Commit Graph

2886 Commits

Author SHA1 Message Date
Simon Butcher
8b2c642994 Merge remote-tracking branch 'public/pr/2904' into baremetal 2019-10-29 15:31:48 +00:00
Simon Butcher
f5a64048b7 Merge remote-tracking branch 'public/pr/2892' into baremetal 2019-10-29 15:30:38 +00:00
Arto Kinnunen
4ecfbd3b16 Fix tests to work in Mbed OS test environment
Update x509parse and x509write test suites to include "x509.c" from
correct location.
2019-10-24 15:48:47 +03:00
Arto Kinnunen
0fa65aabf0 Review corrections
-Guard additional static variables with AES_ONLY_ENCRYPT
-Update config.h description about memory savings
-Update test: fix typo in all.sh and adjust compiler flags
2019-10-24 12:19:50 +03:00
Arto Kinnunen
c0a8bd40fc Tests for AES encypt only 2019-10-24 12:19:43 +03:00
Arto Kinnunen
366c13eaad Update AES 128-bit key test
Flag out 192/256-bit key tests from test_suite_cipher.gcm
2019-10-24 09:49:23 +03:00
Arto Kinnunen
4c003ca80c Update AES 128-key test
- Unset MBEDTLS_PADLOCK_C in aes_only_128_bit_keys test to get RAM
  optimised version tested
- Use compiler flag "-O1" instead of "-Wall -Wextra" to see warnings
2019-10-24 09:49:23 +03:00
Arto Kinnunen
4ab702b24a Add AES 128-bit key dependency to tests
- Do not run tests that are using 192/256-bit keys if only
  128-bit keys are allowed for AES.
- Add AES 128-bit-only test to all.sh
2019-10-24 09:49:23 +03:00
Simon Butcher
e2bf54d3d1 Merge remote-tracking branch 'public/pr/2877' into baremetal 2019-10-23 14:53:29 +01:00
Simon Butcher
a26fb4c64f Merge remote-tracking branch 'public/pr/2870' into baremetal 2019-10-23 14:51:37 +01:00
Manuel Pégourié-Gonnard
66491e1840 Fix undefined references to hardware_poll()
Ultimately, mbedtls_hardware_poll() is going to be provided by the
OS/environment when running on target. But for on-host programs and tests, we
need to define (a fake version) in each program that we want to be able to
link.

A previous commit took care of ssl_client2 and ssl_server2. But if we want to
be able to compile all programs, we need to modify each of them. This doesn't
seem useful, so instead let's just build the programs we need for testing -
this means only udp_proxy needs fixing in addition to what's already done.

