Commit Graph

3181 Commits

Author SHA1 Message Date
Jaeden Amero
d192ba4ef1 Merge remote-tracking branch 'origin/pr/2463' into development
* origin/pr/2463:
  Fix a rebase error
  Wrap lines at 80 columns
  Add NIST keywrap as a cipher mode
  Fix errors in AEAD test function
2019-04-05 14:15:40 +01:00
Jaeden Amero
62ab1f9961 Merge remote-tracking branch 'origin/pr/2405' into development
* origin/pr/2405:
  Fix ChangeLog entry ordering
  Fix typo
  Add non-regression test for buffer overflow
  Improve documentation of mbedtls_mpi_write_string()
  Adapt ChangeLog
  Fix 1-byte buffer overflow in mbedtls_mpi_write_string()
2019-04-05 14:08:49 +01:00
Darryl Green
383d1fa6a5 Add --internal option to list-identifiers.sh
When doing ABI/API checking, its useful to have a list of all the
identifiers that are defined in the internal header files, as we
do not promise compatibility for them. This option allows for a
simple method of getting them for use with the ABI checking script.
2019-04-05 13:59:52 +01:00
Jaeden Amero
3d8144731f Merge remote-tracking branch 'origin/pr/2192' into development
* origin/pr/2192:
  Increase okm_hex buffer to contain null character
  Minor modifications to hkdf test
  Add explanation for okm_string size
  Update ChangeLog
  Reduce buffer size of okm
  Reduce Stack usage of hkdf test function
2019-04-05 13:53:14 +01:00
Jack Lloyd
274024f3d5 Fix a rebase error 2019-04-04 07:59:41 -07:00
Janos Follath
ee11be6572 Add test for configuration specific CRT callback 2019-04-04 12:03:30 +01:00
Hanno Becker
efb440afec Add test exercising context-specific CRT callback to ssl-opt.sh 2019-04-03 13:11:20 +01:00
Ron Eldor
b6dc105456 Add Wisun Fan device extended key usage
Add the Wisun extended key usage oid and tests.
2019-04-03 13:48:50 +03:00
Jack Lloyd
ffdf28851d Add NIST keywrap as a cipher mode
Closes #2003 see also #1658
2019-04-02 10:02:55 -07:00
Jack Lloyd
1dbc5a257f Fix errors in AEAD test function
It was failing to set the key in the ENCRYPT direction before encrypting.
This just happened to work for GCM and CCM.

After re-encrypting, compare the length to the expected ciphertext
length not the plaintext length. Again this just happens to work for
GCM and CCM since they do not perform any kind of padding.
2019-04-02 10:02:55 -07:00
Jarno Lamsa
dfd22c4dbd Address comments for x509 tests 2019-04-01 15:18:53 +03:00
Jarno Lamsa
f7a7f9ee43 Address review comments regarding ssl_client2 and ssl tests 2019-04-01 15:11:54 +03:00
Jarno Lamsa
31d9db6195 Change the verify function naming
Change the naming to reflect that the function uses a new ca callback
feature to distinguish different callbacks.
2019-04-01 14:33:49 +03:00
Hanno Becker
3f932bbc5d Remove trailing whitespace in test_suite_x509parse.function 2019-03-28 17:06:47 +00:00
Hanno Becker
746aaf3f38 Add ssl-opt.sh tests for trusted CA callbacks 2019-03-28 16:13:44 +00:00
Hanno Becker
0350d56286 Only run X.509 CRT verification tests with CA callback tests if !CRL 2019-03-28 16:13:44 +00:00
Hanno Becker
cbb590369c Minor fixes to CA callback tests 2019-03-28 16:13:44 +00:00
Jarno Lamsa
557426ad77 Add a failure testcase for ca callback 2019-03-28 16:13:43 +00:00
Jarno Lamsa
912ed33991 Change callback name to ca_callback 2019-03-28 16:13:43 +00:00
Jarno Lamsa
03cd120ce4 Test for ca list callback 2019-03-28 16:13:43 +00:00
Jaeden Amero
c70a3c76bf Merge remote-tracking branch 'tls/development' into development
Resolve conflicts actions:
 - Reject path changes to config.h
 - Reject submodule-related changes in build scripts (Makefile,
   CMakeLists.txt)
 - Add oid test suite to list of tests in tests/CMakeLists.txt,
   rejecting any test filtering related changes (which TLS uses to avoid
   duplicating crypto tests)
 - Add legacy ECDH test to all.sh without including
   all.sh tests that depend on SSL
2019-03-28 16:02:25 +00:00
Jaeden Amero
57773d4ede Merge remote-tracking branch 'restricted/pr/551' into development
* restricted/pr/551:
  ECP: Clarify test descriptions
  ECP: remove extra whitespaces
  Fix ECDH secret export for Mongomery curves
  Improve ECP test names
  Make ecp_get_type public
  Add more tests for ecp_read_key
  ECP: Catch unsupported import/export
  Improve documentation of mbedtls_ecp_read_key
  Fix typo in ECP module
  Remove unnecessary cast from ECP test
  Improve mbedtls_ecp_point_read_binary tests
  Add Montgomery points to ecp_point_write_binary
  ECDH: Add test vectors for Curve25519
  Add little endian export to Bignum
  Add mbedtls_ecp_read_key
  Add Montgomery points to ecp_point_read_binary
  Add little endian import to Bignum
2019-03-27 17:01:24 +00:00
Jaeden Amero
0ea33776ce Merge remote-tracking branch 'restricted/pr/552' into development
Ensure this merge passes tests by auto-generating query_config.c, adding
MBEDTLS_ECDH_LEGACY_CONTEXT to it.

