yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-24 08:15:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,419 Commits 88 Branches 205 Tags 69 MiB
499391a02d
Commit Graph

1222 Commits

Author SHA1 Message Date
Janos Follath
38921c8837 X509: Future CA among trusted: add unit tests 2016-07-14 12:02:50 +01:00
Simon Butcher
64f5df5545 Changed version number to version 2.1.5 2016-06-27 19:37:08 +01:00
Simon Butcher
88aa189415 Merge branch 'mbedtls-2.1' into mbedtls-2.1 2016-06-27 01:16:16 +01:00
Janos Follath
b700c46750 Add a test for SSLv3 with extensions, server side 
This test verifies if the server parses or sends extensions when
the protocol is SSLv3.
 2016-05-23 14:43:54 +01:00
Paul Bakker
3b224ffd25 Split test into valgrind and no-valgrind version 
Running valgrind on: "DTLS client reconnect from same port: reconnect,
nbio" results in timeouts.

New version added that runs only under valgrind. Original only runs when
valgrind is not used
 2016-05-22 21:49:34 +01:00
Simon Butcher
6eb066ed56 Fixes RC4 config dependencies in tests in ssl-opt.h 
Adds dependencies on MBEDTLS_REMOVE_ARC4_CIPHERSUITES for tests that
require RC4 to be disabled (the default config).
 2016-05-19 22:25:42 +01:00
Janos Follath
f06edd695a Remove unused code from PKCS1v15 test suite 2016-05-18 19:36:04 +01:00
Simon Butcher
282e1d9130 Add missing config dependencies to PKCS1 V15 tests 2016-05-18 19:36:03 +01:00
Janos Follath
329149e575 Add tests to cover PKCS1 v1.5 signature functions. 
The reported memory leak should have been spotted by
make memcheck
But it wasn't. Keeping the tests for better coverage.
 2016-05-18 19:36:03 +01:00
Janos Follath
c184d9d34f Fix the broken pkcs1 v1.5 test. 
The random buffer handed over to the test function was too small
and the remaining bytes were generated by the default (platform
dependant) function.
 2016-05-18 19:36:03 +01:00
Janos Follath
b645c45865 Add tests for the bug IOTSSL-619. 
The main goal with these tests is to test the bug in question and
they are not meant to test the entire PKCS#1 v1.5 behaviour. To
achieve full test coverage, further test cases are needed.
 2016-05-18 19:30:09 +01:00
Simon Butcher
0705dd0588 Adds test for odd bit length RSA key size 
Also tidy up ChangeLog following review.
 2016-04-19 09:19:46 +01:00
Janos Follath
365b226a56 x509: trailing bytes in DER: add integration tests 2016-03-15 23:49:46 +00:00
Janos Follath
f6f5441fd1 x509: trailing bytes in DER: correct a unit test 
One of the unit test was failing, because it was testing behavior
that was part of the bug. Updated the return value to the correct one
 2016-03-15 23:48:25 +00:00
Simon Butcher
02b8d481f6 Adapt SSLv3 test configuration for new default 
Removed SSLv3 test suites from system tests in 'compat.sh' script, and
added SSLv3 specific tests to 'all.sh'
 2016-03-15 20:39:52 +00:00
Janos Follath
542ee5d8f3 Update default configuration 
Change the default settings for SSL and modify the tests accordingly.
 2016-03-07 16:34:25 +00:00
Manuel Pégourié-Gonnard
f10f85f676 Add test for yotta debug build 2016-01-08 15:08:49 +01:00
Manuel Pégourié-Gonnard
bb81b4a009 Make ar invocation more portable 
armar doesn't understand the syntax without dash. OTOH, the syntax with dash
is the only one specified by POSIX, and it's accepted by GNU ar, BSD ar (as
bundled with OS X) and armar, so it looks like the most portable syntax.

fixes #386
 2016-01-08 14:52:14 +01:00
Janos Follath
79a1da6948 Improved on the previous fix and added a test case to cover both types 
of carries.
 2016-01-08 14:48:01 +01:00
Janos Follath
5429c0a7d0 Improved on the fix of #309 and extended the test to cover subroutines. 2016-01-08 14:48:00 +01:00
Janos Follath
d0e0c03520 Tests and fix added for #309 (inplace mpi doubling). 2016-01-08 14:47:16 +01:00
Simon Butcher
543e4366bc Change version number to 2.1.4 
Changed version for library files and yotta module
 2016-01-04 22:41:11 +00:00
Manuel Pégourié-Gonnard
3cb2074a82 Add test case for root with max_pathlen=0 
This was already working but not tested so far

(Test case from previous commit still failing.)