This issue went unnoticed in the PR that introduced the new all.sh component,
because at that time the platform_memxxx() functions were not actually used in
the library (nor in programs), so the linker could live with
mbedtls_hardware_poll() not being defined, as it wasn't called anywhere. This
changed when we started using the new platform_memxxx() functions in the
library.
2019-10-22 12:50:13 +02:00
Jarno Lamsa
08d6cf2070 Modify the test_baremetal in all.sh
Allow it to run the whole ssl-opt.sh instead of filtering only to
Default, DTLS
2019-10-22 13:32:26 +03:00
Jarno Lamsa
33281d5546 Add requires entries for tests
To be able to pass the ssl_opt.sh with the baremetal configuration
2019-10-22 13:32:26 +03:00
Simon Butcher
f0963f7141 Merge remote-tracking branch 'public/pr/2867' into baremetal 2019-10-08 18:57:31 +01:00
Manuel Pégourié-Gonnard
0a9b44ddaa Merge branch 'mbedtls-2.16' into baremetal-2.16-20191004
* mbedtls-2.16: (25 commits)
  Fix compilation error
  Add const to variable
  Fix endianity issue when reading uint32
  Increase test suite timeout
  Reduce stack usage of test_suite_pkcs1_v15
  Reduce stack usage of test_suite_pkcs1_v21
  Reduce stack usage of test_suite_rsa
  Reduce stack usage of test_suite_pk
  Enable MBEDTLS_MEMORY_DEBUG in memory buffer alloc test in all.sh
  Remove unnecessary memory buffer alloc and memory backtrace unsets
  Disable DTLS proxy tests for MEMORY_BUFFER_ALLOC test
  all.sh: restructure memory allocator tests
  Add missing dependency in memory buffer alloc set in all.sh
  Don't set MBEDTLS_MEMORY_DEBUG through `scripts/config.pl full`
  Add cfg dep MBEDTLS_MEMORY_DEBUG->MBEDTLS_MEMORY_BUFFER_ALLOC_C
  Add all.sh run with full config and ASan enabled
  Add all.sh run with MBEDTLS_MEMORY_BUFFER_ALLOC_C enabled
  Update documentation of exceptions for `config.pl full`
  Adapt all.sh to removal of buffer allocator from full config
  Disable memory buffer allocator in full config
  ...
2019-10-07 12:44:09 +02:00
Jarno Lamsa
990135eb4e Add all.sh entry 2019-10-04 14:50:50 +03:00
Jarno Lamsa
f098b26b83 Add rng for the test suites 2019-10-04 12:51:45 +03:00
Jaeden Amero
b9fc0798d2 Merge remote-tracking branch 'origin/pr/2864' into mbedtls-2.16
* origin/pr/2864:
  Fix compilation error
  Add const to variable
  Fix endianity issue when reading uint32
  Increase test suite timeout
  Reduce stack usage of test_suite_pkcs1_v15
  Reduce stack usage of test_suite_pkcs1_v21
  Reduce stack usage of test_suite_rsa
  Reduce stack usage of test_suite_pk
2019-10-02 18:00:31 +01:00
Jaeden Amero
b0328ba8a3 Merge remote-tracking branch 'origin/pr/2323' into mbedtls-2.16
* origin/pr/2323:
  Add missing dependencies in test_suite_cipher.gcm
  Adapt ChangeLog
  Add NIST AES GCM test vectors to single-step cipher API test suite
2019-10-02 17:57:37 +01:00
Arto Kinnunen
cfbeb76dd2 ssl-opt.sh: Adjust authentication test flags 2
Require MBEDTLS_X509_MAX_INTERMEDIATE_CA to be exactly 8 in
authentication tests.
2019-09-27 13:43:05 +03:00
Arto Kinnunen
13db25fbe9 ssl-opt.sh: Fix requires_config_value_exactly
Fix comparison bug in requires_config_value_exactly.
2019-09-27 13:06:25 +03:00
Arto Kinnunen
c457ab1c2b ssl-opt.sh: Adjust authentication test flags
Require MBEDTLS_X509_MAX_INTERMEDIATE_CA to be exactly 8 in one
authentication test.
2019-09-27 12:00:51 +03:00
Arto Kinnunen
a1e980695b ssl-opt.sh: Modify test sets based on config value 2
Adjust tests set configuration based on review comments.
2019-09-26 19:35:16 +03:00
Arto Kinnunen
3f1190d15b sslopt.sh: Modify test sets based on config value
query_opt is used to read Mbed TLS configuration values instead of
config.pl script. Now MBEDTLS_SSL_MAX_CONTENT_LEN value is correctly
read and some tests needs to be removed from the test set when value
of MBEDTLS_SSL_MAX_CONTENT_LEN is too small for the test.
2019-09-26 17:18:57 +03:00
Arto Kinnunen
7821352483 ssl-opt.sh: use query_config to read flag value
To avoid dependency to "config.pl" use query_config test program to
read Mbed TLS flag values.
2019-09-26 11:06:39 +03:00
Arto Kinnunen
c0d2fa7f0b Update Makefiles and revert changes to config.pl
-Add comments to Makefiles about test env auto-detection
-Fix indentation
-Remove parent folder from include dirs
-Do not use environment variable for defining config file because
 env variable usage is not fully implemented
-Revert changes to config.pl
2019-09-26 10:33:56 +03:00
Simon Butcher
85b495b30a Merge remote-tracking branch 'origin/pr/652' into baremetal 2019-09-25 16:37:07 +01:00
Arto Kinnunen
8307802824 Enable tests in Mbed OS environment
Update Makefiles and config.pl to adapt to directory structure used
in Mbed OS.
2019-09-25 16:23:17 +03:00
Hanno Becker
ab9a29bd2c ssl-opt.sh: Reuse query config test program for requires_config_xxx
This commit reimplements the helper functions
- requires_config_enabled
- requires_config_disabled
in ssl-opt.sh in terms of the programs/test/query_config
programs which allows to query the configuration in which
Mbed TLS was built.