* restricted/pr/552:
  Fix mbedtls_ecdh_get_params with new ECDH context
  Test undefining MBEDTLS_ECDH_LEGACY_CONTEXT in all.sh
  Define MBEDTLS_ECDH_LEGACY_CONTEXT in config.h
  Add changelog entry for mbedtls_ecdh_get_params robustness
  Fix ecdh_get_params with mismatching group
  Add test case for ecdh_get_params with mismatching group
  Add test case for ecdh_calc_secret
  Fix typo in documentation
2019-03-27 17:01:16 +00:00
Jaeden Amero
c73fde725b Merge remote-tracking branch 'origin/pr/2531' into development
Ensure tests pass when the submodule is used by updating the list of
crypto tests to include test_suite_oid in both tests/CMakeLists.txt and
tests/Makefile.

* origin/pr/2531:
  Add changeLog entry
  Add certificate policy of type any policy id
2019-03-27 16:52:08 +00:00
Jaeden Amero
3930e18c3c Merge remote-tracking branch 'origin/pr/2509' into development
* origin/pr/2509:
  all.sh: Generate seedfile for crypto submodule tests
  Update crypto submodule to test with private headers
  tests: Use globbing in test suite exclusion list
  Update crypto submodule to Mbed Crypto development
  tests: Test crypto via the crypto submodule
2019-03-27 14:45:26 +00:00
Jaeden Amero
d5d01a0435 Merge remote-tracking branch 'origin/pr/2525' into development
* origin/pr/2525:
  Update library version to 2.17.0
2019-03-26 14:50:06 +00:00
Ron Eldor
11ee07191f Add certificate policy of type any policy id
Add a function for getting the certificate policy. Currently only
"Any Policy" is supported.
2019-03-26 14:41:07 +02:00
Jaeden Amero
3f8d78411a Update library version to 2.17.0 2019-03-19 16:12:55 +00:00
Jaeden Amero
9714510736 all.sh: Generate seedfile for crypto submodule tests
When running tests from the crypto submodule, generate and use a
seedfile within the crypto/tests directory.
2019-03-19 15:45:09 +00:00
Jaeden Amero
0a504c02f6 tests: Add library to include path when used as submodule
Some tests use internal-only header files, which are stored in the
'library' folder, and therefore need the library folder passed in on the
include path. For non-submoudle builds, this is set globally in the
top-level CMakeLists.txt file. For submodule builds, this is set through
target includes to a path only meaningful when Mbed Crypto is built as a
submodule.
2019-03-15 15:47:17 +00:00
Gilles Peskine
d7929e7539 Fix copypasta in test data 2019-03-15 11:37:09 +01:00
Gilles Peskine
e3dbdd8d90 Gate entropy injection through a dedicated configuration option
Entropy injection has specific testing requirements. Therefore it
should depend on a specific option.
2019-03-15 11:15:21 +01:00
Gilles Peskine
6bf4baef95 Remove compilation option MBEDTLS_PSA_HAS_ITS_IO
MBEDTLS_PSA_HAS_ITS_IO is not really useful since it doesn't actually
enable anything except the entropy seed file support, which only
requires the ITS interface and not a native implemetation. Remove it.
2019-03-15 11:15:13 +01:00
Gilles Peskine
5e80d91dbf Remove psa_crypto_storage_backend.h
Since there is now a single storage backend, we don't need a backend
interface. Make the functions that were declared in
psa_crypto_storage_backend.h and are now both defined and used in
psa_crypto_storage.c static, except for psa_is_key_present_in_storage
which is used by the gray-box tests and is now declared in
psa_crypto_storage.h.
2019-03-15 11:15:04 +01:00
Gilles Peskine
e435f23019 Remove psa_crypto_storage_file
Now that we have ITS over files, we no longer need a direct backend
for key storage over files. Remove psa_crypto_storage_file and its
tests.

