crypto, to be addressed in future commits. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-09-12 09:50:16 +02:00
Dave Rodgman	140d5c77d0	Add single-bit difference tests Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-11 19:10:05 +01:00
Waleed Elmelegy	e1cb35b719	Add new mbedtls_pkcs12_pbe_ext function to replace old function Add new mbedtls_pkcs12_pbe_ext function to replace old mbedtls_pkcs12_pbe function that have security issues. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-08 16:51:26 +01:00
Gilles Peskine	0b62b7a21f	Allow turning off re-generation of files with make In make builds, when GEN_FILES is false (empty), don't try to re-generate configuration-independent source files, regardless of whether they seem out of date. This is useful, for example, if you have a source tree where `make generated_files` has already run and file timestamps reflect the time the files were copied or extracted, and you are now in an environment that lacks some of the necessary tools to re-generate the files. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-08 16:19:13 +02:00
Gilles Peskine	31d49cd57f	Merge pull request #1053 from waleed-elmelegy-arm/Improve-and-test-mbedtls_pkcs12_pbe Improve & test legacy mbedtls_pkcs12_pbe	2023-09-08 13:08:05 +02:00
Waleed Elmelegy	1f59ee078f	Add correct dependencies to pkcs12 tests Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-07 17:59:35 +01:00
Waleed Elmelegy	096017023d	Fix identation error in pkcs12 tests Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-07 17:48:40 +01:00
David Horstmann	8ece2e9712	Fix incorrect test dependencies in pkwrite tests These should rely in MBEDTLS_PEM_{PARSE,WRITE}_C where applicable, not MBEDTLS_BASE64_C. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-09-07 17:43:12 +01:00
Waleed Elmelegy	75b9eb36b4	Change pkcs12 test comparison macro to the new macro Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-07 17:02:37 +01:00
Waleed Elmelegy	8317e91b1e	Change pkcs12 test allocation macros to the new macros Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-07 15:46:58 +01:00
Waleed Elmelegy	15de809e1a	Improve pkcs12 pbe tests * Simplify pkcs12 tests to use algo parameters instead of asn1 buffers. * Fix output buffers allocation size. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-05 16:34:55 +01:00
Waleed Elmelegy	255db80910	Improve & test legacy mbedtls_pkcs12_pbe * Prevent pkcs12_pbe encryption when PKCS7 padding has been disabled since this not part of the specs. * Allow decryption when PKCS7 padding is disabled for legacy reasons, However, invalid padding is not checked. * Document new behaviour, known limitations and possible security concerns. * Add tests to check these scenarios. Test data has been generated by the below code using OpenSSL as a reference: #include <openssl/pkcs12.h> #include <openssl/evp.h> #include <openssl/des.h> #include <openssl/asn1.h> #include "crypto/asn1.h" #include <string.h> int main() { char pass[] = "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB"; unsigned char salt[] = "\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC"; unsigned char plaintext[] = "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"; unsigned char ciphertext = NULL; int iter = 10; X509_ALGOR alg = X509_ALGOR_new(); int ciphertext_len = 0; int alg_nid = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; alg->parameter = ASN1_TYPE_new(); struct asn1_object_st * aobj; PKCS5_pbe_set0_algor(alg, alg_nid, iter, salt, sizeof(salt)-1); aobj = alg->algorithm; printf("\"30%.2X", 2 + aobj->length + alg->parameter->value.asn1_string->length); printf("06%.2X", aobj->length); for (int i = 0; i < aobj->length; i++) { printf("%.2X", aobj->data[i]); } for (int i = 0; i < alg->parameter->value.asn1_string->length; i++) { printf("%.2X", alg->parameter->value.asn1_string->data[i]); } printf("\":\""); for (int i = 0; i < sizeof(pass)-1; i++) { printf("%.2X", pass[i] & 0xFF); } printf("\":\""); for (int i = 0; i < sizeof(plaintext)-1; i++) { printf("%.2X", plaintext[i]); } printf("\":"); printf("0"); printf(":\""); unsigned char * res = PKCS12_pbe_crypt(alg, pass, sizeof(pass)-1, plaintext, sizeof(plaintext)-1, &ciphertext, &ciphertext_len, 1); if (res == NULL) printf("Encryption failed!\n"); for (int i = 0; i < ciphertext_len; i++) { printf("%.2X", res[i]); } printf("\"\n"); return 0; } Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com> #	2023-09-05 15:45:55 +01:00
Kusumit Ghoderao	94d319065a	Set input cost as 1 for psa_key_exercise test Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-09-05 19:30:22 +05:30
Kusumit Ghoderao	7c61ffcc44	Rename parse_binary_string function Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-09-05 19:29:47 +05:30
Valerio Setti	5dfaca4af5	all.sh: fix comments Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-09-05 08:48:51 +02:00
Agathiyan Bragadeesh	4ce9ac8463	Add round trip tests for x509 RDNs Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-09-04 16:18:26 +01:00
Gilles Peskine	1a7d387072	Merge pull request #1041 from waleed-elmelegy-arm/add-new-pkcs5-pbe2-ext-fun Add new pkcs5 pbe2 ext fun	2023-09-04 15:33:42 +02:00
Tom Cosgrove	b2fafa5a49	config-wrapper-zeroize-memset.h should be user-config-zeroize-memset.h and not include mbedtls_config.h Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-09-02 19:22:45 +01:00
Tom Cosgrove	7eced7d1d2	Move zeroize-as-memset into a config file under tests/ Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-09-02 19:22:45 +01:00
Tom Cosgrove	daddf11a30	Add a build to all.sh to check mbedtls_platform_zeroize() calls Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-09-02 19:22:45 +01:00
Tom Cosgrove	351a391011	Fix incorrect use of mbedtls_platform_zeroize() in tests Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-09-02 19:22:45 +01:00
Dave Rodgman	4f69668558	Merge pull request #8082 from daverodgman/misc-code-size Misc code size improvements	2023-09-02 11:44:31 +00:00
Paul Elliott	6147511bc0	Merge pull request #7955 from davidhorstmann-arm/psa-crypto-script-changes Miscellaneous changes to scripts for PSA-Crypto enablement	2023-08-31 18:19:52 +00:00
Paul Elliott	6ebe7d2e3a	Merge pull request #8095 from davidhorstmann-arm/initialize-struct-get-other-name Coverity fix: Set `type_id` in `x509_get_other_name()`	2023-08-31 16:26:00 +00:00
Paul Elliott	b5d97156e4	Merge pull request #7857 from minosgalanakis/bugifx/address_curve_bits [BigNum] test_suite_ecp: Fixed curve bit-length.	2023-08-31 13:14:11 +00:00
Dave Rodgman	a9a53a05f0	Merge remote-tracking branch 'origin/development' into misc-code-size	2023-08-31 11:53:46 +01:00
Gilles Peskine	f7632382cc	Merge pull request #8130 from davidhorstmann-arm/fix-unnecessary-include-prefixes Fix unnecessary header prefixes in tests	2023-08-31 08:57:26 +00:00
Gilles Peskine	7b2b76a2d4	Merge pull request #7165 from yanrayw/7094-collect-compatsh-test-cases check_test_cases.py: support to collect test cases for compat.sh	2023-08-31 07:30:20 +00:00
Dave Rodgman	dbddb00158	Ensure mbedtls_sha3_finish zeroizes the context Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-08-30 18:43:23 +01:00
Gilles Peskine	03e9dea30b	Merge remote-tracking branch 'development' into psa_crypto_config-in-full Conflicts: * `include/psa/crypto_sizes.h`: the addition of the `u` suffix in this branch conflicts with the rework of the calculation of `PSA_HASH_MAX_SIZE` and `PSA_HMAC_MAX_HASH_BLOCK_SIZE` in `development`. Use the new definitions from `development`, and add the `u` suffix to the relevant constants.	2023-08-30 18:32:57 +02:00
Gilles Peskine	2c40b90598	ssl-opt.sh doesn't actually use OPENSSL_LEGACY: remove unused function Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-30 16:38:56 +02:00
David Horstmann	22ec2aefa9	Fix unnecessary header prefixes in tests Remove unnecessary "../library" prefix from test suite includes. This makes the tests repo-agnostic between the mbedtls and psa-crypto repos. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-30 15:34:34 +01:00
Waleed Elmelegy	21d7d85af7	Fix mbedtls_pkcs5_pbes test function failure Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-08-30 13:12:09 +01:00
Yanray Wang	63f0abe226	check_test_cases: add a comment to explain idx in walk_compat_sh Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-08-30 18:31:37 +08:00
Dave Rodgman	730bbee226	Merge remote-tracking branch 'origin/development' into update-restricted-2023-08-30	2023-08-30 11:22:00 +01:00
