Commit Graph

1620 Commits

Author SHA1 Message Date
Andres Amaya Garcia
60100d09ee Improve leap year test names in x509parse.data 2017-10-12 23:21:37 +01:00
Andres Amaya Garcia
735b37eeef Correctly handle leap year in x509_date_is_valid()
This patch ensures that invalid dates on leap years with 100 or 400
years intervals are handled correctly.
2017-10-12 23:21:37 +01:00
Janos Follath
b0f148c0ab Renegotiation: Add tests for SigAlg ext parsing
This commit adds regression tests for the bug when we didn't parse the
Signature Algorithm extension when renegotiating. (By nature, this bug
affected only the server)

The tests check for the fallback hash (SHA1) in the server log to detect
that the Signature Algorithm extension hasn't been parsed at least in
one of the handshakes.

A more direct way of testing is not possible with the current test
framework, since the Signature Algorithm extension is parsed in the
first handshake and any corresponding debug message is present in the
logs.
2017-10-12 23:21:37 +01:00
Hanno Becker
dfd15b3444 Add toy example triggering early abort in mbedtls_rsa_deduce_primes 2017-10-12 09:14:09 +01:00
Hanno Becker
e167fe6a53 Correct pkparse test case to lead to failure for MBEDTLS_RSA_NO_CRT
The test case parses an RSA private key with N=P=Q=D=E=1 and expects a failure from the PK layer. With the weakened
semantics of `mbedtls_rsa_complete`, the latter won't throw an error on that key in case if MBEDTLS_RSA_NO_CRT is
set. This commit modifies the test case to use N=2 which is rejected by `mbedtls_rsa_complete` regardless of whether
MBEDTLS_RSA_NO_CRT is set or not.
2017-10-11 19:42:56 +01:00
Hanno Becker
7643d4e30c Fix number of loop iterations in mbedtls_deduce_primes
The number of loop iterations per candidate in `mbedtls_deduce_primes` was off
by one. This commit corrects this and removes a toy non-example from the RSA
test suite, as it seems difficult to have the function fail on small values of N
even if D,E are corrupted.
2017-10-11 16:32:49 +01:00
Janos Follath
88f5808c13 Renegotiation: Add tests for SigAlg ext parsing
This commit adds regression tests for the bug when we didn't parse the
Signature Algorithm extension when renegotiating. (By nature, this bug
affected only the server)

The tests check for the fallback hash (SHA1) in the server log to detect
that the Signature Algorithm extension hasn't been parsed at least in
one of the handshakes.