Switch MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C and MBEDTLS_PSA_ITS_FILE_C on
by default. This preserves functionality and test coverage in the
default configuration, but forgets any key previously stored using the
file backend.
2019-03-15 11:14:51 +01:00
Gilles Peskine
23793482ac Support ITS over file in PSA crypto 2019-03-15 11:14:37 +01:00
Gilles Peskine
b0c642abae Tests for PSA ITS over stdio files 2019-03-15 11:14:35 +01:00
Gilles Peskine
bc1f272750 Tests for PSA ITS over files 2019-03-15 11:14:29 +01:00
Jaeden Amero
2184ef63ab tests: Use globbing in test suite exclusion list
Use e.g. test_suite_aes.% instead of listing out subsuites. This makes
is less of a pain to add new subsuites.
2019-03-13 14:50:00 +00:00
Jaeden Amero
b78b300b2e tests: Test crypto via the crypto submodule
Test the crypto implementation via tests from the Mbed Crypto submodule
instead of at the Mbed TLS top level.

The version test is the only test that is tested from both TLS and
Crypto, despite being entirely in libmbedcrypto. This is because the
test data is code-gen'd from the version updating script and the version
between Mbed TLS and Mbed Crypto don't necessarily always agree. The
test data must come from the top level module, as only the top level
module will have test data that matches the expected version.
2019-03-13 13:39:23 +00:00
Jaeden Amero
b478bb6ddb tests: Add a crypto prefix to submodule tests
Prepend ".crypto" to tests that came from the crypto submodule. This
allows, when this project is used as a submodule, for tests with names
the same between the parent and this project when used as a submodule to
both be built and run.
2019-03-11 16:51:37 +00:00
Jaeden Amero
1264c2a86f tests: Exclude version suite when used as a submodule
The version test suite is duplicated between Mbed TLS and Mbed Crypto.
Use TLS's copy and not Crypto's copy when Crypto is used as a submodule
of TLS.

The version test is the only test that is tested from both TLS and
Crypto, despite being entirely in libmbedcrypto. This is because the
test data is code-gen'd from the version updating script and the version
between Mbed TLS and Mbed Crypto don't necessarily always agree. The
test data must come from the top level module, as only the top level
module will have test data that matches the expected version.
2019-03-11 16:50:30 +00:00
Jaeden Amero
120d571e8e tests: Use parent module includes when used as a submodule
For Makefiles, enable overriding where includes can come from in order
to enable the parent module to set the include path. This allows the
parent module to specify that its config.h should be used, even when the
submodule when built standalone would use a different config.h.

