We're not strictly required to abort, but at least to leave the context
is an invalid state. For "late" functions like input() and output(),
calling abort() is the easiest way to do that. Do it systematically for
input() and output() by using a wrapper. psa_pake_get_implicit_key() was
already doing it. For "early" function, we can just leave the operation
in its current state which is already invalid.
Restore previous tests about that. Not adding systematic tests, though,
just test the two functions that are the most important, and more likely
to return errors.
Since we now abort in more cases, we need to make sure we don't
invalidate the operation that's going to be re-used later in the test.
For that reason, use a copy of the operation for calls to input() and
output() that are expected to return errors.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Also, the error code changed from INSUFFICIENT_MEMORY to INVALID_DATA.
Temporarily remove a test about aborting the operation on error.
Auto-abort will be re-introduced in the next commit in a more systematic
way.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
MBEDTLS_SSL_TICKET_C depends now on: MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C.
All features are disabled in this config.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Change function name to ssl_session_set_hostname()
Remove hostname_len
Change hostname to c_string
Update test cases to multi session tickets
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
PSA crypto currently needs MBEDTLS_PK_PARSE_C to parse RSA keys to do almost
anything with them (import, get attributes, export public from private, any
cryptographic operations). Force it on, for symmetry with what we're doing
for MBEDTLS_PK_WRITE_C. Fixes#6409.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Disable non-crypto features that can't be called through the PSA API, as
well as algorithms that have no PSA interface.
This serves as a non-regression test for #6408 and #6409.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In verbose mode, the full output of each failing suite is printed out,
which for some suites runs in the 1000s of lines. If you didn't redirect
output to a file, this is a lot to scroll and can make it hard to
quickly identify which test suites failed.
So, let's print out that information at the end. This is useful
information for starting to figure out what went wrong.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Test functions must now take a char* argument rather than data_t*. This does
not affect existing test data.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This is done to have LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 defined in libtestdriver1.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Introduce a unit test to test mbedtls_x509_get_name() and add a testcase
with a corrupt DER-encoded name that causes mbedtls_x509_get_name() to
have to cleanup things it is allocated. If it fails to do this, a memory
leak is detected under Asan builds.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
The format used by the mbedtls_ecjpake_xxx() APIs and that defined by
the PSA Crypto PAKE extension are quite different; the former is
tailored to the needs of TLS while the later is quite generic and plain.
Previously we only addressed some part of this impedance mismatch: the
different number of I/O rounds, but failed to address the part where the
legacy API adds some extras (length bytes, ECParameters) that shouldn't
be present in the PSA Crypto version. See comments in the code.
Add some length testing as well; would have caught the issue.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Use mbedtls_test_read_mpi_core() to read the test data. Among other
benefits, X and Y are now allocated to their exact size, so analyzers (Asan,
Valgrind, Coverity, ...) have a chance of complaining if the tested function
overflows the buffer.
Remove TEST_CF_PUBLIC calls which are no longer necessary.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When testing a function that is supposed to be constant-flow, we declare the
inputs as constant-flow secrets with TEST_CF_SECRET. The result of such a
function is itself a constant-flow secret, so it can't be tested with
comparison operators.
In TEST_EQUAL, TEST_LE_U and TEST_LE_S, declare the values to be compared as
public. This way, test code doesn't need to explicitly declare results as
public if they're only used by one of these macros.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This comment (which used to be attached to the implementation, and should
not have been moved to the header file) is incorrect: the library function
mbedtls_mpi_read_string preserves leading zeros as desired, but does not
create a zero-limb object for an empty string.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The length in bytes is used with the 'len' prefix and
the length in limbs is used with the 'limbs' prefix.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
Both functions are calling mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions. These functions are guarded with MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C flags - make it consistent.
As a result ssl_server2 won't build now with MBEDTLS_SSL_SESSION_TICKETS enabled (mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions not available).
