Commit Graph

16339 Commits

Author SHA1 Message Date
Gilles Peskine
19ff9a6173 Test that a PSS policy doesn't allow PSS_ANY_SALT and vice versa
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-28 10:07:21 +02:00
Gilles Peskine
72215f6336 Shorten some test descriptions
Ensure the unique part fits in the 66 columns that the test runner displays.
Leave room for an additional distinguisher on signature key policy negative
test cases.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-28 10:07:15 +02:00
Gilles Peskine
a2536092b2 Support PSA_ALG_RSA_PSS_ANY_SALT iff PSA_ALG_RSA_PSS is supported
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-28 10:07:07 +02:00
Gilles Peskine
bb2d17cec6 Add test cases for PSA_ALG_RSA_PSS_ANY_SALT
The test cases strictly replicate a subset of the test cases for
PSA_ALG_RSA_PSS. The subset validates that PSA_ALG_RSA_PSS_ANY_SALT is
recognized wherever PSA_ALG_RSA_PSS is.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-28 10:06:50 +02:00
Gilles Peskine
ac6181ca1c Update metadata tests with the new IS_ALG_RSA_PSS_xxx_SALT predicates
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-28 10:06:41 +02:00
Gilles Peskine
35115f9c1a New algorithm PSA_ALG_RSA_PSS_ANY_SALT
This is a variant of PSA_ALG_RSA_PSS which currently has exactly the same
behavior, but is intended to have a different behavior when verifying
signatures.

In a subsequent commit, PSA_ALG_RSA_PSS will change to requiring the salt
length to be what it would produce when signing, as is currently documented,
whereas PSA_ALG_RSA_PSS_ANY_SALT will retain the current behavior of
allowing any salt length (including 0).

Changes in this commit:

* New algorithm constructor PSA_ALG_RSA_PSS_ANY_SALT.
* New predicates PSA_ALG_IS_RSA_PSS_STANDARD_SALT (corresponding to
  PSA_ALG_RSA_PSS) and PSA_ALG_IS_RSA_PSS_ANY_SALT (corresponding to
  PSA_ALG_RSA_PSS_ANY_SALT).
* Support for the new predicates in macro_collector.py (needed for
  generate_psa_constant_names).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-28 10:06:38 +02:00
Manuel Pégourié-Gonnard
d599dc7f1b
Merge pull request #4932 from tom-daubney-arm/all.sh-subshells-2.x
Backport 2.x: Run all.sh components in a subshell
2021-10-28 09:33:22 +02:00
Gilles Peskine
3545103fd4 Break out algorithm_tester() as a separate method
No intended behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-27 21:38:56 +02:00
paul-elliott-arm
460d779773
Merge pull request #5097 from gilles-peskine-arm/ssl-opt-resend-retry-2.x
Backport 2.x: Retry a test case if it fails due to an unexpected resend
2021-10-27 16:24:41 +01:00
Manuel Pégourié-Gonnard
8e8251a6fa
Merge pull request #4835 from gilles-peskine-arm/base64-no-table-2.2x
Backport 2.2x: range-based constant-flow base64
2021-10-27 12:18:29 +02:00
Gilles Peskine
db77eaf2b4
Merge pull request #5113 from paul-elliott-arm/ssl_opt_fixes_2.x
Backport 2.x : Ssl opt fixes
2021-10-26 20:50:50 +02:00
Paul Elliott
ce77738d95 Remove bash specific code
Use case pattern matching instead of multiline split, given there is
only the well formatted PIDs to match on this should be safe.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-10-26 11:02:16 +01:00
Paul Elliott
6cd97ceba0 Remove use of -p with lsof
On machines with more modern kernels (>5.4 from testing so far) the
useage of -b seems to conflict with the usage of -p. Whilst the usage of
-b seems like a good idea to avoid blocks as we are tight looping on it,
the usage of -p seems to require the usage of stat() (specifically in
/proc) which -b forbids. All you get is a load of warnings
(suppressable by -w) but never a positive result, which means that all
servers are reported as "Failed to start". We are not keen on losing
-b, so instead parse the output of lsof (using -F to format it) to
check the if PIDs that it outputs match that we are looking for.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-10-26 11:02:10 +01:00
Manuel Pégourié-Gonnard
05ee09eae7
Merge pull request #5107 from mprse/issue_4056_b2x
Backport 2.x: Use PSA_HASH_LENGTH instead hardcoded integer values
2021-10-26 10:35:47 +02:00
Gilles Peskine
1222fed513 Fix typo in documentation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:24:23 +02:00
Gilles Peskine
773f5b7f42 Fix copypasta in comment
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:24:23 +02:00
Gilles Peskine
d3e5dd3f3a Rename variable to avoid a name clash
digits is also a local variable in host_test.function, leading to compilers
complaining about that shadowing the global variable in
test_suite_base64.function.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:24:23 +02:00
Gilles Peskine
fd489f97c1 Move the list of Base64 digits out of the test data
This is part of the definition of the encoding, not a choice of test
parameter, so keep it with the test code.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:24:23 +02:00
Gilles Peskine
a138802230 Move declarations of testing-only base64 functions to their own header
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:24:23 +02:00
Gilles Peskine
3f0722c1af Fix the build of sample programs without mbedtls_strerror
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:24:23 +02:00
Gilles Peskine
0f4e3fbd10 Mark output as public before testing it
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:24:23 +02:00
Gilles Peskine
85f3165c6a Fix printf format signedness error
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:24:23 +02:00
Gilles Peskine
3b1f4c0d7e Add unit tests for base64 internal functions
Add unit tests for mask_of_range(), enc_char() and dec_value().