A more direct way of testing is not possible with the current test
framework, since the Signature Algorithm extension is parsed in the
first handshake and any corresponding debug message is present in the
logs.
2017-10-11 12:49:09 +01:00
Hanno Becker
a565f54c4c Introduce new files rsa_internal.[ch] for RSA helper functions
This commit splits off the RSA helper functions into separate headers and
compilation units to have a clearer separation of the public RSA interface,
intended to be used by end-users, and the helper functions which are publicly
provided only for the benefit of designers of alternative RSA implementations.
2017-10-11 11:00:19 +01:00
Hanno Becker
04877a48d4 Adapt rsa_import tests to weakened semantics of rsa_complete
The tests now accept two result parameters, one for the expected result of the
completion call, and one for the expected result of the subsequent sanity
check.
2017-10-11 10:01:33 +01:00
Hanno Becker
7f25f850ac Adapt uses of mbedtls_rsa_complete to removed PRNG argument 2017-10-10 16:56:22 +01:00
Hanno Becker
f9e184b9df Remove PRNG argument from mbedtls_rsa_complete 2017-10-10 16:55:41 +01:00
Andres Amaya Garcia
3f50f511de Ensure failed test_suite output is sent to stdout
The change modifies the template code in tests/suites/helpers.function
and tests/suites/main.function so that error messages are printed to
stdout instead of being discarded. This makes errors visible regardless
of the --verbose flag being passed or not to the test suite programs.
2017-10-07 18:15:28 +01:00
Andres Amaya Garcia
def0339db2 Ensure failed test_suite output is sent to stdout
The change modifies the template code in tests/suites/helpers.function
and tests/suites/main.function so that error messages are printed to
stdout instead of being discarded. This makes errors visible regardless
of the --verbose flag being passed or not to the test suite programs.
2017-10-07 17:33:34 +01:00
Hanno Becker
21acb66cba Correct typo: PBDFK -> PBKDF 2017-10-06 14:38:15 +01:00
Andres Amaya Garcia
67d8da522f Remove use of GNU sed features from ssl-opt.sh 2017-10-06 11:59:13 +01:00
Andres Amaya Garcia
3b1bdff285 Fix typos in ssl-opt.sh comments 2017-10-06 11:59:13 +01:00
Andres Amaya Garcia
b84c40b12f Add ssl-opt.sh test to check gmt_unix_time is good
Add a test to ssl-opt.sh that parses the client and server debug
output and then checks that the Unix timestamp in the ServerHello
message is within acceptable bounds.
2017-10-06 11:59:13 +01:00
Andres Amaya Garcia
93993defd1 Extend ssl-opt.h so that run_test takes function
Extend the run_test function in ssl-opt.sh so that it accepts the -f
and -F options. These parameters take an argument which is the name of
a shell function that will be called by run_test and will be given the
client input and output debug log. The idea is that these functions are
defined by each test and they can be used to do some custom check
beyon those allowed by the pattern matching capabilities of the
run_test function.
2017-10-06 11:59:13 +01:00
Hanno Becker
b25c0c78cf Add test case calling ssl_set_hostname twice
Add a test case calling ssl_set_hostname twice to test_suite_ssl.
When run in CMake build mode ASan, this catches the current leak,
but will hopefully be fine with the new version.
2017-10-06 11:58:50 +01:00
Gilles Peskine
964faeb6c4 Cleaned up get_line for test data files
Look, ma, a use for do...while!

Also removed 1-3 calls to strlen.
2017-10-06 11:58:50 +01:00
Gilles Peskine
b04e2c3d81 Allow comments in test data files 2017-10-06 11:58:50 +01:00
Andres Amaya Garcia
acdae0cb33 Remove use of GNU sed features from ssl-opt.sh 2017-10-06 11:55:32 +01:00
Andres Amaya Garcia
5987ef451c Fix typos in ssl-opt.sh comments 2017-10-06 11:55:32 +01:00
Andres Amaya Garcia
ac36e382a9 Add ssl-opt.sh test to check gmt_unix_time is good
Add a test to ssl-opt.sh that parses the client and server debug
output and then checks that the Unix timestamp in the ServerHello
message is within acceptable bounds.
2017-10-06 11:55:32 +01:00
Andres Amaya Garcia
a46a58ab94 Extend ssl-opt.h so that run_test takes function
Extend the run_test function in ssl-opt.sh so that it accepts the -f
and -F options. These parameters take an argument which is the name of
a shell function that will be called by run_test and will be given the
client input and output debug log. The idea is that these functions are
defined by each test and they can be used to do some custom check
beyon those allowed by the pattern matching capabilities of the
run_test function.
2017-10-06 11:55:32 +01:00
Hanno Becker
f8b56d4e41 Adapt RSA test suite
Don't expect alternative implementations to implement the RSA operations for wrong key-types.
2017-10-05 10:30:13 +01:00
Hanno Becker
0f65e0ca03 Rename rsa_deduce_moduli to rsa_deduce_primes 2017-10-03 14:40:44 +01:00
Hanno Becker
8ba6ce4f4f Rename rsa_deduce_private to rsa_deduce_private_exponent 2017-10-03 14:40:43 +01:00
Hanno Becker
db13cefde2 Correct typo in RSA test suite data 2017-10-03 14:31:05 +01:00
Hanno Becker
c21a8db3fe Adapt test suites to modified error codes
As the new PKCS v1.5 verification function opaquely compares an expected encoding to the given one, it cannot
distinguish multiple reasons of failure anymore and instead always returns MBEDTLS_ERR_RSA_VERIFY_FAILED. This
necessitates some modifications to the expected return values of some tests verifying signatures with bad padding.
2017-10-03 07:58:00 +01:00
Hanno Becker
558477d073 Add tests for non-reduced length encoding in PKCS1 v15 signatures
This commit adds some tests to the RSA test suite verifying that RSA PKCS-v15 signatures with non-reduced length
encodings are refuted. Details are provided via comments in the test suite data file.
2017-10-03 07:57:16 +01:00
Hanno Becker
3f3ae85e11 Correct memory leak in RSA test suite
The test for `mbedtls_rsa_import_raw` didn't include freeing the allocate buffers.
2017-10-02 13:17:01 +01:00
Hanno Becker
bdefff1dde Change signature of mbedtls_rsa_deduce_private
Make input arguments constant and adapt the implementation to use a temporary instead of in-place operations.
2017-10-02 09:59:48 +01:00
Hanno Becker
713fe7f66c Add test case calling ssl_set_hostname twice
Add a test case calling ssl_set_hostname twice to test_suite_ssl.
When run in CMake build mode ASan, this catches the current leak,
but will hopefully be fine with the new version.
2017-09-30 23:34:52 +01:00
Hanno Becker
08a36dde80 Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
Gilles Peskine
5b7ee07ff6 Cleaned up get_line for test data files
Look, ma, a use for do...while!