Dave Rodgman	29bf911058	Merge pull request #7839 from daverodgman/psa-sha3 SHA-3 via PSA	2023-08-30 08:51:36 +00:00
David Horstmann	8f3ec8ec9d	Use '--target' instead of shortened '-t' This enables compatibility with older versions of CMake that do not have the abbreviated switch. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-30 09:46:20 +01:00
Yanray Wang	ab717b5287	Merge remote-tracking branch 'origin/development' into 7094-collect-compatsh-test-cases	2023-08-30 10:38:28 +08:00
David Horstmann	3ed1871920	Disable pylint error for non-uppercase names Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-29 18:20:19 +01:00
Dave Rodgman	33e1f42307	Fix use of mbedtls_psa_safer_memcmp in test code Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-08-29 18:17:29 +01:00
David Horstmann	9cc6b2f446	Add missing import in test_psa_compliance.py Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-29 17:36:35 +01:00
David Horstmann	fd9264e65b	Fix pylint errors Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-29 16:21:15 +01:00
Gilles Peskine	a878b663cf	Merge pull request #8090 from silabs-Kusumit/PBKDF2_higher_cost_tests PBKDF2: tests with higher input costs	2023-08-29 14:00:17 +00:00
David Horstmann	41c316d3b2	Move -B switch into a single argument This will prevent CMake from mistaking the build directory for the source directory Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-29 14:57:23 +01:00
Waleed Elmelegy	79b6e26b1b	Improve mbedtls_pkcs5_pbes2_ext function test data Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-08-29 14:55:03 +01:00
David Horstmann	b48822c816	Appease pylint by renaming variables Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-29 14:12:53 +01:00
David Horstmann	beaee2604f	Test PSA compliance: Build only the crypto target Use CMake's -t option to build only the crypto target. Parameterize the crypto target to have the right name depending on whether this is Mbed TLS or PSA Crypto. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-29 14:01:52 +01:00
David Horstmann	c69074dcf6	Tidy up reference to Mbed TLS in help message Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-29 13:46:11 +01:00
David Horstmann	2ba89bece6	Disable pylint error in CMake command Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-29 10:37:29 +01:00
David Horstmann	3b8984af5c	Remove or qualify references to Mbed TLS Either remove exclusive references to Mbed TLS or accompany them with references to "PSA Crypto". Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-29 10:32:26 +01:00
David Horstmann	f757069269	Rename 'mbedtls_dir' -> 'root_dir' This makes it more repo-agnostic Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-29 10:27:13 +01:00
David Horstmann	98af198a30	Correctly detect presence of the built library Use the repo-specific test not just the Mbed TLS specific one. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-29 10:25:54 +01:00
David Horstmann	58cf7c6c38	Use repo detection functions at start of all.sh Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-29 10:15:05 +01:00
David Horstmann	d02b5f8f56	Separate directory discernment into 2 functions Have separate in_mbedtls_repo() and in_psa_crypto_repo() functions Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-29 09:55:56 +01:00
Gilles Peskine	1783870681	compat.sh: add --preserve-logs option Similar to ssl-opt.sh. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-28 17:36:52 +02:00
Dave Rodgman	d395590597	Merge pull request #7579 from daverodgman/safer-ct-asm Arm assembly implementation of constant time primitives	2023-08-28 08:26:29 +00:00
Gilles Peskine	7be571ac85	Remove GNUTLS_LEGACY and OPENSSL_LEGACY They aren't used anywhere. Keep the command line options of all.sh to avoid breaking any wrapper scripts that people might have. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-27 21:51:54 +02:00
Gilles Peskine	e29203be88	Stop using "legacy" OpenSSL and GnuTLS None of the tests actually need GNUTLS_LEGACY (3.3.8): GNUTLS (3.4.10) works. None of the tests actually need OPENSSL_LEGACY (1.0.1j): OPENSSL (1.0.2g) works. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-27 21:43:00 +02:00
Gilles Peskine	5f5e3886c5	Minor robustness improvement Let openssl use any experimental or obsolete cipher that's not in ALL. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-27 21:41:31 +02:00
Gilles Peskine	5cb8605d79	ssl-opt.sh doesn't actually use OPENSSL_LEGACY, so remove it Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-27 21:40:56 +02:00
Gilles Peskine	8ca2041145	Merge pull request #8074 from tgonzalezorlandoarm/tg/allowlist Implement allowlist of test cases that are legitimately not executed	2023-08-24 18:03:20 +00:00
David Horstmann	0ac57ca6c6	Rename is_psa_crypto -> in_psa_crypto_repo (For consistency with all.sh) Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-24 15:18:18 +01:00
David Horstmann	7f93d22ad9	Rename psa_crypto_lib_filename to just crypto_lib_filename Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-24 15:18:18 +01:00
David Horstmann	4dcddcfae2	Parameterize out of source build directory Use CMake to build the library out-of-source (rather than make) in tests/scripts/test_psa_compliance.py and add a script argument for the out-of-source build directory. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-24 15:18:18 +01:00
David Horstmann	76a7738537	Invert logic for repo detection in all.sh Instead of: ! in_psa_crypto_repo() use in_mbedtls_repo() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-24 15:18:18 +01:00
David Horstmann	e31014a681	Tweak test_psa_compliance pylint annotations Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-24 15:18:18 +01:00
David Horstmann	1d09184291	Modify test_psa_compliance.py for psa-crypto repo Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-24 15:18:18 +01:00
David Horstmann	9a6c45b436	Make all.sh PSA-crypto-friendly Introduce changes needed to run all.sh in the psa-crypto repo. Where behaviour must differ, detect that we are in the psa-crypto repo by checking for the 'core' directory. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-24 15:18:11 +01:00
Tomás González	d43cab3f5c	Correct analyze_outcomes identation Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>	2023-08-24 09:12:40 +01:00
Agathiyan Bragadeesh	733766bc71	Remove trailing whitespace in data file. Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-23 15:44:52 +01:00
Agathiyan Bragadeesh	de84f9d67a	Add test for rejecting empty AttributeValue Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-23 11:44:04 +01:00
Gilles Peskine	e65bba4dd2	Merge pull request #7803 from gilles-peskine-arm/psa-low-hash-mac-size Start testing the PSA built-in drivers: hashes	2023-08-22 11:19:41 +00:00
Tomás González	a0631446b5	Correct analyze_outcomes.py identation Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>	2023-08-22 12:18:04 +01:00
Agathiyan Bragadeesh	ea3e83f36a	Amend test in test_suite_x509write Needed since we now reject escaped null hexpairs in strings Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	01e9392c3f	Add malformatted DER test for string_to_names Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	cab79188ca	Remove redundant tests in test_suite_x509write Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	a0ba8aab2e	Add test for non ascii x509 subject name Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	a953f8ab36	Remove duplicate test in test_suite_x509write The test for outputing a hexstring representation is actually testing dn_gets, and is tested in test_suite_x509parse. Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	957ca0595d	Accept short name/ber encoded data in DNs Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	afdb187bbc	Add more comprehensive string to name tests Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	e59dedbce2	Add test reject null characters in string to names Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	5ca9848513	Reword test in test_suite_x509write Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	47cc76f070	Update x509 test for numericoid/hexstring output Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	ef299d6735	Add more tests for RFC 4514 Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	404b4bb9ab	Add x509 tests for upper and lowercase hexpairs Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	dba8a641fe	Add and update tests for x509write and x509parse Due to change in handling non-ascii characters, existing tests had to be updated to handle the new implementation. New tests and certificates are added to test the escaping functionality in edge cases. Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:52 +01:00