Mark MBEDTLS_SSL_SESSION_TICKETS as dependent on MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C and disable MBEDTLS_SSL_SESSION_TICKETS in stream cipher only build.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Instead of fully validating beforehand
signature algorithms with regards to the
private key, do minimum validation and then
just try to compute the signature. If it
fails try another reasonable algorithm if any.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
When selecting the server certificate based on
the signature algorithms supported by the client,
check the signature algorithms as close as possible
to the way they are checked to compute the
signature for the server to prove it possesses
the private key associated to the certificate.
That way we minimize the odds of selecting a
certificate for which the server will not be
able to compute the signature to prove it
possesses the private key associated to the
certificate.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Stating from the default config means a few things are implicitly
excluded; starting from the full config makes it all fully explicit.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
CMakeLists.txt was calling generate_psa_tests.py and siblings to list the
generated test data files with a --directory option, intended the output to
be this argument textually. This used to work, but no longer does, because
the --directory argument is relative to the current directory when the
Python script is invoked, and the script now shows an absolute path.
CMakeLists.txt now completely ignores the directory part of the listed data
file paths and builds its own. The base_xxx_files variables now contain
actual base names, without a "suites/" prefix. This makes it more robust
with respect to the behavior of the Python script, but it will break if
we put data files in multiple different directories one day.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When pylint runs in parallel, it loses the ability to detect duplicated code
across modules. Duplicated code is usually a bad thing, so give pylint the
opportunity to let us know.
This makes pylint slightly slower, but going from 2 threads to 1 does not
make it anywhere close to twice as slow. On my machine, with Python 3.5,
pylint -j2 takes about 12s while single-threaded pylint takes about 16s
of wall clock time.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
We had 4 identical copies of the check_repo_path function. Replace them by a
single copy in the build_tree module where it naturally belongs.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
mbedtls_vsnprintf replacement works like mbedtls_snprintf replacement, so
copy the requirements for MBEDTLS_PLATFORM_VSNPRINTF_ALT.
(MBEDTLS_PLATFORM_xxx_MACRO shouldn't require MBEDTLS_PLATFORM_C, but that's
a separate preexisting problem which I do not try address at this time.)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
We have Python code both for test code generation
(tests/scripts/generate_test_code.py) and now for test data generation.
Avoid the ambiguous expression "test generation".
This commit renames the Python module and adjusts all references to it. A
subsequent commit will adjust the documentation.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Previous changes used the docstring of the test_generation module,
which does not inform a user about the script.
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
As a public header, it should no longer include common.h, just use
build_info.h which is what we actually need anyway.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Don't look for MBED keywords on the autogenerated
psa_crypto_driver_wrappers.c file. This is needed since the naming of
constants is dependent on the driver json and the naming conventions
used through the library is stuck at a place where it does not swing
either way ( mbedtls_ / psa_).
Signed-off-by: Archana <archana.madhavan@silabs.com>
Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>
jsonschema is added to the ci scripts and Dockerfile
Signed-off-by: Archana <archana.madhavan@silabs.com>
Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>
(1) Add in driver jsons.
(2) Improve Python scripts to take JSON file directory and template
directory paths as arguments.
(3) Add in file augment template files to template common functionality
(4) render tempplates for Header files, ID generation and key
management.
(5) Changed driver ID nomenclature to be in synch with function names.
Signed-off-by: Archana <archana.madhavan@silabs.com>
Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>
Initializing return status variables to CORRUPTION_DETECTED is a second line
of defense in library code in case there's a code path where we forget to
assign to the variable. This isn't useful in test code. In any case, here,
we might as well define the variable at the point of use.
This fixes a build error in configurations with MBEDTLS_ERROR_C and
MBEDTLS_PSA_CRYPTO_C both disabled, because then mbedtls/error.h isn't
included so MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED isn't defined.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
We used to include platform.h only when MBEDTLS_PLATFORM_C was enabled, and
to define ad hoc replacements for mbedtls_xxx functions on a case-by-case
basis when MBEDTLS_PLATFORM_C was disabled. The only reason for this
complication was to allow building individual source modules without copying
platform.h. This is not something we support or recommend anymore, so get
rid of the complication: include platform.h unconditionally.