Also removed 1-3 calls to strlen.
2017-09-29 18:00:25 +02:00
Gilles Peskine
26182edd0c Allow comments in test data files 2017-09-29 15:45:12 +02:00
Hanno Becker
e1582a832b Add expectation when testing RSA key import/export
This commit adds a flag to the RSA import/export tests indicating whether it is
expected that a full RSA keypair can be set up from the provided parameters.

Further, the tests of `mbedtls_rsa_import` and `mbedtls_rsa_import_raw` are
expanded to perform key checks and an example encryption-decryption.
2017-09-29 11:54:05 +01:00
Hanno Becker
4d6e83406c Improve readability of test for mbedtls_rsa_import 2017-09-29 11:54:05 +01:00
Hanno Becker
54cfc585cd Add test cases for mbedtls_rsa_import[_raw] where N is missing 2017-09-29 11:54:05 +01:00
Hanno Becker
cc56628117 Don't use all_final as a target in tests/data_files/Makefile
The `neat` target in that Makefile assumes all_final to be a concatenation of
file names.
2017-09-26 16:21:19 +01:00
Hanno Becker
6428f8d78e Let ssl-opt.sh gracefully fail is SSL_MAX_CONTENT_LEN is not 16384
Some tests in ssl-opt.sh require MBEDTLS_SSL_MAX_CONTENT_LEN to be set to its
default value of 16384 to succeed. While ideally such a dependency should not
exist, as a short-term remedy this commit adds a small check that will at least
lead to graceful exit if that assumption is violated.
2017-09-22 16:58:50 +01:00
Hanno Becker
09930d1f01 Add expected number of fragments to 16384-byte packet tests 2017-09-18 16:11:42 +01:00
Hanno Becker
c526696c05 Add tests for messages beyond 16384 bytes to ssl-opt.sh
This commit adds four tests to ssl-opt.sh testing the library's behavior when
`mbedtls_ssl_write` is called with messages beyond 16384 bytes. The combinations
tested are TLS vs. DTLS and MBEDTLS_SSL_MAX_FRAGMENT_LENGTH enabled vs. disabled.
2017-09-18 16:11:42 +01:00
Hanno Becker
4aed27e469 Add missing test-dependencies for MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
The tests for the maximum fragment length extension were lacking a dependency on
MBEDTLS_SSL_MAX_FRAGMENT_LENGTH being set in the config.
2017-09-18 16:11:42 +01:00
Hanno Becker
5175ac6e13 Add tests for disabled MFL-extension to all.sh
This commit adds a build with default config except
MBEDTLS_SSL_MAX_FRAGMENT_LENGTH to all.sh, as well as a run of the MFL-related
tests in ssl-opt.sh.
2017-09-18 16:11:39 +01:00
Hanno Becker
d4a872ee67 Rename internal MBEDTLS_ENTROPY_HAVE_STRONG to ENTROPY_HAVE_STRONG
This commit renames the test-only flag MBEDTLS_ENTROPY_HAVE_STRONG to ENTROPY_HAVE_STRONG to make it more transparent
that it's an internal flag, and also to content the testscript tests/scripts/check-names.pl which previously complained
about the macro occurring in a comment in `entropy.c` without being defined in a library file.
2017-09-14 08:04:13 +01:00
Hanno Becker
81535d0011 Minor style and typo corrections 2017-09-14 07:51:54 +01:00
Hanno Becker
476986547b Omit version from X.509 v1 certificates
The version field in an X.509 certificate is optional and defaults to v1, so it
may be omitted in this case.
2017-09-14 07:51:54 +01:00
Hanno Becker
418a62242b Extend tests/data_files/Makefile to include CRT's for CRT write test 2017-09-14 07:51:28 +01:00