When constant-flow testing is enabled, verify that these functions are
constant-flow.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:24:23 +02:00
Gilles Peskine
2c78f98071 Expose internal base64 functions for testing
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:24:23 +02:00
Gilles Peskine
38d41b98b3 load_roots: properly error out on an invalid option
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:24:23 +02:00
Gilles Peskine
373c54e174 load_roots: fix no-argument detection
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:24:23 +02:00
Gilles Peskine
db92884cd0 load_roots: arguments must be files
I had originally thought to support directories with
mbedtls_x509_crt_parse_path but it would have complicated the code more than
I cared for. Remove a remnant of the original project in the documentation.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:24:23 +02:00
Gilles Peskine
a2dc0cc9ea mask_of_range: simplify high comparison
To test c <= high, instead of testing the sign of (high + 1) - c, negate the
sign of high - c (as we're doing for c - low). This is a little easier to
read and shaves 2 instructions off the arm thumb build with
arm-none-eabi-gcc 7.3.1.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:24:23 +02:00
Gilles Peskine
831fd766f3 Base64 decode: simplify local variables (n)
n was used for two different purposes. Give it a different name the second
time. This does not seem to change the generated code when compiling with
optimization for size or performance.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:24:23 +02:00
Gilles Peskine
327c33fc7f Base64 range-based constant-flow code: changelog entry
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:22:43 +02:00
Gilles Peskine
d6e3f46daa Base64 encoding: use ranges instead of tables
Instead of doing constant-flow table lookup, which requires 64 memory loads
for each lookup into a 64-entry table, do a range-based calculation, which
requires more CPU instructions per range but there are only 5 ranges.

I expect a significant performance gain (although smaller than for decoding
since the encoding table is half the size), but I haven't measured. Code
size is slightly smaller.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:22:43 +02:00
Gilles Peskine
a97e911e5d Base64 decode: simplify local variables
Document what each local variable does when it isn't obvious from the name.
Don't reuse a variable for different purposes.

This commit has very little impact on the generated code (same code size on
a sample Thumb build), although it does fix a theoretical bug that 2^32
spaces inside a line would be ignored instead of treated as an error.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:22:43 +02:00
Gilles Peskine
c48ab11400 Base64 decoding: use ranges instead of tables
Instead of doing constant-flow table lookup, which requires 128 memory loads
for each lookup into a 128-entry table, do a range-based calculation, which
requires more CPU instructions per range but there are only 5 ranges.