Agathiyan Bragadeesh	ef2decbe4a	Escape hexpairs characters RFC 4514 Converts none ascii to escaped hexpairs in mbedtls_x509_dn_gets and interprets hexpairs in mbedtls_x509_string_to_names. Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:38:16 +01:00
Agathiyan Bragadeesh	48513b8639	Escape special characters RFC 4514 This escapes special characters according to RFC 4514 in mbedtls_x509_dn_gets and de-escapes in mbedtls_x509_string_to_names. This commit does not handle hexpairs. Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:38:16 +01:00
Tomás González	5022311c9d	Tidy up allow list definition * Don't break string literals in the allow list definition * Comment each test that belongs to the allow list is there. Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>	2023-08-22 09:54:28 +01:00
Tomás González	7ebb18fbd6	Make non-executed tests that are not in the allow list an error * Turn the warnings produced when finding non-executed tests that are not in the allow list into errors. Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>	2023-08-22 09:47:49 +01:00
Gilles Peskine	6d14c2b858	Remove dead code Do explain why we don't test a smaller buffer in addition to testing the nominal size and a larger buffer. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-22 09:59:50 +02:00
Gilles Peskine	c9187c5866	New test suite for the low-level hash interface Some basic test coverage for now: * Nominal operation. * Larger output buffer. * Clone an operation and use it after the original operation stops. Generate test data automatically. For the time being, only do that for hashes that Python supports natively. Supporting all algorithms is future work. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-22 09:59:42 +02:00
Tom Cosgrove	17d5081ffb	Merge pull request #8099 from gilles-peskine-arm/split-config_psa-prepare Prepare to split config_psa.h	2023-08-22 07:30:46 +00:00
Gilles Peskine	fdb722384b	Move PSA information and dependency automation into their own module This will let us use these features from other modules (yet to be created). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-21 18:32:11 +02:00
Gilles Peskine	796bc2b8f9	Merge pull request #7486 from AndrzejKurek/calloc-also-zeroizes Document mbedtls_calloc zeroization	2023-08-21 15:47:21 +00:00
Gilles Peskine	d686c2a822	Merge pull request #7971 from AgathiyanB/fix-data-files-makefile Fix server1.crt.der in tests/data_files/Makefile	2023-08-21 14:43:07 +00:00
Gilles Peskine	44243e11ff	Remove obsolete header inclusions Since 3.0.0, mbedtls_config.h (formerly config.h) no longer needs to include config_psa.h or check_config.h: build_info.h takes care of that. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-21 16:10:06 +02:00
Janos Follath	e220d258fd	Merge pull request #8086 from yanesca/remove-new-bignum Remove new bignum when not needed	2023-08-21 10:59:41 +00:00
Gilles Peskine	ead1766b5f	Fix PBKDF2 with empty salt segment on platforms where malloc(0)=NULL "Fix PBKDF2 with empty salt on platforms where malloc(0)=NULL" took care of making an empty salt work. But it didn't fix the case of an empty salt segment followed by a non-empty salt segment, which still invoked memcpy with a potentially null pointer as the source. This commit fixes that case, and also simplifies the logic in the function a little. Test data obtained with: ``` pip3 install cryptodome python3 -c 'import sys; from Crypto.Hash import SHA256; from Crypto.Protocol.KDF import PBKDF2; cost = int(sys.argv[1], 0); salt = bytes.fromhex(sys.argv[2]); password = bytes.fromhex(sys.argv[3]); n = int(sys.argv[4], 0); print(PBKDF2(password=password, salt=salt, dkLen=n, count=cost, hmac_hash_module=SHA256).hex())' 1 "" "706173737764" 64 ``` Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-20 22:05:16 +02:00
Dave Rodgman	1fdc884ed8	Merge pull request #7384 from yuhaoth/pr/add-aes-accelerator-only-mode AES: Add accelerator only mode	2023-08-18 20:55:44 +00:00
David Horstmann	cfae6a1ae9	Fix incorrect detection of HardwareModuleName The hardware module name otherName SAN contains 2 OIDs: OtherName ::= SEQUENCE { type-id OBJECT IDENTIFIER, value [0] EXPLICIT ANY DEFINED BY type-id } HardwareModuleName ::= SEQUENCE { hwType OBJECT IDENTIFIER, hwSerialNum OCTET STRING } The first, type-id, is the one that identifies the otherName as a HardwareModuleName. The second, hwType, identifies the type of hardware. This change fixes 2 issues: 1. We were erroneously trying to identify HardwareModuleNames by looking at hwType, not type-id. 2. We accidentally inverted the check so that we were checking that hwType did NOT match HardwareModuleName. This fix ensures that type-id is correctly checked to make sure that it matches the OID for HardwareModuleName. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-18 19:31:39 +01:00
Kusumit Ghoderao	8eb55891ad	Add tests in derive_key for pbkdf2 Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-08-18 22:04:31 +05:30
Kusumit Ghoderao	1dd596541b	Add tests in derive_key_type for pbkdf2 Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-08-18 22:04:31 +05:30
Kusumit Ghoderao	1fe806a1a0	Add tests in derive_key_export for pbkdf2 Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-08-18 22:04:31 +05:30
Kusumit Ghoderao	e8f6a0d791	Add tests for derive_key_exercise for pbkdf2 Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-08-18 22:04:31 +05:30
Kusumit Ghoderao	ac7a04ac15	Move parse_binary_string function to psa_crypto_helpers Add test code for pbkdf2 in psa_exercise_key Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-08-18 22:04:16 +05:30
Kusumit Ghoderao	5cad47df8a	Modify test description The test data was generated using the python script. PBKDF2_AES_CMAC_PRF_128 test vectors are generated using PyCryptodome library: https://github.com/Legrandin/pycryptodome Steps to generate test vectors: 1. pip install pycryptodome 2. Use the python script below to generate Derived key (see description for details): Example usage: pbkdf2_cmac.py <password> <salt> <number_of_iterations> <derived_key_len> derive_output.py 4a30314e4d45 54687265616437333563383762344f70656e54687265616444656d6f 16384 16 password : 4a30314e4d45 salt : 54687265616437333563383762344f70656e54687265616444656d6f input cost : 16384 derived key len : 16 output : 8b27beed7e7a4dd6c53138c879a8e33c """ from Crypto.Protocol.KDF import PBKDF2 from Crypto.Hash import CMAC from Crypto.Cipher import AES import sys def main(): #check args if len(sys.argv) != 5: print("Invalid number of arguments. Expected: <password> <salt> <input_cost> <derived_key_len>") return password = bytes.fromhex(sys.argv[1]) salt = bytes.fromhex(sys.argv[2]) iterations = int(sys.argv[3]) dklen = int(sys.argv[4]) # If password is not 16 bytes then we need to use CMAC to derive the password if len(password) != 16: zeros = bytes.fromhex("00000000000000000000000000000000") cobj_pass = CMAC.new(zeros, msg=password, ciphermod=AES, mac_len=16) passwd = bytes.fromhex(cobj_pass.hexdigest()) else: passwd = password cmac_prf = lambda p,s: CMAC.new(p, s, ciphermod=AES, mac_len=16).digest() actual_output = PBKDF2(passwd, salt=salt, dkLen=dklen, count=iterations, prf=cmac_prf) print('password : ' + password.hex()) print('salt : ' + salt.hex()) print('input cost : ' + str(iterations)) print('derived key len : ' + str(dklen)) print('output : ' + actual_output.hex()) if __name__ == "__main__": main() """ Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-08-18 12:49:07 +05:30
Bence Szépkúti	505dffd5e3	Merge pull request #7937 from yanrayw/code_size_compare_improvement code_size_compare.py: preparation work to show code size changes in PR comment	2023-08-17 20:59:11 +00:00
Gilles Peskine	73936868b8	Merge remote-tracking branch 'development' into psa_crypto_config-in-full Conflicts: * tests/scripts/all.sh: component_test_crypto_full_no_cipher was removed in the development branch.	2023-08-17 19:46:34 +02:00
Kusumit Ghoderao	e4d634cd87	Add tests with higher input costs for pbkdf2 Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-08-17 21:16:14 +05:30
Gilles Peskine	dbd13c3689	Merge pull request #7662 from lpy4105/issue/renew_cert_2027-01-01 Updating crt/crl files due to expiry before 2027-01-01	2023-08-17 15:38:35 +00:00
