2013-09-15 13:01:22 +02:00
|
|
|
/* BEGIN_HEADER */
|
2015-03-09 18:05:11 +01:00
|
|
|
#include "mbedtls/pk.h"
|
|
|
|
#include "mbedtls/pem.h"
|
|
|
|
#include "mbedtls/oid.h"
|
2013-09-15 13:01:22 +02:00
|
|
|
/* END_HEADER */
|
|
|
|
|
|
|
|
/* BEGIN_DEPENDENCIES
|
2015-04-08 12:49:31 +02:00
|
|
|
* depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_BIGNUM_C
|
2013-09-15 13:01:22 +02:00
|
|
|
* END_DEPENDENCIES
|
|
|
|
*/
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */
|
2017-05-30 15:23:15 +02:00
|
|
|
void pk_parse_keyfile_rsa( char * key_file, char * password, int result )
|
2013-09-15 13:01:22 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_pk_context ctx;
|
2013-09-15 13:01:22 +02:00
|
|
|
int res;
|
|
|
|
char *pwd = password;
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_pk_init( &ctx );
|
2013-09-15 13:01:22 +02:00
|
|
|
|
|
|
|
if( strcmp( pwd, "NULL" ) == 0 )
|
|
|
|
pwd = NULL;
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
res = mbedtls_pk_parse_keyfile( &ctx, key_file, pwd );
|
2013-09-15 13:01:22 +02:00
|
|
|
|
|
|
|
TEST_ASSERT( res == result );
|
|
|
|
|
|
|
|
if( res == 0 )
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context *rsa;
|
|
|
|
TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_RSA ) );
|
|
|
|
rsa = mbedtls_pk_rsa( ctx );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_check_privkey( rsa ) == 0 );
|
2013-09-15 13:01:22 +02:00
|
|
|
}
|
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_pk_free( &ctx );
|
2013-09-15 13:01:22 +02:00
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */
|
2017-05-30 15:23:15 +02:00
|
|
|
void pk_parse_public_keyfile_rsa( char * key_file, int result )
|
2013-09-15 13:01:22 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_pk_context ctx;
|
2013-09-15 13:01:22 +02:00
|
|
|
int res;
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_pk_init( &ctx );
|
2013-09-15 13:01:22 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
res = mbedtls_pk_parse_public_keyfile( &ctx, key_file );
|
2013-09-15 13:01:22 +02:00
|
|
|
|
|
|
|
TEST_ASSERT( res == result );
|
|
|
|
|
|
|
|
if( res == 0 )
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context *rsa;
|
|
|
|
TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_RSA ) );
|
|
|
|
rsa = mbedtls_pk_rsa( ctx );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_check_pubkey( rsa ) == 0 );
|
2013-09-15 13:01:22 +02:00
|
|
|
}
|
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_pk_free( &ctx );
|
2013-09-15 13:01:22 +02:00
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2019-08-21 15:31:52 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
|
2017-05-30 15:23:15 +02:00
|
|
|
void pk_parse_public_keyfile_ec( char * key_file, int result )
|
2013-09-15 13:01:22 +02:00
|
|
|
{
|
2019-08-21 15:31:52 +02:00
|
|
|
#if !defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_USE_TINYCRYPT)
|
|
|
|
((void) key_file);
|
|
|
|
((void) result);
|
|
|
|
#else
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_pk_context ctx;
|
2013-09-15 13:01:22 +02:00
|
|
|
int res;
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_pk_init( &ctx );
|
2013-09-15 13:01:22 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
res = mbedtls_pk_parse_public_keyfile( &ctx, key_file );
|
2013-09-15 13:01:22 +02:00
|
|
|
|
|
|
|
TEST_ASSERT( res == result );
|
|
|
|
|
|
|
|
if( res == 0 )
|
|
|
|
{
|
2019-08-21 15:31:52 +02:00
|
|
|
#if !defined(MBEDTLS_USE_TINYCRYPT)
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_ecp_keypair *eckey;
|
2019-08-21 15:31:52 +02:00
|
|
|
#else
|
|
|
|
mbedtls_uecc_keypair *uecckey;
|
|
|
|
#endif
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_ECKEY ) );
|
2019-08-21 15:31:52 +02:00
|
|
|
|
|
|
|
#if !defined(MBEDTLS_USE_TINYCRYPT)
|
2015-04-08 12:49:31 +02:00
|
|
|
eckey = mbedtls_pk_ec( ctx );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_check_pubkey( &eckey->grp, &eckey->Q ) == 0 );
|
2019-08-21 15:31:52 +02:00
|
|
|
#else
|
|
|
|
uecckey = mbedtls_pk_uecc( ctx );
|
2019-11-21 12:00:43 +01:00
|
|
|
TEST_ASSERT( uECC_valid_public_key( uecckey->public_key ) == 0 );
|
2019-08-21 15:31:52 +02:00
|
|
|
#endif /* MBEDTLS_USE_TINYCRYPT */
|
2013-09-15 13:01:22 +02:00
|
