Commit Graph

1969 Commits

Author SHA1 Message Date
Andrzej Kurek
8a2e97c2df Merge development-psa commit 80b5662 into development-psa-merged branch
Adjust crypto submodule version to use new, forked crypto version accordingly.
2019-02-05 06:02:51 -05:00
k-stachowiak
a1dc9117a7 Correct code formatting in the timing test suites 2019-02-05 09:22:20 +01:00
Jaeden Amero
acdf07c033
Merge pull request #41 from hanno-arm/ec_pubkey_fmt_fixes
Make further adaptations to new EC public key format
2019-02-01 13:05:48 +00:00
Andrzej Kurek
de5a007316 Merge development commit f352f7 into development-psa 2019-02-01 07:03:03 -05:00
Hanno Becker
00114d71f4 Adapt test in test_suite_pk to work with new PSA public key format 2019-02-01 11:56:42 +00:00
Hanno Becker
56104ea9bb Adapt test in test_suite_pk to work with new PSA public key format 2019-02-01 11:48:19 +00:00
Andrzej Kurek
409fdae6bf test_suite_ctr_drbg: use ctr_drbg_update_ret instead of ctr_drbg_update
Align files with development to ensure the same state of repositories.
2019-02-01 02:53:16 -05:00
Andrzej Kurek
f093a3dc61 Use ecdh_setup instead of ecp_group_load
Align files with development to ensure the same state of repositories.
2019-02-01 02:50:36 -05:00
Andrzej Kurek
c470b6b021 Merge development commit 8e76332 into development-psa
Additional changes to temporarily enable running tests:
ssl_srv.c and test_suite_ecdh use mbedtls_ecp_group_load instead of
mbedtls_ecdh_setup
test_suite_ctr_drbg uses mbedtls_ctr_drbg_update instead of 
mbedtls_ctr_drbg_update_ret
2019-01-31 08:20:20 -05:00
Jaeden Amero
730ecdf3b1 Merge remote-tracking branch 'origin/pr/2371' into development 2019-01-30 13:15:40 +00:00
k-stachowiak
21daa3c1ee Reduce the timing tests complexity 2019-01-29 10:19:49 +01:00
Gilles Peskine
6b156df1ba Don't consider RIPEMD160 a PSA_ALG_ANY_HASH candidate
Some parts of the library don't support it, such as RSA PKCS#1v1.5
signature.
2019-01-28 15:43:19 +01:00
Gilles Peskine
8c1247fec9 Add psa_copy_key tests with policy constraints
Test a few cases. The logic to combine the constraint is similar to
the logic to combine the source and target, so it's ok to have less
parameter domain coverage for constraints.
2019-01-28 14:55:16 +01:00
Gilles Peskine
57ab721d8a Test psa_copy_key
Split the testing into tests that exercise policies in
test_suite_psa_crypto and tests that exercise slot content (slot
states, key material) in test_suite_psa_crypto_slot_management.

Test various cases of source and target policies with and without
wildcards. Missing: testing of the policy constraint on psa_copy_key
itself.

Test several key types (raw data, AES, RSA). Test with the
source or target being persistent.

Add failure tests (incompatible policies, source slot empty, target
slot occupied).
2019-01-28 14:55:06 +01:00
Gilles Peskine
f603c718c9 New function psa_copy_key
Copy a key from one slot to another.

Implemented and smoke-tested.
2019-01-28 14:41:11 +01:00
Jaeden Amero
43bafcca94
Merge pull request #15 from gilles-peskine-arm/psa-signature_policy_wildcard
Support wildcard hash in signature policies
2019-01-28 13:31:14 +00:00
Ron Eldor
17233f5a5c Increase okm_hex buffer to contain null character
Add an additional byte for the `okm_hex` buffer, to assure
it is null-terminated in case `okm` is 128 bytes long.
2019-01-28 15:18:15 +02:00
Ron Eldor
bc93219f66 Minor modifications to hkdf test
1. Fix comment grammar.
2. Rename `okm_string` to `okm_hex`.
2019-01-28 15:07:55 +02:00
Ron Eldor
1a3a7e5fc7 Add explanation for okm_string size
Add explanation for why the size of `okm_string` buffer
is twice as `okm` buffer.
2019-01-28 15:01:53 +02:00
Jaeden Amero
37a8c0c144
Merge pull request #27 from hanno-arm/crypto_submodule_update_prs_6_18_19_sibling
PSA integration sibling: Update crypto submodule (Hash clone, Key Policy Init, Key slot alloc)
2019-01-28 11:33:28 +00:00
Hanno Becker
a814ae6f92 PSA: Adapt PK test suite to new key policy initialization API 2019-01-25 14:36:28 +00:00
Hanno Becker
fcf659b12d PSA: Adapt PK test suite to modified key slot allocation mechanism 2019-01-25 14:36:28 +00:00
Hanno Becker
8d865dfe37 PSA: Adapt PK test suite to new key policy initialization API 2019-01-25 14:25:16 +00:00
Hanno Becker
353295ac70 PSA: Adapt PK test suite to modified key slot allocation mechanism 2019-01-25 14:25:00 +00:00
Jaeden Amero
4d69cf1a84
Merge pull request #13 from Patater/pubkey-format
Simplify RSA and EC public key formats
2019-01-25 10:09:40 +00:00
Gilles Peskine
eb2d4b9037 Test that HASH_ANY is not meaningful for OAEP
PSA_ALG_HASH_ANY is specified as meaningful only for signature.
2019-01-24 13:05:36 +01:00
Antonin Décimo
36e89b5b71 Fix #2370, minor typos and spelling mistakes 2019-01-24 10:37:40 +01:00
Jaeden Amero
ccdce90adb psa: Simplify EC public key format
Remove front matter from our EC key format, to make it just the contents
of an ECPoint as defined by SEC1 section 2.3.3.