For CMake, always look in the parent's include folder and our own. List
the parent's include folder first, so that preference is given to parent
include files.
2019-03-11 16:50:25 +00:00
Jaeden Amero
9afb2e9921 Remove tests that depend on TLS or X.509 2019-03-11 16:49:26 +00:00
Jaeden Amero
e23737c618 recursion.pl: Don't depend on X.509 2019-03-11 16:48:36 +00:00
Jaeden Amero
03c60de0e0 query_config: Move to programs/test
As the SSL programs, like ssl_client2 and ssl_server2, are dependent on
SSL and therefore about to be removed, the only consumer of query_config
is the query_compile_time_config test. As such, it makes sense to move
query_config to be next to what uses it.
2019-03-11 16:48:36 +00:00
Jaeden Amero
9b90f2e294 all.sh: Remove dependency on TLS, NET, and X.509 2019-03-11 16:48:35 +00:00
Jaeden Amero
2b9eb0bd6c Merge remote-tracking branch 'tls/development' into development
* origin/development: (113 commits)
  Update query_config.c
  Fix failure in SSLv3 per-version suites test
  Adjust DES exclude lists in test scripts
  Clarify 3DES changes in ChangeLog
  Fix documentation for 3DES removal
  Exclude 3DES tests in test scripts
  Fix wording of ChangeLog and 3DES_REMOVE docs
  Reduce priority of 3DES ciphersuites
  Fix unused variable warning in ssl_parse_certificate_coordinate()
  Update the crypto submodule to a78c958
  Fix ChangeLog entry to correct release version
  Fix typo in x509write test data
  Add ChangeLog entry for unused bits in bitstrings
  Improve docs for named bitstrings and their usage
  Add tests for (named) bitstring to suite_asn1write
  Add new function mbedtls_asn1_write_named_bitstring()
  Add missing compile time guard in ssl_client2
  Update programs/ssl/query_config.c
  ssl_client2: Reset peer CRT info string on reconnect
  Add further debug statements on assertion failures
  ...
2019-03-07 12:02:18 +00:00
Janos Follath
04dadb73fd Add non-regression test for buffer overflow 2019-03-06 12:29:37 +00:00
Jaeden Amero
0a9f9b20b6 Merge remote-tracking branch 'origin/pr/2317' into development
* origin/pr/2317:
  Update ChangeLog
  all.sh: Test MBEDTLS_MPI_WINDOW_SIZE=1
  Fix DEADCODE in mbedtls_mpi_exp_mod()
2019-03-05 16:33:42 +00:00
Jaeden Amero
41e1986ed0 Merge remote-tracking branch 'origin/pr/2293' into development
* origin/pr/2293:
  Declare test_suite_aes.ofb to CMake
  Add a facility to skip running some test suites
  run-test-suites: update the documentation
2019-03-05 16:30:37 +00:00
Jaeden Amero
6b47a6ceac Merge remote-tracking branch 'origin/pr/2100' into development
* origin/pr/2100:
  Fix test data missing some fake-random input
  Add tests for RSA encrypt/decrypt with NULL for empty message
2019-03-05 16:29:27 +00:00
Jaeden Amero
7df1bec82b Merge remote-tracking branch 'origin/pr/1520' into development
* origin/pr/1520:
  Use certificates from data_files and refer them
  Specify server certificate to use in SHA-1 test
  refactor CA and SRV certificates into separate blocks
  refactor SHA-1 certificate defintions and assignment
  refactor server SHA-1 certificate definition into a new block
  define TEST_SRV_CRT_RSA_SOME in similar logic to TEST_CA_CRT_RSA_SOME
  server SHA-256 certificate now follows the same logic as CA SHA-256 certificate
  add entry to ChangeLog
2019-03-05 16:24:11 +00:00
Simon Butcher
535ee4a35b Merge remote-tracking branch 'public/pr/2421' into development
* public/pr/2421: (68 commits)
  Fix unused variable warning in ssl_parse_certificate_coordinate()
  Add missing compile time guard in ssl_client2
  Update programs/ssl/query_config.c
  ssl_client2: Reset peer CRT info string on reconnect
  Add further debug statements on assertion failures
  Fix typo in documentation of ssl_parse_certificate_chain()
  Add debug output in case of assertion failure
  Fix typo in SSL ticket documentation
  Add config sanity check for !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
  ssl_client2: Zeroize peer CRT info buffer when reconnecting
  Reintroduce numerous ssl-opt.sh tests if !MBEDTLS_SSL_KEEP_PEER_CERT
  ssl_client2: Extract peer CRT info from verification callback
  Improve documentation of mbedtls_ssl_get_peer_cert()
  Improve documentation of MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
  Fix indentation of Doxygen comment in ssl_internal.h
  Set peer CRT length only after successful allocation
  Remove question in comment about verify flags on cli vs. server
  Remove misleading and redundant guard around restartable ECC field
  Add test for !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE to all.sh
  Free peer CRT chain immediately after verifying it
  ...
2019-03-01 12:46:07 +00:00
Simon Butcher
195bddebcc Merge remote-tracking branch 'restricted/pr/528' into development
* restricted/pr/528:
  Update query_config.c
  Fix failure in SSLv3 per-version suites test
  Adjust DES exclude lists in test scripts
  Clarify 3DES changes in ChangeLog
  Fix documentation for 3DES removal
  Exclude 3DES tests in test scripts
  Fix wording of ChangeLog and 3DES_REMOVE docs
  Reduce priority of 3DES ciphersuites
2019-03-01 12:45:45 +00:00
Simon Butcher
74ac6e3fec Merge remote-tracking branch 'public/pr/2028' into development
* public/pr/2028:
  Update the crypto submodule to a78c958
  Fix ChangeLog entry to correct release version
  Fix typo in x509write test data
  Add ChangeLog entry for unused bits in bitstrings
  Improve docs for named bitstrings and their usage
  Add tests for (named) bitstring to suite_asn1write
  Add new function mbedtls_asn1_write_named_bitstring()
2019-03-01 12:44:19 +00:00
Simon Butcher
bbed914b41 Merge remote-tracking branch 'public/pr/2447' into development
* public/pr/2447:
  Unbump version to 0.0.0
2019-03-01 12:41:25 +00:00
Simon Butcher
700cbac98a Merge remote-tracking branch 'public/pr/2448' into development
* public/pr/2448:
  Reword changelog entry
  Update change log
  Reenable GnuTLS next based tests
2019-03-01 12:40:43 +00:00
Manuel Pégourié-Gonnard
aa946b2d49 Fix failure in SSLv3 per-version suites test
The test used 3DES as the suite for SSLv3, which now makes the handshake fails
with "no ciphersuite in common", failing the test as well. Use Camellia
instead (as there are not enough AES ciphersuites before TLS 1.2 to
distinguish between the 3 versions).