Hanno Becker
5a4f172522 Add suffix for 1024-bit RSA key files
Previously, 2048-bit and 4096-bit RSA key files had their bitsize indicated in their filename, while the original
1024-bit keys hadn't. This commit unifies the naming scheme by always indicating the bitsize in the filename.
2017-09-07 15:40:30 +01:00
Hanno Becker
c8063c58f0 Correct Makefile in tests/data_files
The documentation of the target `all_final` was no longer accurate, and numerous non-file targets were missing in the
.PHONY section.
2017-09-07 15:30:12 +01:00
Hanno Becker
55b1a0af0c Add further tests for DER-encoded PKCS8-v2-DES encrypted RSA keys
For uniformity, this commit adds tests for DER encoded PKCS8-v2-DES encrypted RSA keys that were already present for
PKCS8-v2-3DES encrypted RSA keys.
2017-09-05 10:43:20 +01:00
Hanno Becker
7d108257a4 Add further tests for new RSA keys
For uniformity, this commit adds tests for DER encoded, SHA1-2DES and SHA1-RC4-128-encrypted RSA keys; for SHA1-3DES encrypted keys, these were already present.
2017-09-05 10:35:31 +01:00
Hanno Becker
8fdfc98676 Update keyfiles
This commit replaces the previous keyfiles with those generated by the commands added in the previous commit.
2017-09-05 10:08:37 +01:00
Hanno Becker
d16f6126c7 Add RSA key generation commands to test Makefile
This commit adds the commands used to generate the various RSA keys to tests/Makefile so that they can be easily
regenerated or modified, e.g. if larger key sizes or other encryption algorithms need to be tested in the future.
2017-09-05 10:08:37 +01:00
Hanno Becker
37c6b6b339 Add tests for encrypted 2048 and 4096-bit RSA keys 2017-08-26 09:22:14 +01:00
Hanno Becker
750e8b4596 Rename rsa_check_params->rsa_validate_params and change error codes 2017-08-25 08:34:55 +01:00
Hanno Becker
bf37b10370 Add test run for RSA_NO_CRT to all.sh 2017-08-23 16:17:28 +01:00
Hanno Becker
131134fa1a Adapt RSA test suite to deal with RSA_NON_CRT option 2017-08-23 16:17:28 +01:00
Hanno Becker
ceb7a9ddb3 Adapt RSA test suites to new RSA interface 2017-08-23 16:17:27 +01:00
Hanno Becker
6326a6da7f Adapt PKCS v21 test suite to new RSA interface 2017-08-23 16:17:27 +01:00
Hanno Becker
6d43f9e0a4 Adapt PKCS v15 test suite to new RSA interface 2017-08-23 16:17:27 +01:00
Hanno Becker
d71dc159a6 Adapt PK test suite to use new interface 2017-08-23 16:17:27 +01:00
Hanno Becker
ce00263bd2 Add tests for rsa_check_params
This commit adds test for the new library function mbedtls_rsa_check_params for
checking a set of RSA core parameters. There are some toy example tests with
small numbers that can be verified by hand, as well as tests with real world
numbers. Complete, partial and corrupted data are tested, as well the check for
primality exactly if a PRNG is provided.
2017-08-23 15:07:39 +01:00
Hanno Becker
f1b9a2c783 Add tests for rsa_export_raw
This commit adds tests for the new library function mbedtls_rsa_export_raw.
Each test case performs the following steps:

- Parse and convert a set of hex-string decoded core RSA parameters into big
  endian byte arrays.
- Use these to initialize an RSA context
- Export core RSA parameters as byte arrays again afterwards
- Compare byte strings.