Janos Follath	f2334b7b39	Remove new bignum when not needed New bignum modules are only needed when the new ecp_curves module is present. Remove them when they are not needed to save code size. Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-08-17 14:36:59 +01:00
Waleed Elmelegy	4a0a989913	Fix unused parameters warnings when MBEDTLS_CIPHER_PADDING_PKCS7 is disabled Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-08-17 14:20:58 +01:00
Waleed Elmelegy	87bc1e1cda	Fix heap overflow issue in pkcs5_pbes2 testing functions Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-08-17 14:20:58 +01:00
Waleed Elmelegy	5d3f315478	Add new mbedtls_pkcs5_pbe2_ext function Add new mbedtls_pkcs5_pbe2_ext function to replace old function with possible security issues. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-08-17 14:20:58 +01:00
Gilles Peskine	294be94922	Merge pull request #7818 from silabs-Kusumit/PBKDF2_cmac_implementation PBKDF2 CMAC implementation	2023-08-17 11:15:16 +00:00
Jerry Yu	f258d17acd	remove aesni + padlock - plain c tests This test is not valid for padlock depends on plain c Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-17 12:39:00 +08:00
Jerry Yu	bdd96b9adf	disable aesni for componets without cpu modifiers Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-16 17:34:27 +08:00
Gilles Peskine	d370f93898	Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn OPC UA - add support for RFC822 and DirectoryName SubjectAltNames when generating CSR's	2023-08-16 09:19:46 +00:00
Jerry Yu	506759f5ce	fix build fail for via padlock test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-16 17:11:22 +08:00
Jerry Yu	b6d39c2f8c	Add aesni test for i386 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-16 16:14:02 +08:00
Kusumit Ghoderao	6c104b9b3b	Modify derive output test cases and add actual output Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-08-16 11:47:24 +05:30
Valerio Setti	307810babb	analyze_outcomes: add case for "ECC+FFDH w/o BN" Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-16 08:01:17 +02:00
Valerio Setti	4e2f244ab4	test: add accelerated and reference test for ECC+FFDH without BN Since most of the code in "ECC+FFDH without BN" scenario was shared with the "ECC without BN" one, I tried to reuse part of the code in order to avoid duplications. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-16 08:01:12 +02:00
Tomás González	358c6c644a	Add EdDSA and XTS to the allow list As specified in https://github.com/Mbed-TLS/mbedtls/issues/5390#issuecomment-1669585707 EdDSA and XTS tests are legitimately never executed, so add them to the allow list. Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>	2023-08-14 15:46:25 +01:00
Tomás González	b401e113ff	Add a flag for requiring full coverage in coverage tests Introduce the --require-full-coverage in analyze_outcomes.py so that when analyze_outcomes.py --require-full-coverage is called, those tests that are not executed and are not in the allowed list issue an error instead of a warning. Note that it is useful to run analyze_outcomes.py on incomplete test results, so this error mode needs to remain optional in the long term. Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>	2023-08-14 15:46:12 +01:00
Tomás González	07bdcc2b0d	Add allow list for non-executed test cases The allow list explicits which test cases are allowed to not be executed when testing. This may be, for example, because a feature is yet to be developed but the test for that feature is already in our code base. Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>	2023-08-14 15:46:12 +01:00
Dave Rodgman	a797f152ee	Merge pull request #8067 from paul-elliott-arm/fix_bignum_test_leak Fix resource leak in bignum test failure case	2023-08-14 09:33:13 +01:00
Paul Elliott	6da3d83f33	Fix resource leak in test failure case Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-08-11 16:28:06 +01:00
Dave Rodgman	963513dba5	Merge pull request #8008 from valeriosetti/issue7756 driver-only ECC: BN.TLS testing	2023-08-11 13:51:36 +00:00
Dave Rodgman	246210e3c4	Test CT asm under valgrind Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-08-11 08:47:38 +01:00
Valerio Setti	36344cecbd	ssl-opt: remove redundant requirement for RSA_C Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-11 09:37:14 +02:00
Tom Cosgrove	5e678fd4d2	Merge pull request #8050 from gilles-peskine-arm/all.sh-remove-crypto_full_no_cipher Remove redundant test component component_test_crypto_full_no_cipher	2023-08-11 07:28:10 +00:00
Valerio Setti	132240f01a	test: use ASAN flags for testing the accelerated TFM configuration Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-11 08:33:27 +02:00
Valerio Setti	f01d648677	analyze_outcome: add new check for parity for TFM configuration Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-11 08:33:27 +02:00
Valerio Setti	ac6d35f793	test: update components' descriptions Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-11 08:33:27 +02:00
Valerio Setti	52ba0e3718	test: improve accelerated TFM configuration test and add reference Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-11 08:33:27 +02:00
Valerio Setti	c5c4bd225e	test: add component testing TFM configuration and P256M driver Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-11 08:33:27 +02:00
Valerio Setti	e0be95e81d	analyze_outcomes: skip tests that depend on BIGNUM_C Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-11 06:35:23 +02:00
Valerio Setti	4f577f3e51	ssl-opt: add RSA_C requirement when RSA encryption is used in certificate Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-11 06:35:23 +02:00
Valerio Setti	18535c352d	test: enable TLS, key exchances and ssl-opt teting in ecc_no_bignum() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-11 06:33:52 +02:00
Manuel Pégourié-Gonnard	26b7c93d9d	Merge pull request #7992 from valeriosetti/issue7755 driver-only ECC: BN.x509 testing	2023-08-10 19:41:09 +00:00
Manuel Pégourié-Gonnard	54da1a69a2	Merge pull request #7578 from daverodgman/safer-ct5 Improve constant-time interface	2023-08-10 16:57:39 +00:00
Tom Cosgrove	e7700a7d0a	Merge pull request #7936 from AgathiyanB/assert-false-macro Add TEST_FAIL macro for tests	2023-08-10 15:01:34 +00:00
Valerio Setti	3580f448eb	test: solve test disparities for x509[parse/write] suites Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-10 14:50:43 +02:00
Valerio Setti	29c1b4d04a	test: enable X509 testing in ecc_no_bignum component Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-10 14:50:03 +02:00
Dave Rodgman	ac69b45486	Document and test mbedtls_ct_size_if_else_0 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-08-10 12:18:13 +01:00
Dave Rodgman	98ddc01a7c	Rename ...if0 to ...else_0 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-08-10 12:11:31 +01:00
Dave Rodgman	b7825ceb3e	Rename uint->bool operators to reflect input types Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-08-10 11:58:18 +01:00
Gilles Peskine	f5a29a5b83	Remove redundant test component component_test_crypto_full_no_cipher doesn't bring any extra value given the existence of component_test_full_no_cipher. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-10 12:07:49 +02:00
Valerio Setti	2e0275d2a1	test: use unset-all option in config.py to optimize test code Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-10 07:05:47 +02:00
Valerio Setti	a8c655edb0	test: remove redundant code setting MBEDTLS_PSA_CRYPTO_CONFIG Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-10 07:05:47 +02:00
Valerio Setti	fe7d96cff7	test: minor optimizations to ecc_no_bignum components Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-10 06:43:23 +02:00
Valerio Setti	c5d85e5ead	test: remove BIGNUM dependencies from pk[parse/write] suites Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-10 06:43:23 +02:00
Valerio Setti	9b3dbcc2e3	analyze_outcomes: skip tests that unavoidably depend on bignum Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-10 06:43:23 +02:00
Manuel Pégourié-Gonnard	660bbf2470	test: disable BIGNUM support on the test ecc_no_bignum component Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-10 06:43:23 +02:00
Manuel Pégourié-Gonnard	06aebe4995	test: disable FFDH support on the test ecc_no_bignum component Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-10 06:43:23 +02:00
Manuel Pégourié-Gonnard	7dccb66d49	test: disable RSA support on the test ecc_no_bignum component Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-10 06:43:23 +02:00