Document some dependencies, but not all. Just trying to avoid introducing new
issues by using a new cipher here, not trying to make it perfect, which is a
much larger task out of scope of this commit.
2019-03-01 10:22:04 +01:00
Andres Amaya Garcia
419bd0011f Adjust DES exclude lists in test scripts 2019-03-01 10:22:04 +01:00
Andres Amaya Garcia
bdfba79f0d Fix documentation for 3DES removal 2019-03-01 10:21:11 +01:00
Andres Amaya Garcia
2dadab7d3f Exclude 3DES tests in test scripts 2019-03-01 10:21:11 +01:00
Andres Amaya Garcia
412ddf3812 Fix typo in x509write test data 2019-02-28 09:38:03 +00:00
Andres Amaya Garcia
7067f812f8 Add tests for (named) bitstring to suite_asn1write 2019-02-28 09:36:30 +00:00
Jaeden Amero
001626e44e Fix typo in data_file generator code
The file to generate is `server10_int3-bs.pem`, not
`server10-bs_int3-bs.pem`.
2019-02-27 17:17:02 +00:00
Jaeden Amero
a78c958b17 Merge remote-tracking branch 'tls/pr/2028' into development 2019-02-27 15:21:44 +00:00
Jaeden Amero
a9d6ba2510 Merge remote-tracking branch 'tls/development' into development
Additional work done as part of merge:
    - Run ./tests/scripts/check-generated-files.sh and check in the
      resulting changes to programs/ssl/query_config.c
2019-02-27 15:15:53 +00:00
Janos Follath
54ba3eb7de ECP: Clarify test descriptions 2019-02-27 14:47:10 +00:00
Gilles Peskine
e915d532a6 Silence pylint
Silence pylint in specific places where we're doing slightly unusual
or dodgy, but correct.
2019-02-27 11:03:25 +01:00
Gilles Peskine
23e64f226b check-files.py: readability improvement in permission check 2019-02-27 11:03:25 +01:00
Gilles Peskine
1e9698af4b check-files.py: use class fields for class-wide constants
In an issue tracker, heading and files_exemptions are class-wide
constants, so make them so instead of being per-instance fields.
2019-02-27 11:03:25 +01:00
Gilles Peskine
6ee576e0b5 check-files.py: clean up class structure
Line issue trackers are conceptually a subclass of file issue
trackers: they're file issue trackers where issues arise from checking
each line independently. So make it an actual subclass.