|
|
}
|
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_pk_free( &ctx );
|
2019-08-21 15:31:52 +02:00
|
|
|
#endif /* !MBEDTLS_ECP_C && !MBEDTLS_USE_TINYCRYPT */
|
2013-09-15 13:01:22 +02:00
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2019-08-21 15:31:52 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
|
2017-05-30 15:23:15 +02:00
|
|
|
void pk_parse_keyfile_ec( char * key_file, char * password, int result )
|
2013-09-15 13:01:22 +02:00
|
|
|
{
|
2019-08-21 15:31:52 +02:00
|
|
|
#if !defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_USE_TINYCRYPT)
|
|
|
|
((void) key_file);
|
|
|
|
((void) password);
|
|
|
|
((void) result);
|
|
|
|
#else
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_pk_context ctx;
|
2013-09-15 13:01:22 +02:00
|
|
|
int res;
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_pk_init( &ctx );
|
2013-09-15 13:01:22 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
res = mbedtls_pk_parse_keyfile( &ctx, key_file, password );
|
2013-09-15 13:01:22 +02:00
|
|
|
|
|
|
|
TEST_ASSERT( res == result );
|
|
|
|
|
|
|
|
if( res == 0 )
|
|
|
|
{
|
2019-08-21 15:31:52 +02:00
|
|
|
#if !defined(MBEDTLS_USE_TINYCRYPT)
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_ecp_keypair *eckey;
|
2019-08-21 15:31:52 +02:00
|
|
|
#else
|
|
|
|
mbedtls_uecc_keypair *uecckey;
|
|
|
|
unsigned char tmp_pubkey[ 2 * NUM_ECC_BYTES ];
|
|
|
|
#endif
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_ECKEY ) );
|
2019-08-21 15:31:52 +02:00
|
|
|
|
|
|
|
#if !defined(MBEDTLS_USE_TINYCRYPT)
|
2015-04-08 12:49:31 +02:00
|
|
|
eckey = mbedtls_pk_ec( ctx );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_check_privkey( &eckey->grp, &eckey->d ) == 0 );
|
2019-08-21 15:31:52 +02:00
|
|
|
#else
|
|
|
|
uecckey = mbedtls_pk_uecc( ctx );
|
2019-11-21 12:00:43 +01:00
|
|
|
TEST_ASSERT( uECC_valid_public_key( uecckey->public_key ) == 0 );
|
2019-08-21 15:31:52 +02:00
|
|
|
TEST_ASSERT( uECC_compute_public_key( uecckey->private_key,
|
2019-11-25 13:06:05 +01:00
|
|
|
tmp_pubkey ) == UECC_SUCCESS );
|
2019-08-21 15:31:52 +02:00
|
|
|
TEST_ASSERT( memcmp( tmp_pubkey, uecckey->public_key,
|
|
|
|
sizeof( tmp_pubkey ) ) == 0 );
|
|
|
|
#endif /* MBEDTLS_USE_TINYCRYPT */
|
2013-09-15 13:01:22 +02:00
|
|
|
}
|
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_pk_free( &ctx );
|
2019-08-21 15:31:52 +02:00
|
|
|
#endif /* !MBEDTLS_ECP_C && !MBEDTLS_USE_TINYCRYPT */
|
2013-09-15 13:01:22 +02:00
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
Merge mbedtls 2.16.6 into baremetal
Conflicts:
mbedtls.doxyfile - PROJECT_NAME - mbed TLS v2.16.6 chosen.
doc_mainpage.h - mbed TLS v2.16.6 version chosen.
hmac_drbg.h - line 260, extended description chosen.
- line 313, extended description chosen.
- line 338, extended description chosen.
version.h - 2.16.6 chosen.
CMakeLists.txt - 2.16.6 chosen.
test_suite_version.data - 2.16.6 chosen.
Makefile - 141 - manual correction - baremetal version of C_SOURCE_FILES
with variables for directories plus 2.16.6 CTAGS addition.
pkparse.c - lines 846 onwards - the asn1_get_nonzero_mpi implementation chosen.
ssl_tls.c - line 5269 - edited manually, left the ret=0, because baremetal has
a different behaviour since commit 87b5626, but added a debug
message that's new in 2.16.6.
all.sh:
- component_build_deprecated - chosen the refactored version from 2.16.6,
but with extra flags from baremetal.
- rest of the _no_xxx tests - merged make options to have PTHREAD=1 and
other changes from 2.16.6 (like -O1 instead of -O0).
- component_build_arm_none_eabi_gcc_no_64bit_multiplication - added
TINYCRYPT_BUILD=0 to the 2.16.6 version of make.
x509/req_app.c - left baremetal log but with mbedtls_exit( 0 ) call.
x509/crl_app.c - left baremetal log but with mbedtls_exit( 0 ) call.
x509/cert_app.c - left baremetal log but with mbedtls_exit( 0 ) call.
ssl/ssl_mail_client.c - left baremetal log but with mbedtls_exit( 0 ) call.
ssl/ssl_pthread_server.c - left baremetal log but with mbedtls_exit( 0 ) call.
ssl/ssl_fork_server.c - left baremetal log but with mbedtls_exit( 0 ) call.
ssl_client1.c - line 54 - left baremetal log but with mbedtls_exit( 0 ) call.
ssl_client2.c - line 54 - left baremetal log but with mbedtls_exit( 0 ) call.