Manuel Pégourié-Gonnard	abd00d0be8	test: adding new components for testing and driver coverage analysis without BN Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-10 06:43:23 +02:00
Gilles Peskine	b7d577e46b	Fix copypasta Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-09 19:48:58 +02:00
Gilles Peskine	9b8dead74a	Minor readability improvement Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-09 19:48:42 +02:00
Paul Elliott	2f12a29cdd	Merge pull request #7896 from AgathiyanB/gitignore-generated-files-toggle Add script to toggle ignoring generated files	2023-08-09 14:54:32 +00:00
Janos Follath	115784bd3f	Merge pull request #1040 from waleed-elmelegy-arm/development-restricted Improve & test legacy mbedtls_pkcs5_pbe2	2023-08-09 09:43:23 +01:00
Jerry Yu	76a51b99b6	replace strings command with grep `strings \| grep` will fail some time. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-09 15:56:26 +08:00
Jerry Yu	a7de78d050	improve test - `grep '^flags' /proc/cpuino` does not work in my local machine inside script. - `make test programs/sleftest ` causes `strings \| grep ` fail. For timebeing, I did not figure out the root cause. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-08 14:28:15 +08:00
Gilles Peskine	a79256472c	Merge pull request #7788 from marekjansta/fix-x509-ec-algorithm-identifier Fixed x509 certificate generation to conform to RFCs when using ECC key	2023-08-07 19:14:54 +00:00
Minos Galanakis	2cae936107	test_suite_ecp: Moved curve bitlenth check after quasi reduction. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-08-07 16:49:22 +01:00
Minos Galanakis	831a2e6369	test_suite_ecp: Fixed curve bit-length. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-08-07 16:45:54 +01:00
Dave Rodgman	953f2a4780	Merge pull request #7892 from AgathiyanB/fix-coverage-MBEDTLS_ECP_NIST_OPTIM-disabled Add dependency MBEDTLS_ECP_NIST_OPTIM for ECP test	2023-08-07 14:37:08 +00:00
Dave Rodgman	4dd89310e9	Update w.r.t. test macro name changes from #6253 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-08-07 11:49:12 +01:00
Dave Rodgman	c98f8d996a	Merge branch 'development' into safer-ct5 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-08-07 11:47:35 +01:00
Jerry Yu	7802f65a28	Add negative test for aesni only Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-07 10:38:50 +08:00
Dave Rodgman	2ec9892f24	Merge pull request #6253 from tom-cosgrove-arm/rename-assert_compare-to-test_assert_compare Rename test macros `ASSERT_COMPARE()`, `ASSERT_ALLOC()` and `ASSERT_ALLOC_WEAK()`	2023-08-04 13:45:10 +00:00
Jerry Yu	c935aa617b	Add via padlock build test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-04 16:29:05 +08:00
Jerry Yu	193cbc03fe	Add aesce build test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-04 09:38:37 +08:00
Dave Rodgman	003a5e1ca7	Merge pull request #1046 from Mbed-TLS/merge_3.4.1 Merge 3.4.1	2023-08-03 18:23:37 +01:00
Dave Rodgman	a0fc9987da	Merge branch 'development' into merge_3.4.1 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-08-03 15:56:59 +01:00
Dave Rodgman	6f80ac4979	Merge pull request #7864 from waleed-elmelegy-arm/enforce-min-RSA-key-size Enforce minimum key size when generating RSA key size	2023-08-03 12:57:52 +00:00
Gilles Peskine	6919546ddf	Update more test dependencies when using test-ca.key Those test cases aren't actually executed due to another typo which is beyond the scope of this commit and will be resolved in https://github.com/Mbed-TLS/mbedtls/pull/8029 . But update DES to AES anyway. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-03 12:02:14 +02:00
Jerry Yu	8a599c03fa	Add aesni only test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-03 17:01:02 +08:00
Jerry Yu	17a9d2e412	Add MBEDTLS_AES_USE_HADWARE_ONLY for test_aesni Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-03 16:14:18 +08:00
Jerry Yu	1221a31cc4	Run aes tests only for test_aesni That can reduce time of selftest Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-03 16:09:07 +08:00
Jerry Yu	69dd441eb5	Remove test_aes_* Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-03 16:00:20 +08:00
Valerio Setti	726ffbf642	ssl-opt: don't assume TLS 1.3 usage for external tool that don't have support Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-03 09:15:34 +02:00
Waleed Elmelegy	d4e7fe09b3	Change tests to work on different MBEDTLS_RSA_GEN_KEY_MIN_BITS configs Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-08-02 16:59:59 +00:00
Gilles Peskine	a824f8bc91	Update test dependencies when using test-ca.key "tests/data_files/test-ca.key" is now encrypted using AES instead of DES. Update test dependencies accordingly. This fixes `depends.py cipher_id`. This is a partial cherry-pick of `1a4cc5e92c` (done manually because the context on the same line is different). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-02 16:38:21 +02:00
Kusumit Ghoderao	6eff0b2258	Remove test vector Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-08-02 17:22:49 +05:30
Gilles Peskine	550d147078	Bump version to 3.4.1 ``` ./scripts/bump_version.sh --version 3.4.1 ``` Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-02 12:50:23 +02:00
Gilles Peskine	267bee9be8	Merge pull request #7903 from valeriosetti/issue7773 Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/DH	2023-08-02 10:16:44 +00:00
Gilles Peskine	50745e7e35	Update failing unit tests to use the moved data files After upgrading certificates, some parsing unit tests are failing because the new certificates have a different expiry date, by design. Switch those test cases to using the moved copy of the old data (as we did in a more systematic way in the development branch). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-02 12:12:53 +02:00
Gilles Peskine	7e52921c9a	Copy test certificates files from development Copy updated test certificates and related data (keys, CSR, etc.) from development. This replaces certificates that will expire on 2023-09-07, causing the unit tests to fail. This also adds new data files that are not used, and moves some files. The replacement data is good until 2023-12-31. The update causes some parsing unit tests to fail because the new certificates have a different expiry date. This will be fixed in a subsequent commit. ``` git checkout `dc2d7cce02` -- tests/data_files tests/src/test_certs.h tests/src/certs.c ``` Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-02 12:00:06 +02:00
Jerry Yu	d76ded046c	fix various issues - unnecessary command - extra blank and empty line Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-02 17:44:01 +08:00
Jerry Yu	3660623e59	Rename plain c option and update comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-02 17:44:01 +08:00
Jerry Yu	3fcf2b5053	Rename HAS_NO_PLAIN_C to DONT_USE_SOFTWARE_CRYPTO Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-02 17:44:00 +08:00
Jerry Yu	315fd30201	Rename plain c disable option Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-02 17:43:59 +08:00
Jerry Yu	d767cc4106	Add accelerator only tests. The cases with runtime detection have been covered by `full` configuration Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-08-02 17:43:58 +08:00
Valerio Setti	5a57e2abab	test: add new components for testing without ECDHE-ECDSA and TLS13 Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-02 11:30:50 +02:00
Bence Szépkúti	9661f8ab0d	Merge pull request #7968 from gowthamsk-arm/use_earliest_latest_compilers Use earliest latest compilers	2023-08-02 05:58:02 +00:00
Bence Szépkúti	895074e3f9	Merge pull request #8002 from valeriosetti/issue7904 PSA maximum size macro definitions should take support into account	2023-08-02 05:57:28 +00:00
Gilles Peskine	d55e451b3e	Merge pull request #7997 from yanesca/fix_new_bignum_tests Fix new bignum tests	2023-08-01 12:09:39 +00:00
Gowtham Suresh Kumar	9da40b8927	Update default variable values for compilers Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>	2023-07-31 23:11:18 +01:00
Dave Rodgman	926d8da47e	Fix test dependency Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-31 17:28:26 +01:00
Dave Rodgman	3d574da6fc	Revert to not enabling asm under Memsan Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-31 17:22:58 +01:00
Dave Rodgman	378280e57f	Revert "Move constant_flow.h into the main library" This reverts commit `fd78c34e23`. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-31 17:22:55 +01:00
Dave Rodgman	fd78c34e23	Move constant_flow.h into the main library Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-31 12:48:33 +01:00