As a consequence of the simplification, remove the restriction on not
being able to use an ECDH key with ECDSA. There is no longer any OID
specified when importing a key, so we can't reject importing of an ECDH
key for the purpose of ECDSA based on the OID.
2019-01-23 17:39:46 +00:00
Jaeden Amero
25384a236e psa: Simplify RSA public key format
Remove pkcs-1 and rsaEncryption front matter from RSA public keys. Move
code that was shared between RSA and other key types (like EC keys) to
be used only with non-RSA keys.
2019-01-23 17:31:50 +00:00
Jaeden Amero
0b6b871056
Merge pull request #22 from ARMmbed/iotssl-2697-psa-key-allocation-crypto
Adapting to the new PSA key slot allocation mechanism
2019-01-23 15:00:19 +00:00
Andrzej Kurek
c750932f2c Adapt to the new key allocation mechanism 2019-01-23 06:22:32 -05:00
Gilles Peskine
870f5dc656 Add missing test dependency 2019-01-23 10:42:23 +01:00
Simon Butcher
8e763329ad Merge remote-tracking branch 'public/pr/2040' into development 2019-01-23 10:28:25 +01:00
Simon Butcher
38cb940692 Merge remote-tracking branch 'public/pr/2231' into development 2019-01-23 10:20:08 +01:00
Jaeden Amero
494624d299
Merge pull request #18 from gilles-peskine-arm/psa-hash_clone
New function psa_hash_clone
2019-01-22 17:35:25 +00:00
Gilles Peskine
d40c1fbd50 Don't require a type and size when creating a key slot
Remove the type and bits arguments to psa_allocate_key() and
psa_create_key(). They can be useful if the implementation wants to
know exactly how much space to allocate for the slot, but many
implementations (including ours) don't care, and it's possible to work
around their lack by deferring size-dependent actions to the time when
the key material is created. They are a burden to applications and
make the API more complex, and the benefits aren't worth it.

Change the API and adapt the implementation, the units test and the
sample code accordingly.
2019-01-19 12:20:52 +01:00
Gilles Peskine
ebb2c3e419 New function psa_hash_clone
Clone a hash operation.

Test good cases as part as multipart tests. Add new test functions for
the state machine.
2019-01-19 12:03:41 +01:00
Andres Amaya Garcia
5d26163db4 Add tests for (named) bitstring to suite_asn1write 2019-01-16 18:59:07 +00:00
Gilles Peskine
30f77cdfc1 Add a hash wildcard value for hash-and-sign algorithm
You can use PSA_ALG_ANY_HASH to build the algorithm value for a
hash-and-sign algorithm in a policy. Then the policy allows usage with
this hash-and-sign family with any hash.