- line 132 - new options of both branches added.
- skip close notify handled as in 2.16.6, but with `ssl` instead of `&ssl`.
- Merged the 2.16.6 usage split with additional baremetal usages.
- Merged options from baremetal and 2.16.6.
ssl_server.c - left baremetal log but with mbedtls_exit( 0 ) call.
ssl_server2.c - Merged the 2.16.6 usage split with additional baremetal usages.
config.pl - fixed missing defines from the documentation, removed duplicates,
and reorganised so that the documentation and excluded list
are ordered in the same way.
test_suite_x509parse.data - only added the two new pathlen tests.
x509_crt.c - change the return code by removing
MBEDTLS_ERR_X509_INVALID_EXTENSIONS, since it's added by
x509_crt_frame_parse_ext not by an "or", but by "+=".
Changelog - Assigned all entries to appropriate sections.
ssl-opt.sh - line 8263 - merged options.
- removed lines 1165 - 1176 - there was a duplicate test, probably
an artifact of previous merges.
check-files.py - sticked to old formatting.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-05-18 17:47:25 +02:00
|
|
|
/* BEGIN_CASE */
|
|
|
|
void pk_parse_key( data_t * buf, int result )
|
2013-09-15 13:01:22 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_pk_context pk;
|
2013-09-15 13:01:22 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_pk_init( &pk );
|
2013-09-15 13:01:22 +02:00
|
|
|
|
Merge mbedtls 2.16.6 into baremetal
Conflicts:
mbedtls.doxyfile - PROJECT_NAME - mbed TLS v2.16.6 chosen.
doc_mainpage.h - mbed TLS v2.16.6 version chosen.
hmac_drbg.h - line 260, extended description chosen.
- line 313, extended description chosen.
- line 338, extended description chosen.
version.h - 2.16.6 chosen.
CMakeLists.txt - 2.16.6 chosen.
test_suite_version.data - 2.16.6 chosen.
Makefile - 141 - manual correction - baremetal version of C_SOURCE_FILES
with variables for directories plus 2.16.6 CTAGS addition.
pkparse.c - lines 846 onwards - the asn1_get_nonzero_mpi implementation chosen.
ssl_tls.c - line 5269 - edited manually, left the ret=0, because baremetal has
a different behaviour since commit 87b5626, but added a debug
message that's new in 2.16.6.
all.sh:
- component_build_deprecated - chosen the refactored version from 2.16.6,
but with extra flags from baremetal.
- rest of the _no_xxx tests - merged make options to have PTHREAD=1 and
other changes from 2.16.6 (like -O1 instead of -O0).
- component_build_arm_none_eabi_gcc_no_64bit_multiplication - added
TINYCRYPT_BUILD=0 to the 2.16.6 version of make.
x509/req_app.c - left baremetal log but with mbedtls_exit( 0 ) call.
x509/crl_app.c - left baremetal log but with mbedtls_exit( 0 ) call.
x509/cert_app.c - left baremetal log but with mbedtls_exit( 0 ) call.
ssl/ssl_mail_client.c - left baremetal log but with mbedtls_exit( 0 ) call.
ssl/ssl_pthread_server.c - left baremetal log but with mbedtls_exit( 0 ) call.
ssl/ssl_fork_server.c - left baremetal log but with mbedtls_exit( 0 ) call.
ssl_client1.c - line 54 - left baremetal log but with mbedtls_exit( 0 ) call.
ssl_client2.c - line 54 - left baremetal log but with mbedtls_exit( 0 ) call.
- line 132 - new options of both branches added.
- skip close notify handled as in 2.16.6, but with `ssl` instead of `&ssl`.
- Merged the 2.16.6 usage split with additional baremetal usages.
- Merged options from baremetal and 2.16.6.
ssl_server.c - left baremetal log but with mbedtls_exit( 0 ) call.
ssl_server2.c - Merged the 2.16.6 usage split with additional baremetal usages.
config.pl - fixed missing defines from the documentation, removed duplicates,
and reorganised so that the documentation and excluded list
are ordered in the same way.
test_suite_x509parse.data - only added the two new pathlen tests.
x509_crt.c - change the return code by removing
MBEDTLS_ERR_X509_INVALID_EXTENSIONS, since it's added by
x509_crt_frame_parse_ext not by an "or", but by "+=".
Changelog - Assigned all entries to appropriate sections.
ssl-opt.sh - line 8263 - merged options.
- removed lines 1165 - 1176 - there was a duplicate test, probably
an artifact of previous merges.
check-files.py - sticked to old formatting.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-05-18 17:47:25 +02:00
|
|
|
TEST_ASSERT( mbedtls_pk_parse_key( &pk, buf->x, buf->len, NULL, 0 ) == result );
|
2013-09-15 13:01:22 +02:00
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_pk_free( &pk );
|
2013-09-15 13:01:22 +02:00
|
|
|
}
|
|
|
|
/* END_CASE */
|