There should be no change in behavior since just including the header should
not change the behavior of a program.
This commit replaces most occurrences of conditional inclusion of
platform.h, using the following code:
```
perl -i -0777 -pe 's!#if.*\n#include "mbedtls/platform.h"\n(#else.*\n(#define (mbedtls|MBEDTLS)_.*\n|#include <(stdarg|stddef|stdio|stdlib|string|time)\.h>\n)*)?#endif.*!#include "mbedtls/platform.h"!mg' $(git grep -l '#include "mbedtls/platform.h"')
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Wrapper function for itertools.combinations_with_replacement, with
explicit cast due to imprecise typing with older versions of mypy.
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
BaseTarget-derived targets are now added to TestGenerator.targets in
initialization. This reduces repeated code in generate_xxx_tests.py
scripts which use this framework.
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
Especially for a sequence of similar lines of test code, or where the result of
an expression is being compared to a short integer (especially 0 or 1).
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
When generating combinations of values, `itertools.combinations` will
not allow inputs to be repeated. This is replaced so that cases where
input values match are generated, i.e. ("0", "0").
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
Other programs/*/Makefile are only created by CMake, but programs/fuzz has
its own Makefile in the repository. Fixes#6247.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Test certs were originally generated with an old version of Mbed TLS
that used printableString where we now use utf8string (e.g., in the
organizationName). Otherwise the certs are identical.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
Version of pylint used in CI does not recognize abstract subclasses of
BaseTarget, so disable warning in these abstract classes.
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
Spec values are now always used for test data, and conversion to
internal representation is done in the test function.
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
Previous implementation mixed the test case generation and the
recursive generation calls together. A separate method is added to
generate test cases for the current class' test function. This reduces
the need to override generate_tests().
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
The unit tests were created by capturing runs of the existing function during
execution of existing unit tests.
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
The test cases use the following MPI values:
0 1 fffe ffffffff 100000000 20000000000000 ffffffffffffffff
10000000000000000 1234567890abcdef0 fffffffffffffffffefefefefefefefe
100000000000000000000000000000000 1234567890abcdef01234567890abcdef0
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
1234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef0
4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b
and the following scalars. The .data files include two sets of results (final
accumulator and carry) for the cases sizeof(mbedtls_mpi_uint) == 4 or 8.
0 3 fe ff ffff 10000 ffffffff 100000000 7f7f7f7f7f7f7f7f 8000000000000000
fffffffffffffffe
The lines in the .data file were generated by the following script
#!/usr/bin/env perl
#
# mpi-test-core-mla.pl - generate/run MPI tests in Perl for mbedtls_mpi_core_mla()
#
use strict;
use warnings;
use Math::BigInt;
use sort 'stable';
my @mla_mpis = qw(
0 1 fffe ffffffff 100000000 20000000000000 ffffffffffffffff
10000000000000000 1234567890abcdef0 fffffffffffffffffefefefefefefefe
100000000000000000000000000000000 1234567890abcdef01234567890abcdef0
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
1234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef0
4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b
);
my @mla_scalars = qw(
0 3 fe ff ffff 10000 ffffffff 100000000 7f7f7f7f7f7f7f7f 8000000000000000
fffffffffffffffe
);
my @mla_full_mpis = qw(
0 1 3 f fe ff 100 ff00 fffe ffff 10000
fffffffe ffffffff 100000000 1f7f7f7f7f7f7f
8000000000000000 fefefefefefefefe fffffffffffffffe ffffffffffffffff
10000000000000000 1234567890abcdef0
fffffffffffffffffefefefefefefefe fffffffffffffffffffffffffffffffe ffffffffffffffffffffffffffffffff
100000000000000000000000000000000 1234567890abcdef01234567890abcdef0
fffffffffffffffffffffffffffffffffffffffffffffffffefefefefefefefe
fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
10000000000000000000000000000000000000000000000000000000000000000
1234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef0
4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b
);
my @mla_full_scalars = qw(
0 1 3 f fe ff 100 ff00 fffe ffff 10000
fffffffe ffffffff 100000000
8000000000000000 fefefefefefefefe fffffffffffffffe ffffffffffffffff
);
generate_tests();
sub generate_tests {
generate_mbedtls_mpi_core_mla();
}
sub generate_mbedtls_mpi_core_mla {
my $sub_name = (caller(0))[3]; # e.g. main::generate_mbedtls_mpi_sub_mpi
my ($ignore, $test_name) = split("main::generate_", $sub_name);
my @cases = ();