Pylint pointed out the design smell: there was an abstract method that
wasn't always overridden in concrete child classes.
2019-02-27 11:03:25 +01:00
Gilles Peskine
0d060ef328 check-files.py: document some classes and methods
Document all classes and longer methods.

Declare a static method as such. Pointed out by pylint.
2019-02-27 11:03:25 +01:00
Gilles Peskine
aad2ebdf30 Fix pylint errors going uncaught
Make check-python-files.sh run pylint on all *.py files (in
directories where they are known to be present), rather than list
files explicitly.

Fix a bug whereby the return status of check-python-files.sh was only
based on the last file passing, i.e. errors in other files were
effectively ignored.

Make check-python-files.sh run pylint unconditionally. Since pylint3
is not critical, make all.sh to skip running check-python-files.sh if
pylint3 is not available.
2019-02-27 11:03:25 +01:00
Gilles Peskine
b2c269eeee Call pylint3, not pylint
We use Python 3, so call Pylint for Python 3, not for Python 2.
2019-02-27 11:03:24 +01:00
Gilles Peskine
7f61575cba New, documented pylint configuration
The pylint configuration in .pylint was a modified version of the
output of `pylint --generate-rcfile` from an unknown version of
pylint. Replace it with a file that only contains settings that are
modified from the default, with an explanation of why each setting is
modified.

The new .pylintrc was written from scratch, based on the output of
pylint on the current version of the files and on a judgement of what
to silence generically, what to silence on a case-by-case basis and
what to fix.
2019-02-27 11:03:24 +01:00
Janos Follath
bf42408528 Improve ECP test names 2019-02-26 16:49:52 +00:00
Janos Follath
df9295b7ec Make ecp_get_type public
The ecp_get_type function comes handy in higher level modules and tests
as well. It is not inline anymore, to enable alternative implementations
to implement it for themselves.
2019-02-26 16:49:42 +00:00
Janos Follath
4ffdbe0979 Add more tests for ecp_read_key 2019-02-26 16:48:40 +00:00
Janos Follath
28eb06df16 ECP: Catch unsupported import/export
mbedtls_ecp_read_key() module returned without an error even when
importing keys corresponding to the requested group was not
implemented.

We change this and return an error when the requested group is not
supported and make the remaining import/export functions more robust.
2019-02-26 16:48:40 +00:00
Janos Follath
e5670f2663 Remove unnecessary cast from ECP test 2019-02-26 16:48:40 +00:00
Hanno Becker
fe9aec4cb1 Reintroduce numerous ssl-opt.sh tests if !MBEDTLS_SSL_KEEP_PEER_CERT 2019-02-26 14:38:09 +00:00
Hanno Becker
545ced45f7 Add test for !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE to all.sh 2019-02-26 14:38:09 +00:00
Hanno Becker
d0aac14303 Add dependency to ssl-opt.sh tests which need peer CRT debug info 2019-02-26 14:38:09 +00:00
Gilles Peskine
9e0a4a54a2 Test abort after failed setup
Commit "Smoke-test operation contexts after setup+abort" replaced
{failed-setup; abort} sequences by {failed-setup; successful-setup}.
We want to test that, but we also want to test {failed-setup; abort}.
So test {failed-setup; abort; failed-setup; successful-setup}.
2019-02-26 11:29:17 +01:00
Gilles Peskine
f426e0f303 Smoke-test operation contexts after setup+abort
After a successful setup followed by abort, or after a failed setup
from an inactive state, a context must be usable. Test this for
hash, MAC and cipher contexts.
2019-02-26 11:29:16 +01:00
Janos Follath
ffbd7e8ff3 Improve mbedtls_ecp_point_read_binary tests
Renamed the tests because they are explicitly testing Curve25519 and
nothing else. Improved test coverage, test documentation and extended
in-code documentation with a specific reference to the standard as well.
2019-02-25 11:49:54 +00:00
Janos Follath
7caf8e452f Add Montgomery points to ecp_point_write_binary
The library is able to perform computations and cryptographic schemes on
curves with x coordinate ladder representation. Here we add the
capability to export such points.
2019-02-22 15:42:18 +00:00
Janos Follath
ab0f71a22a ECDH: Add test vectors for Curve25519
The test vectors added are published in RFC 7748.
2019-02-22 15:42:03 +00:00
Janos Follath
e344d0f6fc Add little endian export to Bignum
The function `mbedtls_mpi_write_binary()` writes big endian byte order,
but we need to be able to write little endian in some caseses. (For
example when handling keys corresponding to Montgomery curves.)