Dave Rodgman	04a334af55	Make const-time test not depend on internal knowledge of mbedtls_ct_condition_t Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-31 12:48:33 +01:00
Janos Follath	2f04582d37	Move MBEDTLS_ECP_WITH_MPI_UINT to mbedtls_config.h There is a precedent for having bigger and less mature options in mbedtls_config.h (MBEDTLS_USE_PSA_CRYPTO) for an extended period. Having this option in mbedtls_config.h is simpler and more robust. Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-07-31 10:57:16 +01:00
Valerio Setti	f5051efa81	test: properly size output buffer in key_agreement_fail() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-31 11:35:48 +02:00
Janos Follath	f3135af159	Use config.py in all new bignum tests This previous test is correct, as it is using make. Switch to using config.py for robustness and consistency. Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-07-31 10:07:57 +01:00
Janos Follath	82823b2fe8	Fix new bignum tests These tests weren't working, because they use CMake and can't pass options with CFLAGS directly. This could be mitigated by adding a CMake option, but using config.py is less invasive and it is what we normally use for setting build options anyway. Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-07-31 10:01:47 +01:00
Xiaokang Qian	d0657b0015	ecp_mod_p448 has been moved to ecp_mod_p_generic_raw, remove here Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-07-31 06:46:28 +00:00
Xiaokang Qian	e25597dad7	Make ecp_mode_xxx functions depend on the new macro Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-07-31 06:46:28 +00:00
Dave Rodgman	2b174abd86	code style Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-28 18:29:41 +01:00
Dave Rodgman	2d28c46055	Fix asm Memsan workaround Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-28 18:24:22 +01:00
Gowtham Suresh Kumar	6f1977bf20	Use variables for selecting compilers The latest and earliest clang/GCC compilers are now used through variables instead of symlinks and also the all.sh script is updated to support options for overriding the default values. Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>	2023-07-28 17:04:47 +01:00
Dave Rodgman	c2ad3ad62a	Fix error in test vectors Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-28 16:44:18 +01:00
Gowtham Suresh Kumar	1e829a403f	Use compgen to gather components in all.sh Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>	2023-07-28 16:41:21 +01:00
Gowtham Suresh Kumar	8d45ec8b97	Remove test_clang_opt check The component functions in all.sh will be listed using compgen instead of sed so this check is not needed. Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>	2023-07-28 16:36:25 +01:00
Valerio Setti	1eacae865e	test: check exported length against proper MAX_SIZE Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-28 17:29:48 +02:00
Dave Rodgman	fa5a4bbb02	Improve mbedtls_ct_memmove_left w.r.t. const-flow tests Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-28 16:13:52 +01:00
Dave Rodgman	8de3482507	Fix false-positive non-const-time errors in test Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-28 15:10:00 +01:00
Kusumit Ghoderao	be55b7e45a	Add test cases for 16 byte and empty password Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-07-27 21:22:26 +05:30
Dave Rodgman	a0f81e8ef8	Add OID tests for HMAC-xxx Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-27 16:02:42 +01:00
Waleed Elmelegy	d7bdbbeb0a	Improve naming of mimimum RSA key size generation configurations Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-07-27 14:50:09 +00:00
Tom Cosgrove	0540fe74e3	Fix code style Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-07-27 14:17:27 +01:00
Janos Follath	e0fa7ec4db	Merge pull request #7988 from gabor-mezei-arm/7598_add_32bit_test_component Add 32bit test component for ecp with new bignum interface	2023-07-27 13:00:04 +00:00
Agathiyan Bragadeesh	763b353f2f	Replace TEST_ASSERT("message" == 0) with TEST_FAIL Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-07-27 13:52:31 +01:00
Dave Rodgman	5c60382201	code style Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-27 13:28:41 +01:00
Dave Rodgman	d2c9f6d256	Strengthen psa_mac_verify testing Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-27 13:00:02 +01:00
Dave Rodgman	0c38385858	Use psa_mac_compare in tests; add some HMAC edge-cases Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-27 12:54:09 +01:00
Waleed Elmelegy	3d158f0c28	Adapt tests to work on all possible minimum RSA key sizes Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-07-27 11:03:35 +00:00
Waleed Elmelegy	ab5707185a	Add a minimum rsa key size config to psa config Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-07-27 11:00:03 +00:00
Waleed Elmelegy	76336c3e4d	Enforce minimum key size when generating RSA key size Add configuration to enforce minimum size when generating a RSA key, it's default value is 1024 bits since this the minimum secure value currently but it can be any value greater than or equal 128 bits. Tests were modifed to accommodate for this change. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-07-27 10:58:25 +00:00
Valerio Setti	3a96227706	generate_psa_tests: remove checks for DH's LEGACY symbols Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-27 11:01:33 +02:00
Valerio Setti	27602c32a2	test: accelerate all KEY_PAIR symbols in accel FFDH component Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-27 09:15:34 +02:00
Valerio Setti	a55f042636	psa: replace DH_KEY_PAIR_LEGACY with new symbols Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-27 09:15:34 +02:00
Gilles Peskine	1997f3022f	PSA_CRYPTO_DRIVER_TEST_ALL is incompatible with MBEDTLS_PSA_CRYPTO_CONFIG Explain how PSA_CRYPTO_DRIVER_TEST_ALL works and why we have it. Note that it is incompatible with MBEDTLS_PSA_CRYPTO_CONFIG. As a consequence, disable that option in component_test_psa_crypto_drivers. MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is in the full config, so there's no need to add it explicitly. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-26 22:34:13 +02:00
Gilles Peskine	51ed3139d1	Merge pull request #7909 from mpg/dh-generate-psa-tests Enable DH in generate_psa_tests.py	2023-07-26 17:46:09 +00:00
Dave Rodgman	44fae4908d	Add PSA HMAC MD5 test Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-26 18:45:19 +01:00
Dave Rodgman	faff45c917	Add HMAC tests for other digest algorithms Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-26 18:13:58 +01:00
Dave Rodgman	fe5adfe547	Add HMAC test-cases for SHA3 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-26 17:58:48 +01:00
Gilles Peskine	6b9017045f	Don't call psa_crypto_init with uninitialized local contexts (entropy) psa_crypto_init can fail, and if it does we'll try calling free() on the local variable, which is uninitialized. This commit fixes memory corruption when a test fails. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-26 18:43:39 +02:00
Gowtham Suresh Kumar	186731b22a	Fix warnings from clang-16 Running clang-16 on mbedtls reports warnings of type "-Wstrict-prototypes". This patch fixes these warnings by adding void to functions with no arguments. The generate_test_code.py is modified to insert void into test functions with no arguments in *.function files. Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>	2023-07-26 17:11:51 +01:00
Gowtham Suresh Kumar	a12baf8c5f	Update test scripts to use latest/earliest compilers The Ubuntu 16.04 and 22.04 docker images have been updated with earliest and latest versions of gcc and clang respectively. This patch adds the necessary component and support functions required for the CI to run these compilers. For FreeBSD we invoke the function by name so a condition is added to disable the existing test_clang_opt function for linux. Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>	2023-07-26 16:51:45 +01:00
Gabor Mezei	e256cc1552	Add 32bit test component for ecp with new bignum interface Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-07-26 17:35:44 +02:00
Gilles Peskine	bb07377458	Merge pull request #7935 from AgathiyanB/add-enum-casts Add type casts for integer and enum types	2023-07-26 11:27:27 +02:00
Manuel Pégourié-Gonnard	c154a043bb	Fix dependencies for DH (and RSA) key pairs - RSA was missing the MBEDTLS_ prefix. - DH needs the same temporary fix (prefix + suffix) for now. - hack_dependencies_not_implemented() needs to ignore MBEDTLS_PSA_WANT dependencies. While at it, make the code currently used for ECC more generic, so that it's ready to be used for RSA and DH in the near future. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-07-26 09:34:30 +02:00