for my $ah (@mla_mpis) {
for my $bh (@mla_mpis) {
for my $ch (@mla_scalars) {
# a += b * c (c is scalar)
# a_len >= b_len. need carry out.
my $a = Math::BigInt->from_hex($ah);
my $b = Math::BigInt->from_hex($bh);
my $c = Math::BigInt->from_hex($ch);
my $max = ($a > $b) ? $a : $b;
my $bound4 = bound_mpi4($max);
my $bound8 = bound_mpi8($max);
my $r = $a + $b * $c;
my ($r4, $cy4) = ($r->copy(), 0);
my ($r8, $cy8) = ($r->copy(), 0);
($cy4, $r4) = $r4->bdiv($bound4);
($cy8, $r8) = $r8->bdiv($bound8);
my $rh4 = $r4->to_hex();
my $rh8 = $r8->to_hex();
my $cyh4 = $cy4->to_hex();
my $cyh8 = $cy8->to_hex();
# If the scalar c is too big for 1 x 4-byte MPI, we can only run this test on a system with 8-byte MPIs
my $depends = mpi4s($c) > 1 ? "MBEDTLS_HAVE_INT64" : "";
my $desc = "$test_name #NUMBER: 0x$ah + 0x$bh * 0x$ch = (0x$rh4, carry 0x$cyh4)/(0x$rh8, carry 0x$cyh8)EXPLAIN";
my $case = output($test_name, str($ah), str($bh), str($ch), str($rh4), str($cyh4), str($rh8), str($cyh8));
push(@cases, [$case, $desc, $depends]);
}
}
}
output_cases(" (for when sizeof(mbedtls_mpi_uint) == 4/8)", @cases);
}
sub output_cases {
my ($explain, @cases) = @_;
my $count = 1;
for my $c (@cases) {
my ($case, $desc, $dep) = @$c;
$desc =~ s/NUMBER/$count/; $count++;
if (defined($explain) && $desc =~ /EXPLAIN/) {
$desc =~ s/EXPLAIN/$explain/;
$explain = "";
}
my $depends = "";
$depends = "depends_on:$dep\n" if defined($dep) && length($dep);
print <<EOF;
$desc
$depends$case
EOF
}
}
# The first number (a power of 2) that won't fit in the number of MPIs
# needed for the given number
sub bound_mpi4 {
my $one = Math::BigInt->new(1); # blsft modifies caller
return $one->blsft(bits_mpi4($_[0]));
}
sub bound_mpi8 {
my $one = Math::BigInt->new(1); # blsft modifies caller
return $one->blsft(bits_mpi8($_[0]));
}
# How many bits (a multiple of 32) needed to store the specified number
# when using 4-byte MPIs
sub bits_mpi4 {
return 32 * mpi4s($_[0]);
}
# How many bits (a multiple of 64) needed to store the specified number
# when using 8-byte MPIs
sub bits_mpi8 {
return 64 * mpi8s($_[0]);
}
# How many 4-byte MPIs needed to store the specified number
sub mpi4s {
my ($n) = @_;
my $h = $n->to_hex();
return int((length($h) + 7) / 8);
}
# How many 8-byte MPIs needed to store the specified number
sub mpi8s {
my ($n) = @_;
my $h = $n->to_hex();
return int((length($h) + 15) / 16);
}
sub output {
#run_test(@_);
return join(":", @_);
}
sub str {
return '"' . $_[0] . '"';
}
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
The test cases use the following MPI values.
The .data file includes two results, for the cases when
sizeof(mbedtls_mpi_uint) == 4 or 8.