Each test split is performed twice, once with successive and once with
simultaneous exporting.
2017-08-23 15:05:35 +01:00
Hanno Becker
417f2d6107 Add tests for rsa_export
This commit adds tests for the new library function mbedtls_rsa_export. Each
test case performs the following steps:

- Parse and convert a set of hex-string decoded core RSA parameters into MPI's.
- Use these to initialize an RSA context
- Export core RSA parameters as MPI's again afterwards
- Compare initial MPI's to exported ones.

In the private key case, all core parameters are exported and sanity-checked,
regardless of whether they were also used during setup.

Each test split is performed twice, once with successive and once with
simultaneous exporting.
2017-08-23 15:04:39 +01:00
Hanno Becker
c77ab892e5 Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.

Each test is determined by the following parameters:
1) Set of parameters provided
   We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
   that are sufficient to generate missing parameters, and the partial and
   insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
   The functions rsa_import and rsa_import_raw accept importing parameters at
   once or one after another. We test both.
3) Sanity of parameters
2017-08-23 15:02:57 +01:00
Hanno Becker
e78fd8d1b6 Add tests for rsa_deduce_moduli
This commit adds test for the new library function mbedtls_rsa_deduce_moduli for
deducing the prime factors (P,Q) of an RSA modulus N from knowledge of a
pair (D,E) of public and private exponent:

- Two toy examples that can be checked by hand, one fine and with bad parameters.
- Two real world examples, one fine and one with bad parameters.
2017-08-23 14:47:25 +01:00
Hanno Becker
6b4ce49991 Add tests for rsa_deduce_private
This commit adds tests for the new library function mbedtls_rsa_deduce_private
for deducing the private RSA exponent D from the public exponent E and the
factorization (P,Q) of the RSA modulus:

- Two toy examples with small numbers that can be checked by hand, one
  working fine and another failing due to bad parameters.

- Two real world examples, one fine and one with bad parameters.
2017-08-23 14:47:25 +01:00
Hanno Becker
8fd5548241 Minor formatting changes 2017-08-23 14:47:25 +01:00
Simon Butcher
72ea31b026 Update version number to 2.6.0 2017-08-10 11:51:16 +01:00
Simon Butcher
bcfa6f42e3 Fix the check for max CA intermediates in ssl-opt.sh
The tests only work for a specific number for MBEDTLS_X509_MAX_INTERMEDIATE_CA
so the check has been changed to confirm the default value, and to show an error
otherwise.
2017-07-28 16:43:33 +01:00
Simon Butcher
efdfeeba6a Fix threshold checks for MBEDTLS_X509_MAX_INTERMEDIATE_CA 2017-07-28 12:15:13 +01:00
Simon Butcher
06b786372c Change a ssl-opt.sh script sanity checks
Change the check in ssl-opt.sh for MBEDTLS_X509_MAX_INTERMEDIATE_CA to
check config.h instead of the x509 headers.
2017-07-28 01:00:17 +01:00
Andres AG
7d6ec7bacc Add CRT DER tests with incorrect version 2017-07-27 21:44:34 +01:00
Andres AG
c124061681 Add CRL DER tests with incorrect version 2017-07-27 21:44:34 +01:00
Andres AG
6fb6d79a37 Add CSR DER tests with incorrect version 2017-07-27 21:44:34 +01:00
Ron Eldor
d922c78aa4 Move the git scripts to correct path
The git scripts were accidently put in `test` folder instead of `tests`.
Moved them to `tests` folder
2017-07-27 21:44:34 +01:00
Ron Eldor
bf007d297d Pre push hook script
Add git_hook folder, and pre-push script,
to be soft linked from .git/hooks/pre-push
2017-07-27 21:44:34 +01:00
Simon Butcher
2c4d558873 Fixes test for MBEDTLS_NO_UDBL_DIVISION
The test for MBEDTLS_NO_UDBL_DIVISION wasn't preserving it's own config.h
for the next test.