Test that PSA_ALG_ANY_HASH-based policies allow a specific hash, but
not a different hash-and-sign family. Test that PSA_ALG_ANY_HASH is
not valid for operations, only in policies.
2019-01-14 19:38:56 +01:00
Gilles Peskine
d35b489ce5 New macro PSA_ALG_IS_HASH_AND_SIGN
Test for a subclass of public-key algorithm: those that perform
full-domain hashing, i.e. algorithms that can be broken down as
sign(key, hash(message)).
2019-01-14 16:02:15 +01:00
Simon Butcher
6944e05956 Merge remote-tracking branch 'public/pr/2232' into development 2019-01-08 15:33:28 +00:00
Simon Butcher
012a06cbf6 Merge remote-tracking branch 'public/pr/2228' into development 2019-01-08 15:26:58 +00:00
Andrzej Kurek
2349c4db88 Adapt to the new key allocation mechanism 2019-01-08 09:36:01 -05:00
Jaeden Amero
d94d671f14 psa: Test that generator initializers work 2019-01-08 14:28:04 +00:00
Jaeden Amero
5bae227da0 psa: Add initializers for cipher operation objects
Add new initializers for cipher operation objects and use them in our
tests and library code. Prefer using the macro initializers due to their
straightforwardness.
2019-01-08 14:28:04 +00:00
Jaeden Amero
769ce27f12 psa: Add initializers for MAC operation objects
Add new initializers for MAC operation objects and use them in our tests
and library code. Prefer using the macro initializers due to their
straightforwardness.
2019-01-08 14:28:04 +00:00
Jaeden Amero
6a25b41ac3 psa: Add initializers for hash operation objects
Add new initializers for hash operation objects and use them in our
tests and library code. Prefer using the macro initializers due to their
straightforwardness.
2019-01-08 14:28:04 +00:00
Jaeden Amero
70261c513a psa: Add initializers for key policies
Add new initializers for key policies and use them in our docs, example
programs, tests, and library code. Prefer using the macro initializers
due to their straightforwardness.
2019-01-08 14:28:04 +00:00
Jaeden Amero
8c7e95d9e0 tests: Remove unused key policy objects
persistent_key_import() and persistent_key_destroy() don't need to and
don't use key policy objects. Remove unused key policy objects.
2019-01-04 15:38:07 +00:00
Simon Butcher
6c164e754b Update the version of the library to 2.16.0 2018-12-21 10:51:51 +00:00
Gilles Peskine
c08fc1d7e9 Move MIN and MAX macros from PSA tests to helpers.function 2018-12-20 18:47:53 +01:00
Gilles Peskine
d76f181617 Prefer ASSERT_ALLOC to calloc+TEST_ASSERT in PSA tests
To allocate memory dynamically in a test, call ASSERT_ALLOC which
takes care of calling calloc and of checking for NULL.
2018-12-20 18:47:53 +01:00
Gilles Peskine
1f2aa0e3b0 Remove useless null checks of data_t* parameters
The test framework never passes NULL for a data_t* parameter, so
testing them against NULL is clutter.
2018-12-20 18:47:53 +01:00
Gilles Peskine
40ab95bdbc Remove checks of test parameters against SIZE_MAX
Our code base doesn't even support 16-bit platforms, so those checks
are always trivially true.
2018-12-20 18:47:53 +01:00
Gilles Peskine
0dfba2ddf0 Use ASSERT_COMPARE in preference to memcmp in PSA tests 2018-12-20 18:47:52 +01:00
Gilles Peskine
f812dcf4ae Rewrap some lines after the macro changes
Change the way some lines are wrapped to cut at a more logical place.
This commit mainly rewrites multi-line calls to TEST_EQUAL, and also a
few calls to PSA_ASSERT.
2018-12-20 18:47:52 +01:00
Gilles Peskine
fe11b72b93 Use TEST_EQUAL(a,b) in preference to TEST_ASSERT(a==b)
This commit is the result of the following command, followed by
reindenting (but not wrapping lines):

perl -00 -i -pe 's/^( *)TEST_ASSERT\(([^;=]*)(?: |\n *)==([^;=]*)\);$/${1}TEST_EQUAL($2,$3);/gm' tests/suites/test_suite_psa_*.function
2018-12-20 18:47:52 +01:00
Gilles Peskine
8817f61007 Use PSA_ASSERT(a) in preference to TEST_ASSERT(a==PSA_SUCCESS)
This commit is the result of the following command, followed by
reindenting (but not wrapping lines):