This removes the dependency of ssl-opt.sh from the config
that was used to build the library.
2019-09-25 16:09:15 +03:00
Ron Eldor
ae9f2a2acc Fix compilation error
Change test_info.failed to test_info.result,
as it was previously changed.
2019-09-25 15:04:21 +03:00
Ron Eldor
39512b4b8a Add const to variable
Add const type that was accidently removed.
2019-09-25 14:53:42 +03:00
Ron Eldor
6e76108e15 Fix endianity issue when reading uint32
The uint32 is given as a bigendian stream, in the tests, however,
the char buffer that collected the stream read it as is,
without converting it. Add a temporary buffer, to call `greentea_getc()`
8 times, and then put it in the correct endianity for input to `unhexify()`.
2019-09-25 14:53:35 +03:00
Ron Eldor
2ad73aa388 Increase test suite timeout
Increase the test suite timeouit from 180 seconds, to 800 seconds,
since some tests consume more time, even if all tests are skipped.
2019-09-25 14:53:26 +03:00
Ron Eldor
3adb981383 Reduce stack usage of test_suite_pkcs1_v15
Reduce the stack usage of the `test_suite_pkcs1_v15` by reducing the
size of the buffers used in the tests, to a reasonable big enough size.
2019-09-25 14:53:15 +03:00
Ron Eldor
5d7254a091 Reduce stack usage of test_suite_pkcs1_v21
Reduce the stack usage of the `test_suite_pkcs1_v21` by reducing the
size of the buffers used in the tests, to a reasonable big enough size,
and change the size sent to the API to sizeof output.
2019-09-25 14:53:04 +03:00
Ron Eldor
e4c5fa74b8 Reduce stack usage of test_suite_rsa
Reduce the stack usage of the `test_suite_rsa` by reducing the
size of the buffers used in the tests, to a reasonable big enough size,
and change the data size to decrypt in the data file.
2019-09-25 14:51:19 +03:00
Ron Eldor
5533f4aff1 Reduce stack usage of test_suite_pk
Reduce the stack usage of the `test_suite_pk` by reducing the
size of the buffers used in the tests, to a reasonable big enough size.
2019-09-25 14:51:12 +03:00
Simon Butcher
8d0684dd06 Merge remote-tracking branch 'public/pr/2835' into baremetal 2019-09-24 15:28:35 +01:00
Manuel Pégourié-Gonnard
6d229f8af0 Adapt EC-JPAKE test suite to hardcodable hash 2019-09-19 12:07:58 +02:00
Manuel Pégourié-Gonnard
073c1e1391 Remove pk_info from pk_context_t with SINGLE_TYPE
In very reduced configurations, we don't want the overhead of maintaining a
bool just to remember if the context is valid and checking that bit at every
point of entry.

Note: so far this validity bit also served as a proxy to ensure that pk_ctx
was valid (currently this is a pointer to a dynamically-allocated buffer). In
the next series of commits, this will be changed to a statically-allocated
buffer, so there will be no question about its validity.

In the end (after this commit and the next series), a pk_context_t will be
(memory-wise) just the same as a mbedtls_uecc_keypair when SINGLE_TYPE is
enabled - meaning the PK layer will have zero memory overhead in that case.
2019-09-19 10:45:14 +02:00
Manuel Pégourié-Gonnard
020d9ba4ed Introduce abstraction mbedtls_pk_handle_t
This is the first in a series of commit aimed at removing the pk_info
structures when we're building with MBEDTLS_PK_SINGLE_TYPE enabled.