Also added comments to ARM Compiler 6 tests to better explain them.
2017-07-27 21:44:34 +01:00
Andres Amaya Garcia
f755bb3adf Remove MBEDTLS_TYPE_UDBL tests from all.sh 2017-07-27 21:44:33 +01:00
Andres Amaya Garcia
465db7eba1 Fix no 64-bit division test in all.sh 2017-07-27 21:44:33 +01:00
Andres Amaya Garcia
9946783218 Add tests for 64 and 32-bit int types compilation 2017-07-27 21:44:33 +01:00
Gilles Peskine
b1a977f5a7 MBEDTLS_NO_INT64_DIVISION -> MBEDTLS_NO_UDBL_DIVISION
Changed the option to disable the use of 64-bit division, to an option
to disable the use of double-width division, whether that's 64 or 128-bit.
2017-07-27 21:44:33 +01:00
Andres Amaya Garcia
5e873fb464 Add all.sh test to force 32-bit compilation 2017-07-27 21:44:33 +01:00
Ron Eldor
5a21fd62bf fix for issue 1118: check if iv is zero in gcm.
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
2017-07-27 21:44:33 +01:00
Hanno Becker
3b1422e55e Check threshold for MBEDTLS_X509_MAX_INTERMEDIATE_CA in X509 tests
The X509 test suite assumes that MBEDTLS_X509_MAX_INTERMEDIATE_CA is below the
hardcoded threshold 20 used in the long certificate chain generating script
tests/data_files/dir-max/long.sh. This commit adds a compile-time check for
that.
2017-07-26 13:49:38 +01:00
Hanno Becker
e908c3de67 Improve Readme for long test certificate chains 2017-07-26 13:49:38 +01:00
Hanno Becker
a6bca9f19e Check value of MBEDTLS_X509_MAX_INTERMEDIATE_CA in ssl-opt.sh
Some tests in ssl-opt.sh assumes the value 8 for the maximal number
MBEDTLS_X509_MAX_INTERMEDIATE_CA of intermediate CA's. This commit adds a check
before conducting the respective tests.
2017-07-26 13:49:32 +01:00
Andres AG
eacc616a9c Add CRT DER tests with incorrect version 2017-07-26 12:13:13 +01:00
Andres AG
2a9fd0e5c7 Add CRL DER tests with incorrect version 2017-07-26 12:13:04 +01:00
Andres AG
ae7b1c4aed Add CSR DER tests with incorrect version 2017-07-26 12:12:53 +01:00
Ron Eldor
4d90d56dfe Move the git scripts to correct path
The git scripts were accidently put in `test` folder instead of `tests`.
Moved them to `tests` folder
2017-07-24 21:47:30 +01:00
Hanno Becker
47deec488f Move flag indicating presence of strong entropy to test code 2017-07-24 15:31:30 +01:00
Ron Eldor
fcb7491a49 Pre push hook script
Add git_hook folder, and pre-push script,
to be soft linked from .git/hooks/pre-push
2017-07-24 14:25:26 +02:00
Hanno Becker
c6deafc0d4 Omit RSA key generation test if no strong entropy is present
The RSA key generation test needs strong entropy to succeed. This commit captures the presence of a strong entropy
source in a preprocessor flag and only runs the key generation test if that flag is set.
2017-07-24 09:09:01 +01:00
Simon Butcher
51aaa99473 Fixes test for MBEDTLS_NO_UDBL_DIVISION
The test for MBEDTLS_NO_UDBL_DIVISION wasn't preserving it's own config.h
for the next test.

Also added comments to ARM Compiler 6 tests to better explain them.
2017-07-23 13:42:36 +02:00
Hanno Becker
f058f34b5a Support negative dependencies in test cases
The entropy test suite uses a negative dependency "depends_on:!CONFIG_FLAG" for one of its tests. This kind of
dependency (running a test only if some configuration flag is not defined) is currently not supported and instead
results in the respective test case being dropped.

This commit adds support for negative dependencies in test cases.
2017-07-23 10:41:04 +01:00
Hanno Becker
75efa79201 Adapt generic test suite file to coding standard 2017-07-23 10:40:58 +01:00