perl -00 -i -pe 's/^( *)TEST_ASSERT\(([^;=]*)(?: |\n *)==\s*PSA_SUCCESS\s*\);$/${1}PSA_ASSERT($2 );/gm' tests/suites/test_suite_psa_*.function
2018-12-20 18:47:52 +01:00
Gilles Peskine
0f915f1d2a Indent PSA tests according to K&R rules with Mbed TLS tweaks
Only whitespace changes in this commit.
2018-12-20 18:47:52 +01:00
Gilles Peskine
9d8eea7e19 Wrap some multiline expressions in parentheses
This guarantees that they'll be indented as desired under most
indentation rules.
2018-12-20 18:47:52 +01:00
Gilles Peskine
5f7aeeea06 New test macro TEST_EQUAL
TEST_EQUAL(expr1, expr2) is just TEST_ASSERT((expr1) == (expr2)) for
now, but in the future I hope that it will print out the differing
values.
2018-12-20 18:47:52 +01:00
Gilles Peskine
0174be2c17 Move the PSA_ASSERT macro to the common helpers file
It's potentially useful in all PSA test suites, of which there are now
several.
2018-12-20 18:47:52 +01:00
Gilles Peskine
f055ad7512 Add a safety check to ARRAY_LENGTH
Cause a compilation error on ARRAY_LENGTH(p) where p is a pointer as
opposed to an array. This only works under GCC and compatible
compilers such as Clang. On other compilers, ARRAY_LENGTH works but
doesn't check the type of its argument.
2018-12-20 18:47:52 +01:00
Simon Butcher
ad7c2105a2 Merge remote-tracking branch 'public/pr/2274' into development 2018-12-20 12:16:57 +00:00
Simon Butcher
12b4240300 Merge remote-tracking branch 'public/pr/2288' into development 2018-12-20 12:16:46 +00:00
Simon Butcher
c831193c85 Merge remote-tracking branch 'public/pr/2302' into development 2018-12-20 12:16:39 +00:00
Simon Butcher
1efda39f8a Merge remote-tracking branch 'public/pr/2297' into development 2018-12-20 12:16:29 +00:00
Simon Butcher
5aa7809ac8 Merge remote-tracking branch 'public/pr/2275' into development 2018-12-20 12:15:19 +00:00
Simon Butcher
780cf189b0 Merge remote-tracking branch 'public/pr/2271' into development 2018-12-20 12:15:08 +00:00
Simon Butcher
032c037052 Merge remote-tracking branch 'public/pr/2270' into development 2018-12-20 12:04:13 +00:00
Simon Butcher
a033633bb0 Merge remote-tracking branch 'public/pr/2269' into development 2018-12-20 12:02:56 +00:00
Simon Butcher
70935a4001 Merge remote-tracking branch 'public/pr/2299' into development 2018-12-20 12:02:23 +00:00
Simon Butcher
003c0e032f Merge remote-tracking branch 'public/pr/2292' into development 2018-12-20 12:02:17 +00:00
Simon Butcher
decf2f5c2c Merge remote-tracking branch 'public/pr/2291' into development 2018-12-20 12:02:11 +00:00
Simon Butcher
65ce5dc981 Merge remote-tracking branch 'public/pr/2290' into development 2018-12-20 12:02:05 +00:00
Simon Butcher
ad2e0dae32 Merge remote-tracking branch 'public/pr/2283' into development 2018-12-20 12:01:58 +00:00
Simon Butcher
0bbf7f450d Merge remote-tracking branch 'public/pr/2279' into development 2018-12-20 12:01:49 +00:00
Simon Butcher
962b7b17d5 Merge remote-tracking branch 'public/pr/2273' into development 2018-12-20 12:01:17 +00:00
Simon Butcher
6be67a6518 Merge remote-tracking branch 'public/pr/2281' into development 2018-12-20 12:01:09 +00:00
Simon Butcher
dac513e246 Merge remote-tracking branch 'public/pr/2282' into development 2018-12-20 12:01:04 +00:00
Simon Butcher
ccafd14fee Merge remote-tracking branch 'public/pr/2276' into development 2018-12-20 12:00:57 +00:00
Simon Butcher
2a8d32c6c1 Merge remote-tracking branch 'public/pr/2287' into development 2018-12-20 12:00:50 +00:00
Gilles Peskine
743e3988dc Avoid unused-variable warnings for str as well
The exact guard is FS_IO && PK_PARSE_C. Just keep it simple.
2018-12-20 12:29:48 +01:00
Gilles Peskine
88ca3a244e Avoid unused-variable warnings in some configurations 2018-12-20 12:26:16 +01:00
Gilles Peskine
d6027119be Fix dependencies on MBEDTLS_FS_IO 2018-12-20 12:15:41 +01:00
Hanno Becker
73b79841b2 Remove parameter validation for deprecated function in ECDSA module 2018-12-20 09:53:24 +00:00
k-stachowiak
dd63359dae Add tests for valid NULL in ccm_free() 2018-12-19 19:02:39 +01:00
k-stachowiak
508bcd96db Remove unneeded test for the CCM free function 2018-12-19 19:02:39 +01:00
k-stachowiak
26d365eb54 Add parameter validation for CCM 2018-12-19 19:02:39 +01:00
k-stachowiak
fb54360f8c Prevent unused variable in some configurations 2018-12-19 18:34:21 +01:00
Gilles Peskine
6af45ec53e PK: document context validity requirements
Document when a context must be initialized or not, when it must be
set up or not, and whether it needs a private key or a public key will
do.

The implementation is sometimes more liberal than the documentation,
accepting a non-set-up context as a context that can't perform the
requested information. This preserves backward compatibility.
2018-12-19 18:10:03 +01:00
k-stachowiak
a85edd9415 Split the unconditional and conditional parameter validation tests 2018-12-19 18:06:35 +01:00
Hanno Becker
f25ee7f79d Fix parameter validation for mbedtls_mpi_lsb()
The MPI_VALIDATE_RET() macro cannot be used for parameter
validation of mbedtls_mpi_lsb() because this function returns
a size_t.

Use the underlying MBEDTLS_INTERNAL_VALIDATE_RET() insteaed,
returning 0 on failure.