0 1 3 f fe ff 100 ff00 fffe ffff 10000
fffffffe ffffffff 100000000 1f7f7f7f7f7f7f
8000000000000000 fefefefefefefefe fffffffffffffffe ffffffffffffffff
10000000000000000 1234567890abcdef0
fffffffffffffffffefefefefefefefe fffffffffffffffffffffffffffffffe
ffffffffffffffffffffffffffffffff 100000000000000000000000000000000
1234567890abcdef01234567890abcdef0
fffffffffffffffffffffffffffffffffffffffffffffffffefefefefefefefe
fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
10000000000000000000000000000000000000000000000000000000000000000
1234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef0
4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b
The lines in the .data file were generated by the following script
#!/usr/bin/env perl
#
# mpi-test-core-sub.pl - generate/run MPI tests in Perl for mbedtls_mpi_core_sub()
#
use strict;
use warnings;
use Math::BigInt;
use sort 'stable';
my @sub_mpis = qw(
0 1 3 f fe ff 100 ff00 fffe ffff 10000
fffffffe ffffffff 100000000 1f7f7f7f7f7f7f
8000000000000000 fefefefefefefefe fffffffffffffffe ffffffffffffffff
10000000000000000 1234567890abcdef0
fffffffffffffffffefefefefefefefe fffffffffffffffffffffffffffffffe ffffffffffffffffffffffffffffffff
100000000000000000000000000000000 1234567890abcdef01234567890abcdef0
fffffffffffffffffffffffffffffffffffffffffffffffffefefefefefefefe
fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
10000000000000000000000000000000000000000000000000000000000000000
1234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef0
4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b
);
generate_tests();
sub generate_tests {
generate_mbedtls_mpi_core_sub();
}
sub generate_mbedtls_mpi_core_sub {
my $sub_name = (caller(0))[3]; # e.g. main::generate_mbedtls_mpi_sub_mpi
my ($ignore, $test_name) = split("main::generate_", $sub_name);
my @cases = ();
for my $ah (@sub_mpis) {
for my $bh (@sub_mpis) {
my $a = Math::BigInt->from_hex($ah);
my $b = Math::BigInt->from_hex($bh);
my ($rh4, $rh8, $carry);
if ($a >= $b) {
my $r = $a - $b;
$rh4 = $rh8 = $r->to_hex();
$carry = 0;
} else {
my $r4 = bound_mpi4($b) + $a - $b;
my $r8 = bound_mpi8($b) + $a - $b;
$rh4 = $r4->to_hex();
$rh8 = $r8->to_hex();
$carry = 1;
}
my $desc = "$test_name #NUMBER: 0x$ah - 0x$bh = 0x$rh4/${rh8}EXPLAIN, carry ${carry}";
my $case = output($test_name, str($ah), str($bh), str($rh4), str($rh8), $carry);
push(@cases, [$case, $desc]);
}
}
output_cases(" (for when sizeof(mbedtls_mpi_uint) == 4/8)", @cases);
}
sub output_cases {
my ($explain, @cases) = @_;
my $count = 1;
for my $c (@cases) {
my ($case, $desc, $dep) = @$c;
$desc =~ s/NUMBER/$count/; $count++;
if (defined($explain) && $desc =~ /EXPLAIN/) {
$desc =~ s/EXPLAIN/$explain/;
$explain = "";
}
my $depends = "";
$depends = "depends_on:$dep\n" if defined($dep) && length($dep);
print <<EOF;
$desc
$depends$case
EOF
}
}
# The first number (a power of 2) that won't fit in the number of MPIs
# needed for the given number
sub bound_mpi4 {
my $one = Math::BigInt->new(1); # blsft modifies caller
return $one->blsft(bits_mpi4($_[0]));
}
sub bound_mpi8 {
my $one = Math::BigInt->new(1); # blsft modifies caller
return $one->blsft(bits_mpi8($_[0]));
}
# How many bits (a multiple of 32) needed to store the specified number
# when using 4-byte MPIs
sub bits_mpi4 {
return 32 * mpi4s($_[0]);
}
# How many bits (a multiple of 64) needed to store the specified number
# when using 8-byte MPIs
sub bits_mpi8 {
return 64 * mpi8s($_[0]);
}
# How many 4-byte MPIs needed to store the specified number
sub mpi4s {
my ($n) = @_;
my $h = $n->to_hex();
return int((length($h) + 7) / 8);
}
# How many 8-byte MPIs needed to store the specified number
sub mpi8s {
my ($n) = @_;
my $h = $n->to_hex();
return int((length($h) + 15) / 16);
}
sub output {
return join(":", @_);
}
sub str {
return '"' . $_[0] . '"';
}
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
The test cases use the following MPI values.