Introducing this abstraction allows us to later make it a two-valued type
(valid, invalid) instead, which is much lighter.
2019-09-19 10:45:14 +02:00
Manuel Pégourié-Gonnard
1c1cc0d373 Add config.h option MBEDTLS_PK_SINGLE_HASH
No effect for now, just declaring it here, implemented in subsequent commits.

The option requires MBEDTLS_USE_TINYCRYPT and is incompatible with
MBEDTLS_PK_RSA_ALT_SUPPORT and MBEDTLS_RSA_C.

Currently users (including the X.509 and SSL libraries) assume that if both PK
and RSA are enabled, then RSA is available through PK. If we allowed RSA to be
enabled together with PK_SINGLE_TYPE, we'd break that assumption. Going
through the code to find all place that rely on that assumption and fix them
would be cumbersome, and people who want PK_SINGLE_TYPE are unlikely to care
about RSA anyway, so let's just make them incompatible.

This is also consistent with what's done in the MD module: MD_SINGLE_HASH
requires that exactly one hash be enabled.
2019-09-19 10:45:14 +02:00
Manuel Pégourié-Gonnard
097628f871 Fix undeclared dependency on RSA_ALT in tests 2019-09-19 10:45:14 +02:00
Manuel Pégourié-Gonnard
e5a0b366f8 Merge branch 'baremetal' into baremetal-2.16-20190909
* baremetal: (78 commits)
  Review corrections 6
  Review corrections 5
  Minor changes to tinycrypt README
  Typos in the tinycrypt README
  Addition of copyright statements to tinycrypt files
  Add LICENSE and README for tinycrypt
  Add SPDX lines to each imported TinyCrypt file
  Review corrections 4
  Review corrections 3
  Review corrections 2
  Review corrections
  Update signature of BE conversion functions
  Use function for 16/24/32-bit BE conversion
  x509.c: Minor readability improvement
  x509_crt.c: Indicate guarding condition in #else branch
  X.509: Don't remove verify callback by default
  Fix Doxygen warnings regarding removed verify cb+ctx parameters
  ECC restart: Use optional verification mode in bad signature test
  Re-implement verify chain if vrfy cbs are disabled
  Add zero-cost abstraction layer for CRT verification chain
  ...
2019-09-12 09:58:14 +02:00
Simon Butcher
88b535a47e Merge remote-tracking branch 'origin/pr/654' into baremetal 2019-09-10 14:54:28 +01:00
Simon Butcher
303d399f42 Merge remote-tracking branch 'origin/pr/609' into baremetal 2019-09-10 14:50:04 +01:00
Simon Butcher
9bdd13b2e7 Merge remote-tracking branch 'origin/pr/621' into baremetal 2019-09-10 14:49:35 +01:00
Manuel Pégourié-Gonnard
8abd0a0c84 Merge branch 'mbedtls-2.16' into baremetal-2.16-20190909
* mbedtls-2.16: (28 commits)
  Bump version to Mbed TLS 2.16.3
  Changelog entry
  Check for zero length and NULL buffer pointer
  ssl-opt.sh: wait for proxy to start before running the script further
  Fix uninitialized variable in x509_crt
  HMAC DRBG: Split entropy-gathering requests to reduce request sizes
  Fix the license header of hkdf
  Add a change log entry
  Add a test for mlaformed ECJPAKE context
  Fix handling of md failure
  Add a test for signing content with a long ECDSA key
  Add documentation notes about the required size of the signature buffers
  Add missing MBEDTLS_ECP_C dependencies in check_config.h
  Change size of preallocated buffer for pk_sign() calls
  Adapt ChangeLog
  Fix mpi_bigendian_to_host() on bigendian systems
  Add ChangeLog entry for new function
  Add ChangeLog entry
  Correct deterministic ECDSA behavior
  Add warning for alternative ECDSA implementations
  ...
2019-09-10 11:27:14 +02:00
Andrzej Kurek
60ebd98a50 Enable MBEDTLS_MEMORY_DEBUG in memory buffer alloc test in all.sh 2019-09-10 03:07:44 -04:00
Andrzej Kurek
c73f857217 Remove unnecessary memory buffer alloc and memory backtrace unsets
Also unify the sanitization LDFLAGS with development
2019-09-10 03:07:29 -04:00