Also, add a test for this behaviour.
2018-12-19 16:51:50 +00:00
Gilles Peskine
d54b97503b pk parse: the password is optional
For mbedtls_pk_parse_key and mbedtls_pk_parse_keyfile, the password is
optional. Clarify what this means: NULL is ok and means no password.
Validate parameters and test accordingly.
2018-12-19 17:36:14 +01:00
k-stachowiak
516897a44a Remove unnecessary parameter validation from the Cipher module 2018-12-19 17:34:58 +01:00
k-stachowiak
95070a8286 Make some cipher parameter validation unconditional 2018-12-19 17:34:58 +01:00
k-stachowiak
5b01f8b3ae Add a new line at the end of the test data file 2018-12-19 17:34:13 +01:00
k-stachowiak
90b8d4a11e Include static cipher functions in the parameter validation scheme 2018-12-19 17:34:13 +01:00
k-stachowiak
a539070f82 Make all parameter validation tests optional 2018-12-19 17:34:13 +01:00
Krzysztof Stachowiak
e0215d7869 Add Cipher module parameter validation 2018-12-19 17:34:13 +01:00
k-stachowiak
5fccb3edf3 Add tests for valid NULL in gcm_free() 2018-12-19 17:30:38 +01:00
k-stachowiak
8ffc92a1e8 Add parameter validation for the GCM module 2018-12-19 17:30:38 +01:00
Gilles Peskine
ee3cfec3cc PK sign/verify: hash=NULL is ok if md_alg=0 and hash_len=0 2018-12-19 17:11:44 +01:00
Gilles Peskine
998fbfbe68 Properly test pk_write with an empty output buffer
This needs a real key to test properly.
2018-12-19 17:08:51 +01:00
Gilles Peskine
cc274c2ebf Do run the valid parameters test function 2018-12-19 17:08:01 +01:00
Gilles Peskine
1f19fa6f62 PK: Fix free(NULL) in library and tests
free() functions are documented as no-ops on NULL. Implement and test
this correctly.
2018-12-19 14:18:39 +01:00
Hanno Becker
f947c0a2dd Move testing of mbedtls_blowfish_free() to separate test case
It should be tested regardless of the setting of MBEDTLS_CHECK_PARAMS.
2018-12-19 12:52:59 +00:00
Hanno Becker
49acc64c69 Minor improvements to Blowfish documentation and tests 2018-12-19 12:52:59 +00:00
Hanno Becker
e38b4cd661 Test parameter validation for Blowfish module 2018-12-19 12:52:59 +00:00
Hanno Becker
0294072c09 Avoid unused variable warning in ARIA param validation test 2018-12-19 12:51:00 +00:00
Hanno Becker
14b91e8e22 Move testing of mbedtls_aria_free() to separate test
The test that mbedtls_aria_free() accepts NULL parameters
can be performed even if MBEDTLS_CHECK_PARAMS is unset, but
was previously included in the test case aria_invalid_params()
which is only executed if MBEDTLS_CHECK_PARAMS is set.
2018-12-19 12:51:00 +00:00
Hanno Becker
fac1d44d62 Fix style in ARIA parameter validation tests 2018-12-19 12:51:00 +00:00
Hanno Becker
b0de9f5b03 Test that mbedtls_aria_free() accepts NULL parameter 2018-12-19 12:51:00 +00:00
Hanno Becker
9e45c1607e Test parameter validation for ARIA module 2018-12-19 12:51:00 +00:00
Hanno Becker
f1931760d8 Move test of mbedtls_camellia_free() to separate test
The acceptance of NULL should be tested regardless of the
setting of MBEDTLS_CHECK_PARAMS.
2018-12-19 12:47:55 +00:00
Hanno Becker
ff62f44ad7 Remove duplicated parameter check in CAMELLIA module 2018-12-19 12:47:55 +00:00
Hanno Becker
e939de7247 Minor fixes to Camellia parameter validation 2018-12-19 12:47:55 +00:00
Hanno Becker
75788371df Test parameter validation for CAMELLIA module 2018-12-19 12:47:55 +00:00
Gilles Peskine
e146e7dbae Don't use TEST_VALID_PARAM with a value
TEST_VALID_PARAM is only for functions that return void. This commit
fixes the build with clang -Wunused-comparison.
2018-12-19 13:21:22 +01:00
Hanno Becker
1959535038 Add parameter validation test for mbedtls_ecp_check_pub_priv() 2018-12-19 08:52:08 +00:00
Hanno Becker
549e455a42 Add parameter validation test for mbedtls_ecp_gen_privkey() 2018-12-19 08:52:02 +00:00
Hanno Becker
0a4fa9b1fb Add parameter validation test for mbedtls_ecp_check_budget() 2018-12-19 08:51:58 +00:00
Hanno Becker
807c107c3c Fix typos in ECP test suite 2018-12-19 08:51:55 +00:00
Simon Butcher
54b789aa74 Merge remote-tracking branch 'public/pr/2298' into development 2018-12-19 08:08:14 +00:00
Gilles Peskine
78438e4109 Test parameter validation for pk, pkparse and pkwrite 2018-12-19 00:55:47 +01:00
Hanno Becker
59274d43cb Remove unnecessary call to mbedtls_mpi_free() in MPI tests 2018-12-18 23:27:03 +00:00
Hanno Becker
b48e1aa846 Add separate test for mbedtls_mpi_free() accepting NULL 2018-12-18 23:25:01 +00:00
Hanno Becker
e118504a5f Numerous minor improvements to bignum documentation 2018-12-18 18:12:13 +00:00
Hanno Becker
56b661cbf8 Add test that mbedtls_mpi_free() accepts NULL parameter 2018-12-18 18:12:13 +00:00
Hanno Becker
afb607b9db Add tests for parameter validation in MPI module 2018-12-18 18:12:13 +00:00
Hanno Becker
d22df58a56 Add missing guards around SHA-1 tests 2018-12-18 17:02:03 +00:00
Hanno Becker
adc9b178ca Minor improvements to DHM module 2018-12-18 16:59:09 +00:00
Hanno Becker
8c8a93c574 Test parameter validation for DHM module 2018-12-18 16:59:09 +00:00
Hanno Becker
4fbd4bf442 Fix guard in SHA-512 tests 2018-12-18 16:37:43 +00:00
Hanno Becker