Experimentally, this is ~12x faster on my PC (based on
programs/x509/load_roots). The code is slightly smaller, too.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:17:08 +02:00
Gilles Peskine
6b541a026b Base64 decoding: don't use the table for '='
Base64 decoding uses equality comparison tests for characters that don't
leak information about the content of the data other than its length, such
as whitespace. Do this with '=' as well, since it only reveals information
about the length. This way the table lookup can focus on character validity
and decoding value.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:17:08 +02:00
Gilles Peskine
82c04329bf New sample program to benchmark certificate loading
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 21:17:08 +02:00
Przemyslaw Stekiel
645703c8a3 Use PSA_HASH_LENGTH instead hardcoded integer values
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-10-25 16:48:25 +02:00
Gilles Peskine
1893cd3f91
Merge pull request #5104 from gilles-peskine-arm/test_equal_verbose-2.x
Backport 2.x: Show values when TEST_EQUAL fails
2021-10-22 17:25:11 +02:00
Gilles Peskine
b436649a25 Show values when TEST_EQUAL fails
When TEST_EQUAL fails, show the two numerical values in the test log (only
with host_test). The values are printed in hexa and signed decimal.

The arguments of TEST_EQUAL must now be integers, not pointers or floats.
The current implementation requires them to fit in unsigned long long
Signed values no larger than long long will work too. The implementation
uses unsigned long long rather than uintmax_t to reduce portability
concerns. The snprintf function must support "%llx" and "%lld".

For this purpose, add room for two lines of text to the mbedtls_test_info
structure. This adds 154 bytes of global data.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-22 11:06:52 +02:00
Gilles Peskine
aa1d6ad9d2 Move is-it-resend logic into a function
Improve the code structure in case we want to add other similar conditions
later. Document better what we're doing, and document why we're doing it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-21 11:00:35 +02:00
Gilles Peskine
2d3c9f898b Retry if a test case fails because of an unexpected resend
Palliative for https://github.com/ARMmbed/mbedtls/issues/3377. If a test
case fails due to an unexpected resend, allow retrying, like in the case of
a client timeout.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-21 11:00:35 +02:00
Gilles Peskine
a28fd41ed1 Move retry logic into check_test_failure
This will allow having other retry conditions, in particular based on
run_test options.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-21 11:00:35 +02:00
Gilles Peskine
5d8e702ab8 Move the core loop of run_test into an auxiliary function
No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-21 11:00:35 +02:00
Gilles Peskine
f9022b056b Move some code of run_test into auxiliary functions
No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-21 11:00:35 +02:00
Gilles Peskine
a093d76a26 Update generated files
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-19 22:39:45 +02:00
Gilles Peskine
a686bf46f7
Merge pull request #5083 from mprse/issue_5065_2x
backport 2.x: backport only new test in all.sh from #5072
2021-10-18 17:51:53 +02:00
Przemyslaw Stekiel
7ce979a4f5 all.sh: tests/scripts/all.sh full minus MBEDTLS_CHACHAPOLY_C without PSA_WANT_ALG_GCM and PSA_WANT_ALG_CHACHA20_POLY1305
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-10-18 11:47:32 +02:00
Gilles Peskine
e4739ab5ef
Merge pull request #5038 from mprse/issue_4551_2x
Backport 2.x: Fix psa_generate_key(): return PSA_ERROR_INVALID_ARGUMENT for public key #5037
2021-10-18 10:39:26 +02:00
Gilles Peskine
95f2324c5e
Merge pull request #4845 from mstarzyk-mobica/ecb-alt-ret-2.2x
Backport 2.2x: Catch failures of mbedtls_aes_crypt_ecb and its DES equivalents
2021-10-14 12:11:04 +02:00
Gilles Peskine
ecb8da0f0c
Merge pull request #5073 from paul-elliott-arm/fix-resumption-openssl-client-tests-2.x
Backport 2.x : Use newer OpenSSL for tests failing with the old
2021-10-13 21:05:13 +02:00
Paul Elliott
ccba129c5a Use 127.0.0.1 rather than localhost
This was causing some tests using the openssl s_client to not connect -
I suspect this was due to localhost (at least on my machine) resolving
to ::1 rather than 127.0.0.1. Note that the error seen would have been
that the session file specified with -sess_out did not get created.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-10-13 18:33:28 +01:00