yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
25216 commits 89 branches 205 tags 114 MiB
Commit graph

53 commits

Author SHA1 Message Date
Andrzej Kurek 51cef9ce38 Add missing AES_C dependency in x509 tests 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-22 15:20:48 -04:00
Andrzej Kurek a194904055 Fix subjectAltName test prerequisites 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek 76c9662e8e Add a test for SubjectAltName writing to a certificate 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:54 -04:00
Mukesh Bharsakle 4823d5ff0e
Merge branch 'Mbed-TLS:development' into update-pkparse-tests-to-use-AES 2023-05-10 12:35:19 +01:00
Gilles Peskine 1a24895bfd Simplify string escapes 
Treat backslash as a universal escape character: "\n" is a newline,
backslash escapes any non-alphanumeric character.

This affects some test cases that had "\," standing for backslash-comma.
With the new uniform treatment of backslashes, this needs to be "\\,".

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-04-26 19:39:54 +02:00
Mukesh Bharsakle 1a4cc5e92c updating test-ca.key to use AES instead of DES 
Signed-off-by: Mukesh Bharsakle <bharsaklemukesh975@gmail.com>
 2023-04-10 14:05:42 +01:00
Manuel Pégourié-Gonnard a946489efd X.509: use MD_CAN macros 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:28:00 +01:00
Valerio Setti 00a6c6fcbe test: fix for using proper sign/verify macros 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-08 13:52:31 +01:00
Valerio Setti fcc6933a53 test: fix disparities in x509parse and x509write suites 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-08 13:52:31 +01:00
Valerio Setti 18b9b035ad test: add test for a full length serial of 0xFF 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-01-27 11:47:57 +01:00
Valerio Setti 856cec45eb test: x509: add more tests for checking certificate serial 
- added 2 new certificates: 1 for testing a serial which is full lenght
  and another one for a serial which starts with 0x80

- added also proper Makefile and openssl configuration file to generate
  these 2 new certificates

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-12 17:01:45 +01:00
Valerio Setti ea19d2db73 changelog: fixed typos 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-12 17:01:44 +01:00
Valerio Setti aad8dbd38d test: fix tests for x509write_crt_set_serial(_new) 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-12 17:01:44 +01:00
Manuel Pégourié-Gonnard edce0b42fb
Merge pull request #6454 from valeriosetti/issue4577 
Adding unit test for mbedtls_x509write_csr_set_extension()
 2022-11-15 09:39:07 +01:00
Valerio Setti 48e8fc737a Adding unit test for mbedtls_x509write_csr_set_extension() 
The already existing "x509_csr_check()" function is extended in order
to support/test also CSR's extensions. The test is performed by
adding an extended key usage.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-11-14 13:32:07 +01:00
Nicholas Wilson ca841d32db Add test for mbedtls_x509write_crt_set_ext_key_usage, and fix reversed order 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:43 +01:00
Przemek Stekiel 76b753bbb7 Change the dependencies in pem.c to xxx_BASED_ON_USE_PSA and related files 
This is done to be able to bild test_psa_crypto_config_accel_hash component where MD5 is only available accelerated (PSA_WANT_ALG_MD5 is enabled and MBEDTLS_MD5_C is disabled) but MBEDTLS_USE_PSA_CRYPTO is disabled.
So the build should not attempt to enable pem_pbkdf1.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel 050819c19e test_suite_x509write: Move MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA dependency for x509_crt_check to .function file 
mbedtls_x509write_crt_set_subject_key_identifier() requires MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel d34f8c36b8 x509 tests: adjust dependencies 
*** Comparing before-default -> after-default ***
   x509parse: total 723; skipped  26 ->  26
   x509write: total  41; skipped   8 ->   8

*** Comparing before-full -> after-full ***
   x509parse: total 723; skipped  25 ->  25
   x509write: total  41; skipped   0 ->   0

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Werner Lewis b33dacdb50 Fix parsing of special chars in X509 DN values 
Use escape mechanism defined in RFC 1779 when parsing commas and other
special characters in X509 DN values. Resolves failures when generating
a certificate with a CSR containing a comma in subject value.
Fixes #769.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-27 11:19:50 +01:00
Werner Lewis acd01e58a3 Use ASN1 UTC tags for dates before 2000 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-01 16:24:28 +01:00
Neil Armstrong 6ce6dd9bd7 Add Test generating certificates using an opaque EC key 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-13 10:32:03 +02:00
Neil Armstrong 98f899c7a5 Test generating certificates using an opaque RSA key 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-13 10:31:38 +02:00
Neil Armstrong 9fb9203182 Test generating CSRs using an opaque RSA key 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-13 10:31:08 +02:00
TRodziewicz 10e8cf5fef Remove MD2, MD4, RC4, Blowfish and XTEA 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-16 10:34:25 +02:00
Mateusz Starzyk e3c48b4a88 Separate SHA224 from SHA256 config options. 
These options are still dependant on each other.
This is an intermediate step.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-04-28 14:38:37 +02:00
Mateusz Starzyk 3352a53475 Modify config option for SHA384. 
Although SHA512 is currently required to enable SHA384, this
is expected to change in the future. This commit is an
intermediate step towards fully separating SHA384 and SHA512.