36beb04fd5 Add tests or SHA-256 parameter validation 2018-12-18 16:31:06 +00:00
Hanno Becker
686c9a0e8d Test SHA-512 parameter validation 2018-12-18 15:33:14 +00:00
Hanno Becker
a994b2379f Test that xxx_free() functions accept NULL parameter 2018-12-18 15:30:30 +00:00
Hanno Becker
ae2ff02ff1 Add tests for ChaChaPoly parameter validation
Parameter validation was previously performed and tested unconditionally
for the ChaCha/Poly modules. This commit therefore only needs go guard the
existing tests accordingly and use the appropriate test macros for parameter
validation.
2018-12-18 15:30:30 +00:00
Hanno Becker
af05a90349 Test parameter validation in ECDSA module 2018-12-18 14:31:50 +00:00
Hanno Becker
491db772c3 Test parameter validation for ECJPAKE module 2018-12-18 14:31:18 +00:00
Hanno Becker
4c818483b2 Test parameter validation for ECDH module 2018-12-18 14:30:39 +00:00
Hanno Becker
b06f193d73 Add missing cases to RSA parameter validation test 2018-12-18 14:05:20 +00:00
Hanno Becker
05cf6dabb8 Add missing test for mbedtls_rsa_pkcs1_sign() 2018-12-18 13:38:05 +00:00
Hanno Becker
f04d923834 Test mbedtls_rsa_gen_key() with NULL ctx/RNG separately 2018-12-18 13:38:05 +00:00
Hanno Becker
71cd6c7ba9 Remove duplicate test in RSA parameter validation test 2018-12-18 13:38:05 +00:00
Hanno Becker
a7ee00225b Test mbedtls_rsa_init() with invalid padding 2018-12-18 13:38:05 +00:00
Hanno Becker
046d2024c5 Test parameter validation for RSA module 2018-12-18 13:38:05 +00:00
Hanno Becker
57b684f9d1 Add separate test for xxx_free() functions in ECP module 2018-12-18 13:00:48 +00:00
Hanno Becker
12dff0352b Test parameter validation for ECP module 2018-12-18 13:00:48 +00:00
Manuel Pégourié-Gonnard
488d9309fc Fix unused param warnings in test function 2018-12-18 13:05:49 +01:00
Hanno Becker
0e24473b94 Test parameter validation in SHA-1 module 2018-12-18 11:37:28 +00:00
Manuel Pégourié-Gonnard
e55e103bfe Fix off-by-one in iv_off check and add tests 2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
ab6b9758d6 Improve constant naming in test functions 2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
2bc535be86 Add parameter validation for AES-CTR 2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
8e41eb7187 Add parameter validation for AES-OFB 2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
1677cca54b Add parameter validation for AES-CFB functions 2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
191af1313a Add param validation for mbedtls_aes_crypt_xts() 2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
3178d1a997 Add param validation for mbedtls_aes_crypt_cbc() 2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
1aca260571 Add parameter validation for mbedtls_aes_crypt_ecb() 2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
68e3dff3f1 Add parameter validation XTS setkey functions 2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
af0c6cb9e0 Fix missing guard on XTS function in tests 2018-12-18 12:02:52 +01:00
Hanno Becker
6640b0d9a3 Undo deprecation of MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH 2018-12-18 09:53:14 +00:00
Hanno Becker
938f9e9bdb Undo deprecation of MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH
Merging MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH and
MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH is an API break.
2018-12-18 09:50:57 +00:00
Gilles Peskine
3d2f949c86 Move the ARRAY_LENGTH macro to the common helpers file 2018-12-17 23:17:17 +01:00
Hanno Becker
d2f3a00062 Introduce single BLOWFISH error code for bad input data
Deprecate the old specific error codes
* MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH
* MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH
2018-12-17 13:26:37 +00:00
Hanno Becker
4c029d09be Introduce single CAMELLIA error code for bad input data
Deprecate the old specific error codes
* MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH
* MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH
2018-12-17 13:26:33 +00:00
Manuel Pégourié-Gonnard
e7306d30a9 Improve some documentation and ChangeLog entry 2018-12-13 09:45:49 +01:00
Manuel Pégourié-Gonnard
a4251f4775 Test aes_free( NULL ) unconditionally 2018-12-12 12:04:51 +01:00
Manuel Pégourié-Gonnard
54e7f312d3 Make TEST_VALID_PARAM() available unconditionally 2018-12-12 11:56:09 +01:00
Manuel Pégourié-Gonnard
aae10fa427 Fix some whitespace issues 2018-12-12 10:24:19 +01:00
Manuel Pégourié-Gonnard
cd2b29cd12 Improve wording in documentation and ChangeLog 2018-12-12 10:23:57 +01:00
Gilles Peskine
79a11d6c42 Test invalid lifetime regardless of support for persistent keys
Even if persistent keys are not supported, psa_open_key and
psa_create_key must fail if invoked with an invalid lifetime value.
2018-12-11 16:48:14 +01:00
Gilles Peskine
539cda57df Add tests with invalid key identifiers
Test that 0 and PSA_CRYPTO_ITS_RANDOM_SEED_UID are not accepted as key
identifiers.
2018-12-11 16:48:14 +01:00
Gilles Peskine
4a044739a8 Fix the build without persistent storage
Add missing guards on MBEDTLS_PSA_CRYPTO_STORAGE_C.