Test certificates generated with:

programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert91.key
programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert92.key

programs/x509/cert_write serial=91 output_file=cert91.crt is_ca=1 \
    issuer_key=cert91.key issuer_name="CN=Root 9,O=mbed TLS,C=UK" \
    selfsign=1 max_pathlen=0
programs/x509/cert_write serial=92 output_file=cert92.crt \
    issuer_key=cert91.key issuer_name="CN=Root 9,O=mbed TLS,C=UK" \
    subject_key=cert92.key subject_name="CN=EE 92,O=mbed TLS,C=UK"

mv cert9?.crt tests/data_files/dir4
rm cert9?.key
 2015-11-19 11:25:30 +01:00
Manuel Pégourié-Gonnard
922cd9ba36 Add test case for first intermediate max_pathlen=0 
!!! This test case is currently failing !!!
(See fix in next-next commit.)

Test certificates generated with the following script:

programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert81.key
programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert82.key
programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert83.key

programs/x509/cert_write serial=81 output_file=cert81.crt is_ca=1 \
    issuer_key=cert81.key issuer_name="CN=Root 8,O=mbed TLS,C=UK" \
    selfsign=1
programs/x509/cert_write serial=82 output_file=cert82.crt is_ca=1 \
    issuer_key=cert81.key issuer_name="CN=Root 8,O=mbed TLS,C=UK" \
    subject_key=cert82.key subject_name="CN=Int 82,O=mbed TLS,C=UK" \
    max_pathlen=0
programs/x509/cert_write serial=83 output_file=cert83.crt \
    issuer_key=cert82.key issuer_name="CN=Int 82,O=mbed TLS,C=UK" \
    subject_key=cert83.key subject_name="CN=EE 83,O=mbed TLS,C=UK"