check_config is the only module which enforces that SHA512 is
enabled together with SHA384.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-04-28 14:38:37 +02:00
Darren Krahn e560be3ab4 Mark basic constraints critical as appropriate. 
Per RFC 5280 4.2.1.9 if the 'cA' field is set to true, the extension
must be marked critical.

Signed-off-by: Darren Krahn <dkrahn@google.com>
 2020-09-21 18:25:35 -07:00
Gilles Peskine 049fefff90 Add dependencies on !MBEDTLS_SHA512_NO_SHA384 to x509/ssl unit tests 
Add dependencies on !MBEDTLS_SHA512_NO_SHA384 to X.509 and SSL unit
tests that use SHA-384 (identified based on having a description that
contains "SHA384" or "SHA-384").
 2020-03-23 17:55:32 +01:00
Ron Eldor 9eeb8611b1 Update certificates to expire in 2029 
Update certificates that expire on 2021, to prolong their validity,
to make tests pass three years ahead.
 2019-07-10 16:46:34 +03:00
Andres Amaya Garcia 412ddf3812 Fix typo in x509write test data 2019-02-28 09:38:03 +00:00
Andres Amaya Garcia 7067f812f8 Add tests for (named) bitstring to suite_asn1write 2019-02-28 09:36:30 +00:00
Andrzej Kurek 4b11407258 Cosmetic changes 
Adjust whitespaces, reduce test dependencies and reduce buffer size passed by 1.
 2018-11-22 12:05:08 -05:00
Andrzej Kurek 5f7bad34bb Add CSR write testing using opaque keys 
Parse and verify CSR programatically instead of using predetermined data,
to not tamper with randomness in tests.
 2018-11-22 12:05:08 -05:00
Hanno Becker 418a62242b Extend tests/data_files/Makefile to include CRT's for CRT write test 2017-09-14 07:51:28 +01:00
Manuel Pégourié-Gonnard e6028c93f5 Fix some X509 macro names 
For some reason, during the great renaming, some names that should have been
prefixed with MBEDTLS_X509_ have only been prefixed with MBEDTLS_
 2015-04-20 12:19:02 +01:00
Manuel Pégourié-Gonnard 2cf5a7c98e The Great Renaming 
A simple execution of tmp/invoke-rename.pl
 2015-04-08 13:25:31 +02:00
Paul Bakker 8dcb2d7d7e Support escaping of commas in x509_string_to_names() 2014-08-11 11:59:52 +02:00
Manuel Pégourié-Gonnard ec4d27398a Fix curve dependencies in *keyusage tests 2014-04-29 15:06:41 +02:00
Manuel Pégourié-Gonnard 6c1a73e061 Improve x509xrite_csr testing: extensions, version 2014-04-04 16:33:01 +02:00
Manuel Pégourié-Gonnard c5ce83a3b8 Improve x509xrite_csr testing: extensions, ECDSA 2014-04-04 16:33:01 +02:00
Paul Bakker c7bb02be77 Moved PK key writing from X509 module to PK module 2013-09-15 14:54:56 +02:00
Manuel Pégourié-Gonnard 92cb1d3a91 Make CBC an option, step 3: individual ciphers 2013-09-13 17:25:43 +02:00
Manuel Pégourié-Gonnard 0237620a78 Fix some dependencies declaration 2013-09-12 11:57:02 +02:00
Manuel Pégourié-Gonnard 7f1f0926e4 Add test for x509write_key 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard 3837daec9e Add EC support to x509write_pubkey 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard 33250b0461 Add test for x509write_pubkey_pem() 2013-09-12 11:57:01 +02:00
Paul Bakker 2397cf3ede First certificate writing test. Full server1.crt reconstruction 2013-09-08 15:58:15 +02:00
Paul Bakker 48377d9834 Configuration option to enable/disable POLARSSL_PKCS1_V15 operations 2013-08-30 13:41:14 +02:00
Paul Bakker 82e2945ed2 Changed naming and prototype convention for x509write functions 
CSR writing functions now start with x509write_csr_*()
DER writing functions now have the context at the start instead of the
end conforming to other modules.
 2013-08-25 11:01:31 +02:00