Used `echo xx | tac -rs ..` to transform the test data to little endian.
2019-02-22 15:41:31 +00:00
Janos Follath
171a7efd02 Add mbedtls_ecp_read_key
The private keys used in ECDH differ in the case of Weierstrass and
Montgomery curves. They have different constraints, the former is based
on big endian, the latter little endian byte order. The fundamental
approach is different too:
- Weierstrass keys have to be in the right interval, otherwise they are
  rejected.
- Any byte array of the right size is a valid Montgomery key and it
  needs to be masked before interpreting it as a number.

Historically it was sufficient to use mbedtls_mpi_read_binary() to read
private keys, but as a preparation to improve support for Montgomery
curves we add mbedtls_ecp_read_key() to enable uniform treatment of EC
keys.

For the masking the `mbedtls_mpi_set_bit()` function is used. This is
suboptimal but seems to provide the best trade-off at this time.
Alternatives considered:
- Making a copy of the input buffer (less efficient)
- removing the `const` constraint from the input buffer (breaks the api
and makes it less user friendly)
- applying the mask directly to the limbs (violates the api between the
modules and creates and unwanted dependency)
2019-02-22 15:39:03 +00:00
Janos Follath
59b813c7be Add Montgomery points to ecp_point_read_binary
The library is able to perform computations and cryptographic schemes on
curves with x coordinate ladder representation. Here we add the
capability to import such points.
2019-02-22 15:38:46 +00:00
Janos Follath
a778a94b7d Add little endian import to Bignum
The function `mbedtls_mpi_read_binary()` expects big endian byte order,
but we need to be able to read from little endian in some caseses. (For
example when handling keys corresponding to Montgomery curves.)

Used `echo xx | tac -rs .. | tr [a-z] [A-Z]` to transform the test data
to little endian and `echo "ibase=16;xx" | bc` to convert to decimal.
2019-02-22 15:38:32 +00:00
Jaeden Amero
86016a03a1 Merge remote-tracking branch 'origin/pr/2338' into development 2019-02-22 12:55:30 +00:00
Jaeden Amero
e895342522 Merge remote-tracking branch 'origin/pr/2427' into development 2019-02-22 12:53:13 +00:00
Gilles Peskine
e023c80477 Test undefining MBEDTLS_ECDH_LEGACY_CONTEXT in all.sh
Test that the library works with the new context format.
2019-02-22 13:04:23 +01:00
Jaeden Amero
415620c1f2 Merge remote-tracking branch 'origin/pr/2105' into development
Additional work done as part of merge:
    - Run ./tests/scripts/check-generated-files.sh and check in the
      resulting changes to programs/ssl/query_config.c
2019-02-22 10:33:15 +00:00
Jaeden Amero
8963b0311c Merge remote-tracking branch 'origin/pr/2411' into development 2019-02-22 10:32:44 +00:00
Jaeden Amero
d9516b508a Merge remote-tracking branch 'origin/pr/2407' into development 2019-02-22 10:32:44 +00:00
Jaeden Amero
0ae63f7bc3 Merge remote-tracking branch 'origin/pr/2383' into development 2019-02-22 10:32:43 +00:00