mv cert8?.crt tests/data_files/dir4
rm cert8?.key
 2015-11-19 11:25:27 +01:00
Simon Butcher
ef43d41f67 Changed version number to 2.1.3 
Changed for library
 2015-11-04 22:08:33 +00:00
Simon Butcher
5b289208cb Remove debugging code left in test case 
Removed debug code from tests/suites/test_suite_x509parse.function
 2015-11-04 21:50:54 +00:00
Simon Butcher
73156357ed Disable Yotta tests from 'all tests' script 
Yotta tests not supported in 2.1 branch
 2015-11-04 00:36:30 +00:00
Manuel Pégourié-Gonnard
e34dcd7ec5 Use own implementation of strsep() 
Not available on windows, and strtok() is not a good option
 2015-11-02 06:48:40 +09:00
Jonathan Leroy
e03fa7c16a Test certificate "Server1 SHA1, key_usage" reissued. 2015-11-02 05:58:58 +09:00
Manuel Pégourié-Gonnard
1d9348a06f Fix a style issue 2015-11-02 05:56:08 +09:00
Manuel Pégourié-Gonnard
fd1f9e735e Fix whitespace at EOL issues 2015-11-02 05:55:58 +09:00
Manuel Pégourié-Gonnard
841caf1b74 Use symbolic constants in test data 2015-11-02 05:55:39 +09:00
Janos Follath
36f1234d96 Additional corner cases for testing pathlen constrains. Just in case. 2015-11-02 05:55:15 +09:00
Janos Follath
c7bea3158a Added test case for pathlen constrains in intermediate certificates 2015-11-02 05:55:02 +09:00
Manuel Pégourié-Gonnard
d13585f1b3 Small improvement to test script 2015-10-30 16:56:30 +01:00
Manuel Pégourié-Gonnard
93080dfacf Fix missing check for RSA key length on EE certs 
- also adapt tests to use lesser requirement for compatibility with old
  testing material
 2015-10-28 13:22:32 +01:00
Manuel Pégourié-Gonnard
134ca18fbc Add key-exchanges.pl to test list 2015-10-28 13:17:18 +01:00
Manuel Pégourié-Gonnard
fe3affdad2 Add -Werror to reduced configs test scripts 2015-10-28 13:17:08 +01:00
Manuel Pégourié-Gonnard
4b56e755af Add script to test configs with single key exchanges 2015-10-28 13:15:23 +01:00
Manuel Pégourié-Gonnard
c4cbc94d44 Small fix to 'make test' script 
When the tests fail they don't display the number of skipped and run test
 2015-10-27 10:29:26 +01:00
Manuel Pégourié-Gonnard
c4e7d8a381 Bump version to 2.1.2 
Yotta version bumped to 2.1.3, as we had to do one more patch release to the
yotta registry to accommodate for dependencies updates.
 2015-10-05 19:13:36 +01:00
Manuel Pégourié-Gonnard
50a739f8c3 Add test for base64 output length 2015-09-30 16:31:10 +02:00
Manuel Pégourié-Gonnard
2f056a0aee Try to run yotta update for yotta build test 
But accept failures in case we're offline
 2015-09-18 14:37:54 +02:00
Manuel Pégourié-Gonnard
8cea8ad8b8 Bump version to 2.1.1 2015-09-17 11:58:45 +02:00
Manuel Pégourié-Gonnard
6ad23b9855 Make failing test more robust 
Let the client retry longer, to make sure the server will time out before the
client gives up. Make it really longer to get a deterministic client exit
status (make sure it has time to reconnect after the server timeout).
 2015-09-15 12:57:46 +02:00
Manuel Pégourié-Gonnard
259db91023 Add test without cookies 
Tune existing tests while at it
 2015-09-09 11:48:45 +02:00
Manuel Pégourié-Gonnard
d745a1a9b7 Add tests for hard reconnect 2015-09-08 12:40:43 +02:00
Manuel Pégourié-Gonnard
aac5502553 Bump version to 2.1.0 2015-09-04 14:33:31 +02:00
Simon Butcher
52754594b6 Merging iotssl-457-badtail with development branch 2015-09-03 13:06:01 +01:00
Manuel Pégourié-Gonnard
fdbdd72b8b Skip to trusted certs early in the chain 
This helps in the case where an intermediate certificate is directly trusted.
In that case we want to ignore what comes after it in the chain, not only for
performance but also to avoid false negatives (eg an old root being no longer
trusted while the newer intermediate is directly trusted).

closes #220
 2015-09-01 17:24:42 +02:00
Manuel Pégourié-Gonnard
560fea3767 Add tests for verify callback 
As we're about to change the chain construction logic, we want to make sure
the callback will still be called exactly when it should, and not on the
(upcoming) ignored certs in the chain.
 2015-09-01 17:24:42 +02:00
Manuel Pégourié-Gonnard
d68434efba Disable some tests with valgrind 
Tends to cause spurious failures on buildbots due to peer timing out.
Anyway, those tests are mainly for interop, any memory error is most likely
catched by some earlier self-op test. (Also, we'll run these tests with ASan
anyway.)
 2015-08-31 12:48:22 +02:00
Manuel Pégourié-Gonnard
4d04cdcd12 Fix RSA mutex fix 
Once the mutex is acquired, we must goto cleanup rather that return.
Since cleanup adjusts the return value, adjust that in test cases.

Also, at cleanup we don't want to overwrite 'ret', or we'll loose track of
errors.