The .data file only includes those (a, b) values where a <= b, and gives the
sum unconditionally; the test code exercises a >= b and cond == 0 using these
values. The .data file gives two values for the carry out, which are for when
sizeof(mbedtls_mpi_uint) == 4 or 8.
0 1 3 f fe ff 100 ff00 fffe ffff 10000
fffffffe ffffffff 100000000 1f7f7f7f7f7f7f
8000000000000000 fefefefefefefefe fffffffffffffffe ffffffffffffffff
10000000000000000 1234567890abcdef0
fffffffffffffffffefefefefefefefe fffffffffffffffffffffffffffffffe
ffffffffffffffffffffffffffffffff 100000000000000000000000000000000
1234567890abcdef01234567890abcdef0
fffffffffffffffffffffffffffffffffffffffffffffffffefefefefefefefe
fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
10000000000000000000000000000000000000000000000000000000000000000
1234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef0
4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b
The lines in the .data file were generated by the following script
```
#!/usr/bin/env perl
#
# mpi-test-core-add-if.pl - generate MPI tests in Perl for mbedtls_mpi_core_add_if()
#
use strict;
use warnings;
use Math::BigInt;
use sort 'stable';
my @add_mpis = qw(
0 1 3 f fe ff 100 ff00 fffe ffff 10000
fffffffe ffffffff 100000000 1f7f7f7f7f7f7f
8000000000000000 fefefefefefefefe fffffffffffffffe ffffffffffffffff
10000000000000000 1234567890abcdef0
fffffffffffffffffefefefefefefefe fffffffffffffffffffffffffffffffe ffffffffffffffffffffffffffffffff
100000000000000000000000000000000 1234567890abcdef01234567890abcdef0
fffffffffffffffffffffffffffffffffffffffffffffffffefefefefefefefe
fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
10000000000000000000000000000000000000000000000000000000000000000
1234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef0
4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b
);
generate_tests();
sub generate_tests {
generate_mbedtls_mpi_core_add_if();
}
sub generate_mbedtls_mpi_core_add_if {
my $sub_name = (caller(0))[3]; # e.g. main::generate_mbedtls_mpi_add_mpi
my ($ignore, $test_name) = split("main::generate_", $sub_name);
my @cases = ();
for my $ah (@add_mpis) {
for my $bh (@add_mpis) {
my $a = Math::BigInt->from_hex($ah);
my $b = Math::BigInt->from_hex($bh);