Add test cases to test that psa_create_key and psa_open_key return
NOT_SUPPORTED.
2018-12-11 16:48:14 +01:00
Gilles Peskine
c5487a8892 Drop support for psa_key_slot_t in psa_crypto.c
This commit finishes the removal of support for direct access to key
slots in psa_crypto.c.

This marks the end of the necessary phase of the transition to key
handles. The code should subsequently be refactored to move key slot
management from psa_crypto.c to psa_crypto_slot_management.c.
2018-12-11 16:48:13 +01:00
Gilles Peskine
7bc9f68232 Convert the PSA crypto persistent storage tests to the new handle API
Switch from the direct use of slot numbers to handles allocated by
psa_allocate_key.

The general principle for each function is:
* Change `psa_key_slot_t slot` to `psa_key_handle_t handle` or
  `psa_key_id_t key_id` depending on whether it's used as a handle to
  an open slot or as a persistent name for a key.
* Call psa_create_key() before using a slot, instead of calling
  psa_set_key_lifetime to make a slot persistent.

Remove the unit test persistent_key_is_configurable which is no longer
relevant.
2018-12-11 16:48:13 +01:00
Gilles Peskine
bdf309ccdb Convert the PSA crypto cryptography tests to the new handle API
Switch from the direct use of slot numbers to handles allocated by
psa_allocate_key.

This commit does not affect persistent key tests except for the one
test function in test_suite_psa_crypto that uses persistent keys
(persistent_key_load_key_from_storage).

The general principle for each function is:
* Change `psa_key_slot_t slot` to `psa_key_handle_t handle`.
* Call psa_allocate_key() before setting the policy of the slot,
  or before creating key material in functions that don't set a policy.
* Some PSA_ERROR_EMPTY_SLOT errors become PSA_ERROR_INVALID_HANDLE
  because there is now a distinction between not having a valid
  handle, and having a valid handle to a slot that doesn't contain key
  material.
* In tests that use symmetric keys, calculate the max_bits parameters
  of psa_allocate_key() from the key data size. In tests where the key
  may be asymmetric, call an auxiliary macro KEY_BITS_FROM_DATA which
  returns an overapproximation. There's no good way to find a good
  value for max_bits with the API, I think the API should be tweaked.
2018-12-11 16:48:13 +01:00
Gilles Peskine
a8860b2990 Remove lifetime test functions
With the handle-based slot management interface, psa_set_key_lifetime
will no longer exist, so remove the corresponding unit tests.
2018-12-11 16:48:13 +01:00
Gilles Peskine
dc911fd594 Remove redundant slot-based test
fill_slots is superseded by many_transient_handles.
2018-12-11 16:48:13 +01:00
Gilles Peskine
a426168cbf Test that failure of import_key preserves metadata 2018-12-11 16:48:13 +01:00
Gilles Peskine
961849f6d1 Implement slot allocation
Implement psa_allocate_key, psa_open_key, psa_create_key,
psa_close_key.

Add support for keys designated to handles to psa_get_key_slot, and
thereby to the whole API.

Allocated and non-allocated keys can coexist. This is a temporary
stage in order to transition from the use of direct slot numbers to
allocated handles only. Once all the tests and sample programs have
been migrated to use handles, the implementation will be simplified
and made more robust with support for handles only.
2018-12-11 16:48:13 +01:00
Gilles Peskine
5ec7b078ea Add tests for the new slot management mechanism
Add unit tests for handle allocation and release.
2018-12-11 16:48:12 +01:00
Gilles Peskine
7f6e3a868a Change ASSERT_ALLOC to take a size in elements, not bytes
`ASSERT_ALLOC(p, length)` now allocates `length` elements, i.e.
`length * sizeof(*p)` bytes.
2018-12-11 16:48:12 +01:00
Manuel Pégourié-Gonnard
9b8ea89ae5 Fix a few style / whitespace issues 2018-12-11 12:28:56 +01:00
Manuel Pégourié-Gonnard
acfdc623d2 Fix test macro that was too lenient
Previously, one could change the definition of AES_VALIDATE_RET() to return
some other code than MBEDTLS_ERR_AES_BAD_INPUT_DATA, and the test suite
wouldn't notice. Now this modification would make the suite fail as expected.
2018-12-11 12:28:56 +01:00
Manuel Pégourié-Gonnard
44c5d58d05 Document AES functions and fix free() functions 2018-12-11 12:28:56 +01:00
Manuel Pégourié-Gonnard
a2b0e27378 Skip param validation tests if custom macro used
The test framework for validation of parameters depends on the macro
MBEDTLS_PARAM_FAILED() being set to its default value when building the
library. So far the test framework attempted to define this macro but this was
the wrong place - this definition wouldn't be picked by the library.