see #257
 2015-08-31 09:31:55 +02:00
Manuel Pégourié-Gonnard
38db006e0c Finish test in pkwrite 2015-08-19 10:24:34 +02:00
Manuel Pégourié-Gonnard
04b7eec539 Fix pkwrite test that were failing on mingw32 
Apparently fread() writes some junk after the contents of the file. Don't look
at it.
 2015-08-18 19:49:40 +02:00
Manuel Pégourié-Gonnard
4b7027a8da Avoid race condition in test 
Apparently openssl s_server does not flush stdout, anyway sometimes the client
receives the reply and exits, thus terminating the test, before is request is
visible on the server's stdout. So, just don't check that, checking the
client's output and exit code is already enough.
 2015-08-10 13:18:48 +02:00
Manuel Pégourié-Gonnard
e33316c607 Add test build of shared libs for windows 2015-08-07 13:22:37 +02:00
Manuel Pégourié-Gonnard
32da9f66a8 Add support for MBEDTLS_USER_CONFIG_FILE 2015-08-06 09:57:54 +02:00
Manuel Pégourié-Gonnard
77d56bb6c2 Add yotta test builds to all.sh 2015-08-06 09:57:53 +02:00
Manuel Pégourié-Gonnard
ab5f7b40e0 Fix indentation 2015-08-04 21:01:37 +02:00
Manuel Pégourié-Gonnard
a365addc0a Make ssl-opt.sh more robust against client timeout 
Retry one time in case we have a client timeout. These should be fairly rare
but still happen from time to time with udp_proxy tests which is annoying, and
until now has never indicated an actual issue.
 2015-08-04 20:59:36 +02:00
Manuel Pégourié-Gonnard
74681fa2e6 Make ssl-opt.sh more tolerant to start timeouts 
Rather than flat-out die when we can't see the server started with lsof, just
stop waiting and try to go ahead with the test. Maybe it'll work if there was
a problem with lsof, most probably it will fail, but at least we'll have the
log, and the results of the following tests.

Note: date +%s isn't POSIX, but it works at least on Linux, Darwin/FreeBSD and
OpenBSD, which should be good enough for a test script.
 2015-08-04 20:34:39 +02:00
Manuel Pégourié-Gonnard
bf6ed08aaa Fix list-symbols.sh 
- make it work on Linux
- use all three libraries
 2015-08-04 17:46:21 +02:00
Manuel Pégourié-Gonnard
9afdc83d77 Fix bashisms in test scripts 2015-08-04 17:15:13 +02:00
Manuel Pégourié-Gonnard
39e2ca9194 Use OpenSSL in compat.sh on Travis, except DTLS 
Less heavy-handed than skipping all OpenSSL interop
 2015-08-04 16:43:37 +02:00
Manuel Pégourié-Gonnard
d55bc20e43 Fix missing gnutls guard in ssl-opt.sh 2015-08-04 16:22:30 +02:00
Manuel Pégourié-Gonnard
4268ae046b Fix test for new debug message level 
The issue was introduced in cb0d212c when a debug message that was incorrectly
set at level 0 was moved to level 2: now the tests need debug_level=2.
 2015-08-04 12:44:10 +02:00
Manuel Pégourié-Gonnard
0a8857435c DTLS: treat bad MAC on Finished as an error 
This is not required nor recommended by the protocol, and it's a layering
violation, but it's a know flaw in the protocol that you can't detect a PSK
auth error in any other way, so it is probably the right thing to do.

closes #227
 2015-08-04 12:11:17 +02:00
Manuel Pégourié-Gonnard
052d10c9d5 Accept a trailing space at end of PEM lines 
With certs being copy-pasted from webmails and all, this will probably become
more and more common.