Manuel Pégourié-Gonnard	afe4b79114	Enable DH in generate_psa_tests.py Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-07-26 09:32:42 +02:00
Gilles Peskine	f1517e690a	PermissionIssueTracker is obsoleted by ShebangIssueTracker ShebangIssueTracker implements the rule that scripts must be executable if and only if they have a shebang line. By removing PermissionIssueTracker, we now allow files with any extension to be executable (provided they have a shebang line), and allow .sh and .pl to be non-executable modules if they don't have a shebang line (as was already the case for *.py). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-25 20:59:14 +02:00
Gilles Peskine	63c3534981	Pacify Pylint Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-25 19:40:35 +02:00
Gilles Peskine	2f8c545d3d	Make --quiet a little less quiet Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-25 19:40:35 +02:00
Gilles Peskine	1b01559fea	Error out if run from the wrong directory Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-25 19:40:35 +02:00
Gilles Peskine	9fdc657cbf	Add --quiet option to suppress demos' output Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-25 19:40:35 +02:00
Gilles Peskine	198d87ad52	Minor readability improvements Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-25 19:40:14 +02:00
Gilles Peskine	82b2727e51	Run demo scripts in some builds Run the sample program demo scripts in builds with a configuration that is at least as complete as the default configuration. Do not run sample programs in all configurations since they are expected to fail if a required feature is missing. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-25 19:40:09 +02:00
Gilles Peskine	2fcf04f468	Run demo scripts and check that they work run_demos.py is the frontend to a framework for smoke-testing the sample programs. It runs scripts called programs//_demo.sh ("demo scripts") and check that they succeed. A typical demo script runs one sample program or a combination of sample programs to demonstrate their usage. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-25 19:31:43 +02:00
Dave Rodgman	e3268afb11	Add PSA SHA3 tests for hash_verify and multipart Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-25 17:33:55 +01:00
Paul Elliott	f1c032adba	Merge pull request #7902 from valeriosetti/issue7772 Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/RSA	2023-07-25 17:13:43 +01:00
Agathiyan Bragadeesh	93a859341b	Remove remaining redundant casts Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-07-25 12:28:59 +01:00
Agathiyan Bragadeesh	d298b76421	Remove redundant casts Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-07-25 11:33:00 +01:00
Valerio Setti	19fec5487d	test: remove GENPRIME dependency when RSA_KEY_PAIR_GENERATE Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-25 12:31:50 +02:00
Dave Rodgman	cad28ae77a	Merge remote-tracking branch 'origin/development' into psa-sha3 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-24 15:51:13 +01:00
Waleed Elmelegy	f3fafc3645	Fix CI errors related pkcs5_pbe changes Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-07-24 11:45:46 +01:00
Yanray Wang	21127f7095	code_size_compare: add logging module and tweak prompt message Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-07-24 18:07:12 +08:00
Agathiyan Bragadeesh	8dc913899d	Fix server1.crt.der in makefile Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-07-24 10:44:00 +01:00
Agathiyan Bragadeesh	3dd3ae219e	Remove trailing backslash Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-07-21 17:07:00 +01:00
Gilles Peskine	5fd88b7f75	Simplify the logic in a test Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-21 17:50:49 +02:00
Gilles Peskine	9d5952dba8	Fix some dependencies on symmetric crypto in some TLS 1.3 tests Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-21 17:50:49 +02:00
Gilles Peskine	eb41e0d6c8	Correct some msg messages in full config When MBEDTLS_USE_PSA_CRYPTO is disabled on a base of full, mention it. Now that full implies MBEDTLS_PSA_CRYPTO_CONFIG, don't mention it, and don't set it explicitly. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-21 17:50:49 +02:00
Gilles Peskine	14302ed1c0	Simplify msg messages in full config Don't reiterate that this includes MBEDTLS_USE_PSA_CRYPTO and, now, MBEDTLS_PSA_CRYPTO_CONFIG. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-21 17:50:49 +02:00
Gilles Peskine	884b462044	When subtracting classic symbols from full, turn off PSA_CRYPTO_CONFIG Otherwise unwanted algorithms creep back from the default-on PSA_WANT symbols. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-21 17:50:49 +02:00
Gilles Peskine	cf4fe58fd0	Make malloc-0-null a user config file Having a wrapper made it harder to use: incompatible with setting MBEDTLS_CONFIG_FILE, harder to combine with other settings. It was also surprising since it was the only test config that was structured in that way. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-21 17:50:49 +02:00
Gilles Peskine	36dea1501b	Fix inconsistencies in no-chachapoly test The original goal (https://github.com/Mbed-TLS/mbedtls/pull/5072) was to run a test with ChaChaPoly disabled in PSA. It was actually implemented with GCM also partially disabled (legacy GCM enabled but PSA GCM disabled), which distracted from the objective. It's actually useful to test both with and without GCM, so test both. Don't test inconsistencies between legacy and PSA support because that's not a common case and not one we have particular reasons to test. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-21 17:50:49 +02:00
Gilles Peskine	8dbdf2f7ea	Fix typo in function name Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-21 17:45:12 +02:00
Gilles Peskine	af3a5a263e	Remove comments that duplicate the 'msg' call just below Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-21 17:45:12 +02:00
Gilles Peskine	e92ff1128b	Remove duplicated component There were two copies of component_test_psa_crypto_config_accel_pake, identical except for two typos. Keep the copy without the typos. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-21 17:45:12 +02:00
Gilles Peskine	5647d06be8	Merge pull request #7518 from gilles-peskine-arm/psa_inject_entropy-file-stability Fix and test MBEDTLS_PSA_INJECT_ENTROPY	2023-07-21 17:37:15 +02:00
Gilles Peskine	2387bdab0f	Merge pull request #1038 from Mbed-TLS/development Merge development into development-restricted	2023-07-21 15:40:36 +02:00
Tom Cosgrove	e4e9e7da58	For tests, rename TEST_BUFFERS_EQUAL() to TEST_MEMORY_COMPARE() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-07-21 11:45:25 +01:00
Tom Cosgrove	a45d902822	Rename the length argument to TEST_CALLOC() to be the more accurate item_count Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-07-21 11:36:11 +01:00
Tom Cosgrove	05b2a87ea0	For tests, rename TEST_CALLOC_OR_FAIL() to just TEST_CALLOC() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-07-21 11:32:25 +01:00
Ronald Cron	87f62850f3	Merge pull request #7893 from ronald-cron-arm/misc-from-psa-crypto Miscellaneous fixes resulting from the work on PSA-Crypto	2023-07-21 10:54:41 +02:00
Tom Cosgrove	412a813ad4	For tests, rename ASSERT_ALLOC_WEAK() to TEST_CALLOC_OR_SKIP() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-07-20 16:55:14 +01:00
Gilles Peskine	c723e86e56	Fix copypasta in function documentation Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-20 17:54:19 +02:00
Tom Cosgrove	f9ffd11e7a	For tests, rename ASSERT_ALLOC() to TEST_CALLOC_OR_FAIL() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-07-20 16:51:21 +01:00
Tom Cosgrove	65cd8519f7	For tests, rename ASSERT_COMPARE() to TEST_BUFFERS_EQUAL() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-07-20 16:51:15 +01:00
Manuel Pégourié-Gonnard	c844c1a771	Merge pull request #7546 from mpg/align-psa-md-identifiers Align psa md identifiers	2023-07-20 11:34:28 +02:00
Ronald Cron	7612d8c049	all.sh: Use consistently CONFIG_TEST_DRIVER_H Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-07-20 10:20:55 +02:00
Ronald Cron	6b49b55d6d	all.sh: Use consistently CRYPTO_CONFIG_H Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-07-20 10:02:59 +02:00
Ronald Cron	7a93ac5308	all.sh: Use consistently CONFIG_H Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-07-20 10:02:32 +02:00