next if $a > $b; # don't need to repeat test cases
# $b is the larger (or equal) of the two numbers. That's the number of limbs
# we'll be using.
my $bound4 = bound_mpi4($b);
my $bound8 = bound_mpi8($b);
my $r = $a + $b;
my ($r4, $carry4) = ($r->copy(), 0);
my ($r8, $carry8) = ($r->copy(), 0);
($carry4, $r4) = $r4->bdiv($bound4);
($carry8, $r8) = $r8->bdiv($bound8);
my $rh4 = $r4->to_hex();
my $rh8 = $r8->to_hex();
my $desc = "$test_name #NUMBER: 0x$ah + 0x$bh = (0x$rh4, carry $carry4)/(0x$rh8, carry $carry8)EXPLAIN";
my $case = output($test_name, str($ah), str($bh), str($rh4), $carry4, str($rh8), $carry8);
push(@cases, [$case, $desc]);
}
}
output_cases(" (for when sizeof(mbedtls_mpi_uint) == 4/8)", @cases);
}
sub output_cases {
my ($explain, @cases) = @_;
my $count = 1;
for my $c (@cases) {
my ($case, $desc, $dep) = @$c;
$desc =~ s/NUMBER/$count/; $count++;
if (defined($explain) && $desc =~ /EXPLAIN/) {
$desc =~ s/EXPLAIN/$explain/;
$explain = "";
}
my $depends = "";
$depends = "depends_on:$dep\n" if defined($dep) && length($dep);
print <<EOF;
$desc
$depends$case
EOF
}
}
# The first number (a power of 2) that won't fit in the number of MPIs
# needed for the given number
sub bound_mpi4 {
my $one = Math::BigInt->new(1); # blsft modifies caller
return $one->blsft(bits_mpi4($_[0]));
}
sub bound_mpi8 {
my $one = Math::BigInt->new(1); # blsft modifies caller
return $one->blsft(bits_mpi8($_[0]));
}
# How many bits (a multiple of 32) needed to store the specified number
# when using 4-byte MPIs
sub bits_mpi4 {
return 32 * mpi4s($_[0]);
}
# How many bits (a multiple of 64) needed to store the specified number
# when using 8-byte MPIs
sub bits_mpi8 {
return 64 * mpi8s($_[0]);
}
# How many 4-byte MPIs needed to store the specified number
sub mpi4s {
my ($n) = @_;
my $h = $n->to_hex();
return int((length($h) + 7) / 8);
}
# How many 8-byte MPIs needed to store the specified number
sub mpi8s {
my ($n) = @_;
my $h = $n->to_hex();
return int((length($h) + 15) / 16);
}
sub output {
return join(":", @_);
}
sub str {
return '"' . $_[0] . '"';
}
```
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
PSK hash alg of server is sha256. If client send only
tls-aes-256-gcm-384, there is no valid ciphersuite
available, handshake should be abort.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
A number of places lacked the necessary dependencies on one of
the used features: MD, key exchange with certificate,
entropy, or ETM.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
The same elements are now also used when MBEDTLS_USE_PSA_CRYPTO
is defined and respective SHA / MD5 defines are missing.
A new set of macros added in #6065 is used to reflect these dependencies.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
The same elements are now also used when MBEDTLS_USE_PSA_CRYPTO
is defined and respective SHA / MD5 defines are missing.
A new set of macros added in #6065 is used to reflect these dependencies.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
TEST_EQUAL(), has the benefit of outputting the values that don't match,
which can make debugging simpler.
Scope:
- Recently added new test functions
- Checks making sure the test case/data is consistent is out of scope
- Only checks where printing the values is likely to be helpful
Signed-off-by: Janos Follath <janos.follath@arm.com>
MBEDTLS_CMAC_C dependency is ivalid.
"PEM read (unknown encryption algorithm)" needs MBEDTLS_CIPHER_MODE_CBC dependency as
otherwise this test is failing in test_when_no_ciphersuites_have_mac configuration
because mbedtls_pem_read_buffer() returns a different error (MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE).
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
- Improve test descriptions
- Add more test cases with return value of 1
- Remove the mbedtls prefix from the test function
Signed-off-by: Janos Follath <janos.follath@arm.com>
Add tests for a case in ECDSA signing where an invalid public
key is accepted in signature verification.
Test data taken from the OSS-fuzz issue, and additional
generated with python-ecdsa.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
MBEDTLS_SSL_IANA_TLS_GROUP_SECP192R1 and friends are not members of the mbedtls_ecp_group_id enum
Found by clang's -Wassign-enum
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
This is done to be able to bild test_psa_crypto_config_accel_hash component where MD5 is only available accelerated (PSA_WANT_ALG_MD5 is enabled and MBEDTLS_MD5_C is disabled) but MBEDTLS_USE_PSA_CRYPTO is disabled.
So the build should not attempt to enable pem_pbkdf1.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