closes #226
 2015-07-31 11:11:26 +02:00
Manuel Pégourié-Gonnard
4cc8c63226 Add test for extensionless ClientHello 2015-07-23 12:24:03 +02:00
Manuel Pégourié-Gonnard
e88b49323e Fix run-test-suite.pl with coverage 2015-07-15 12:31:12 +02:00
Paul Bakker
4cb87f409d Prepare for 2.0.0 release 2015-07-10 14:09:43 +01:00
Manuel Pégourié-Gonnard
78ec2b049c Cosmetics in Makefiles 2015-07-08 22:12:06 +01:00
Manuel Pégourié-Gonnard
1780f89ecf Some more scripts simplified 
make now has an alias test = check
 2015-07-08 22:08:02 +01:00
Manuel Pégourié-Gonnard
3d404b4763 Simplify some scripts 
ssl-opt.sh and compat.sh can now be run from root too
 2015-07-08 21:59:16 +01:00
Manuel Pégourié-Gonnard
89eb1970e9 mklink needs /d for directories 2015-07-08 21:39:43 +01:00
Manuel Pégourié-Gonnard
85113848bd Use Perl to run tests suites with make 
- works on Windows too!
- we need Perl to generate/build the test suites anyway
- easier & more flexible (eg, now count total number of tests run)
 2015-07-08 21:36:06 +01:00
Manuel Pégourié-Gonnard
6cacde2d57 Invoke perl directly in Makefile 
mingw32-make doesn't look too happy with #!/usr/bin/env perl
 2015-07-08 16:04:00 +02:00
Manuel Pégourié-Gonnard
7eb58cbae8 Rm obsolete hack in ssl-opt.sh 2015-07-07 11:54:14 +02:00
Manuel Pégourié-Gonnard
31cafa33d8 Rm obsolete test in ssl-opt.sh 2015-07-06 17:12:27 +02:00
Manuel Pégourié-Gonnard
ae738c29eb Fix warning from Perl 5.21 in helper script 2015-07-01 19:32:00 +02:00
Manuel Pégourié-Gonnard
3083053dd2 More cmake for windows tune-ups 2015-07-01 17:06:28 +02:00
Manuel Pégourié-Gonnard
7e2d68c1b2 cmake: -W flags only for GCC and Clang 2015-07-01 13:41:35 +02:00
Manuel Pégourié-Gonnard
a16e7c468c Rename a debug function 2015-06-29 20:14:19 +02:00
Manuel Pégourié-Gonnard
b74c245a20 Rework debug to not need dynamic alloc 
But introduces dependency on variadic macros
 2015-06-29 20:08:23 +02:00
Manuel Pégourié-Gonnard
fc36708697 Use $(MAKE), not make 
For the sake of systems where we want gmake.
 2015-06-26 16:50:24 +02:00
Manuel Pégourié-Gonnard
03db6b0da1 Cosmetics in test scripts 
Some versions of "which" print on stderr.
 2015-06-26 15:45:30 +02:00
Manuel Pégourié-Gonnard
4fd0b256a8 Fix dual use of buffer in test 
x509_get_name() does not make defensive copies of strings in its input (which
is OK as usually the caller will have made a copy already), so we shouldn't
reuse its input buffer as an output while "parsed" is still alive.
 2015-06-26 14:15:48 +02:00
Manuel Pégourié-Gonnard
4b00f08e20 Fix snprintf test 
Our Windows implementation based on vsnprintf_s( ..., _TRUNCATE ) sometimes
writes *two* terminating NULLs. Allow for that, but obviously bytes past the
end of the buffer mustn't be touched.
 2015-06-26 14:10:13 +02:00
Manuel Pégourié-Gonnard
ea9556a76e Fix mistaken changes in Makefile's clean target 
I was a bit too trigger-happy with copy-pasting in a previous commit...
 2015-06-25 14:19:25 +02:00
Manuel Pégourié-Gonnard
6dc2651f02 Cosmetics 2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
c84d0e1ec1 Use LD_LIBRARY_PATH to run test with SHARED=1 
In my tests on Linux, LD_PRELOAD does not seem to work, but LD_LIBRARY_PATH
does.
 2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
9b06abe1d1 Add a shared build with make on Linux to all.sh 2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
216a1831de Fix whitespace in CMakeLists.txt 
- all spaces no tabs
- indent with 4 spaces everywhere
 2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
e058ea2ed8 More consistent toolchains in all.sh 2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
21e1ac205e Fix linking order with make 
GNU ld cares about the order in which static libs are mentioned on the command
line: if A depends on B then A must com first.
 2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
5c59a4fea5 Split libs with make + general make cleanups 2015-06-25 10:59:56 +02:00
Manuel Pégourié-Gonnard
8d4a613cc5 Small Makefile improvements 
- fix old build commands still using OFLAGS
- make everything work with --warn-undefined-variables, which can be useful
  for debugging typos
 2015-06-25 10:59:56 +02:00
Manuel Pégourié-Gonnard
ac5361f7dc Fix small issues in tests found by Coverity 2015-06-24 01:08:09 +02:00
Manuel Pégourié-Gonnard
fd474233c8 Change SSL debug API in the library 2015-06-23 18:44:11 +02:00