Dave Rodgman	8e8e6b9be3	Merge pull request #7934 from AgathiyanB/move-declarations-to-top Move declarations to top of functions	2023-07-19 15:25:27 +01:00
Waleed Elmelegy	708d78f80b	Improve & test legacy mbedtls_pkcs5_pbe2 * Prevent pkcs5_pbe2 encryption when PKCS7 padding has been disabled since this not part of the specs. * Allow decryption when PKCS7 padding is disabled for legacy reasons, However, invalid padding is not checked. * Add tests to check these scenarios. Test data has been reused but with changing padding data in last block to check for valid/invalid padding. * Document new behaviour, known limitations and possible security concerns. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-07-19 14:01:35 +01:00
Dave Rodgman	5f65acb02b	Merge pull request #7859 from gilles-peskine-arm/mbedtls_mpi-smaller Reduce the size of mbedtls_mpi	2023-07-18 16:48:37 +01:00
Agathiyan Bragadeesh	dc28a5a105	Rename ASSERT_FALSE to TEST_FAIL Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-07-18 11:45:28 +01:00
Agathiyan Bragadeesh	ebb40bc336	Add ASSERT_FALSE macro for tests Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-07-18 11:38:04 +01:00
Manuel Pégourié-Gonnard	828b3acd6b	Merge pull request #7848 from valeriosetti/issue7749 driver-only ECC: EPCf.TLS testing	2023-07-18 10:33:21 +02:00
Agathiyan Bragadeesh	2d310deace	Add cast in test macros.h Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-07-17 18:27:03 +01:00
Tom Cosgrove	08b04b11ff	Merge pull request #7923 from gabor-mezei-arm/7598_fix_clone_of_ecp_module [Bignum] Fixes for the ecp module cloning	2023-07-17 15:28:18 +01:00
Agathiyan Bragadeesh	2f017a8356	Add enum casts in ssl_helpers.c Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-07-17 15:14:42 +01:00
Agathiyan Bragadeesh	be3ad4aed3	Add type casts in psa_exercise_key Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-07-17 15:14:42 +01:00
Agathiyan Bragadeesh	932126525a	Move declarations to top in ssl_helpers.c Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-07-17 12:21:06 +01:00
Ronald Cron	e501d0e71e	Add change log and non-regression test Add change log and non-regression test for CCM* with no tag not supported in CCM only configuration. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-07-17 11:53:20 +02:00
Ronald Cron	2e3795dc3c	tests: Fix header inclusion When building tests, the path of the library directory is part of the possible paths for the includes thus no need to construct it manually when including headers. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-07-17 11:52:32 +02:00
Gilles Peskine	b366fe955d	Merge pull request #7478 from yuhaoth/pr/add-script-for-generating-cert-macros Add script for generating cert macros	2023-07-17 11:13:07 +02:00
Gilles Peskine	d8c4549246	Merge pull request #7432 from oberon-microsystems/fix-test-ecjpake-to-pms-dependency Fix derive_ecjpake_to_pms dependency in PSA crypto test	2023-07-17 11:05:40 +02:00
Gabor Mezei	f0021d495a	Update test function dependencies Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-07-14 14:43:27 +02:00
Gabor Mezei	92ce4c2cbf	Fix ecp variant check Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-07-14 14:43:22 +02:00
Paul Elliott	3c22366695	Merge pull request #7863 from valeriosetti/issue7790 PK: parse: fix disparity with private Montgomery keys	2023-07-11 18:02:12 +01:00
Dave Rodgman	84eaefa43e	Use designated initializers for mbedtls_mpi Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-11 16:02:46 +01:00
Paul Elliott	88f34e3348	Merge pull request #7703 from gabor-mezei-arm/7598_clone_the_eco_module [Bignum] Clone the ECP module	2023-07-11 15:00:01 +01:00
Valerio Setti	42796e25cf	generate_psa_tests: fix automatically generated tests for RSA Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-11 14:06:00 +02:00
Valerio Setti	acab57b6b4	test: replace RSA_KEY_PAIR_LEGACY with proper symbols Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-11 14:06:00 +02:00
Valerio Setti	b2bcedbf9a	library: replace MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_LEGACY Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-11 14:06:00 +02:00
Valerio Setti	1e6063c8ee	test: set MBEDTLS_ECP_DP dependency also for Montgomery curves Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-11 11:28:22 +02:00
Valerio Setti	d476faa595	test: add more tests for Montgomery's invalid masks Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-11 11:28:22 +02:00
Valerio Setti	aed87994da	test: verify that Montgomery keys can be fixed on parsing Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-11 11:28:22 +02:00
Valerio Setti	4a09dcc6f6	test: replace ECP_DP_CURVE25519_ENABLED with PSA_WANT_ECC_MONTGOMERY_255 Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-11 11:28:22 +02:00
Valerio Setti	ef80d11c1f	test: add proper key requirements in X25519 key parsing tests Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-11 11:28:22 +02:00
Valerio Setti	5f54020d1a	analyze_outcomes: do not skip test about wrong Montgomery private key Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-11 11:28:22 +02:00
Valerio Setti	0a92121716	test: test of Montgomery keys with uncorrect bits whenever PK_HAVE_ECC_KEYS Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-11 11:28:22 +02:00
Gilles Peskine	b387fcf59b	Adapt names (curves -> groups) in a separately added test case Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-07-11 09:19:13 +02:00
Gilles Peskine	6aca2c9613	Merge pull request #7716 from mpg/psa-util-internal Split psa_util.h between internal and public	2023-07-10 18:33:23 +02:00
Gilles Peskine	d9f0c76f9e	Merge pull request #7879 from tgonzalezorlandoarm/development tests/test_suite_pem: Augment DES test cases with AES: PEM	2023-07-10 18:28:01 +02:00
Dave Rodgman	f3e488ec40	Merge pull request #7216 from lpy4105/issue/6840/add-getters-for-some-fields Add getters for some fields	2023-07-10 17:14:11 +01:00
Andrzej Kurek	bdb41dd46d	Add missing resource deallocation in tests Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-07-10 08:09:50 -04:00
Manuel Pégourié-Gonnard	f614bde912	Merge pull request #7656 from mprse/ffdh_tls13_v2_drivers FFDH 4: driver-only parity testing - with TLS 1.3	2023-07-10 13:08:47 +02:00
Dave Rodgman	e183ecef3d	Merge pull request #7136 from yanrayw/5692-record-compatsh-test-cases Record the outcome of each test case in compat.sh	2023-07-10 12:08:32 +01:00
Manuel Pégourié-Gonnard	5c41ae867b	Merge pull request #7887 from ronald-cron-arm/fix-hrr-in-psk-kem tls13: server: Fix spurious HRR	2023-07-10 09:58:13 +02:00
Valerio Setti	ee3a4d0d38	debug: replace occurence of ECP_LIGHT with PK_HAVE_ECC_KEYS Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 09:13:57 +02:00
Valerio Setti	6f0441d11e	tls: replace occurencies of ECP_LIGHT with PK_HAVE_ECC_KEYS Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 09:13:57 +02:00
Valerio Setti	0085c2e486	test: fix message's text Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 09:10:20 +02:00
Valerio Setti	16b70f2b1a	test: enabled ssl-opt testing in no_ecp_at_all components Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 09:10:20 +02:00
Valerio Setti	887f823deb	test: re-enable TLS and key exchanges in no_ecp_at_all component Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 09:10:20 +02:00
Pengyu Lv	5cbb93ef14	Add test for cache timeout getter Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-07-10 13:25:24 +08:00
Pengyu Lv	db6143364a	Add test for endpoint getter Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-07-10 11:33:23 +08:00
Pengyu Lv	30e0870937	Add test for hostname getter Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-07-10 11:33:23 +08:00
Dave Rodgman	7dbd2bf90c	Merge pull request #7441 from gilles-peskine-arm/mbedtls_x509_crt_parse_path-qemu-bug More mbedtls_x509_crt_parse_path() tests, and note qemu-user bug when 32-bit code run on 64-bit host	2023-07-07 19:15:31 +01:00
Paul Elliott	2dfe7993af	Merge pull request #6914 from davidhorstmann-arm/cmake-pass-through-config-defines Pass `MBEDTLS_CONFIG_FILE` defines through cmake	2023-07-07 17:01:57 +01:00
Manuel Pégourié-Gonnard	461d59b2f8	Merge pull request #7858 from mprse/ffdh_tls13_v2_f Make use of FFDH keys in TLS 1.3 - follow-up	2023-07-07 16:19:35 +02:00
Dave Rodgman	8abb3497ad	Merge branch 'development' into mbedtls_x509_crt_parse_path-qemu-bug Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-07-07 15:11:35 +01:00

... 6 7 8 9 10 ...

10111 commits