Instead, a different approach is taken: skip those tests when the macro is
defined in config.h, as in that case we have no way to know if it will indeed
end up calling mbedtls_param_failed() as we need it to.

This commit was tested by manually ensuring that aes_invalid_params:

- passes (and is not skipped) in the default configuration
- is skipped when MBEDTLS_PARAM_FAILED() is defined in config.h
2018-12-11 12:28:56 +01:00
Manuel Pégourié-Gonnard
3ef6a6dc5c Fix const-ness in mbedtls_param_failed()
The previous prototype gave warnings are the strings produced by #cond and
__FILE__ are const, so we shouldn't implicitly cast them to non-const.

While at it modifying most example programs:
- include the header that has the function declaration, so that the definition
  can be checked to match by the compiler
- fix whitespace
- make it work even if PLATFORM_C is not defined:
    - CHECK_PARAMS is not documented as depending on PLATFORM_C and there is
      no reason why it should
    - so, remove the corresponding #if defined in each program...
    - and add missing #defines for mbedtls_exit when needed

The result has been tested (make all test with -Werror) with the following
configurations:

- full with    CHECK_PARAMS with    PLATFORM_C
- full with    CHECK_PARAMS without PLATFORM_C
- full without CHECK_PARAMS without PLATFORM_C
- full without CHECK_PARAMS with    PLATFORM_C

Additionally, it has been manually tested that adding

    mbedtls_aes_init( NULL );

near the normal call to mbedtls_aes_init() in programs/aes/aescrypt2.c has the
expected effect when running the program.
2018-12-11 12:28:56 +01:00
Manuel Pégourié-Gonnard
8e661bf6a8 Fix arity of the PARAM_FAILED() macro and function
It was inconsistent between files: sometimes 3 arguments, sometimes one.

Align to 1 argument for the macro and 3 for the function, because:
- we don't need 3 arguments for the macro, it can add __FILE__ and __LINE__
  in its expansion, while the function needs them as parameters to be correct;
- people who re-defined the macro should have flexibility, and 3 arguments
  can give the impression they they don't have as much as they actually do;
- the design document has the macro with 1 argument, so let's stick to that.
2018-12-11 12:28:56 +01:00
Simon Butcher
249b3d6efe Remove use of the macro TEST_FN from the AES test suite
The TEST_FN macro is now redundant and no longer necessary.
2018-12-11 12:28:56 +01:00
Simon Butcher
6542f6c597 Change the use of setjmp/longjmp in parameter failure callback
Change the use of setjmp and longjmp in signalling parameter validation failures
when using the MBEDTLS_CHECK_PARAMS config.h option. This change allows
all calls which might result in a call to the parameter validation failure
handler to always be caught, even without use of the new macros, by placing a
setjmp() in the outer function which calls the test function, which the handler
can jump to.

This has several benefits:
    * it allows us to remove the clang compiler warning (-Wclobbered) caused
      by local auto variables being in the same function as the call to setjmp.
    * removes the need to wrap all function calls in the test functions with the
      TEST_ASSERT() macro. Now all parameter validation function calls should be
      caught.
2018-12-11 12:28:56 +01:00
Simon Butcher
747f5fe3e2 Add disabling of gcc 'clobbered' warning
With gcc, use of setjmp() was triggering warnings about use of auto variables
being clobbered.
2018-12-11 12:28:56 +01:00
Simon Butcher
a646345e3f Add additional parameter validation tests for the AES module
This adds additional tests to validate the AES module parameter validation
checks which are enabled using the MBEDTLS_CHECK_PARAMS option.
2018-12-11 12:28:56 +01:00
Jaeden Amero
fedb407a3f Merge remote-tracking branch 'upstream-public/pr/2208' into development 2018-12-07 16:16:04 +00:00
Jaeden Amero
52ed0b9030 Merge remote-tracking branch 'upstream-public/pr/2101' into development 2018-12-07 16:15:31 +00:00
Jaeden Amero
41722ec29e Merge remote-tracking branch 'upstream-public/pr/1958' into development 2018-12-06 15:53:56 +00:00
Janos Follath
36c5f7fe9b ECDH: Hide context from tests
The tests for the ECDH key exchange that use the context accessed it
directly. This can't work with the new context, where we can't make any
assumptions about the implementation of the context. This commit works
around this problem and comes with the cost of allocating an extra
structures on the stack when executing the test.

One of the tests is testing an older interface for the sake of backward
compatibility. The new ECDH context is not backward compatible and this
test doesn't make any sense for it, therefore we skip this test in
non-legacy mode.
2018-12-06 12:22:46 +00:00
Gilles Peskine
79e213cfc8 Don't include mbedtls/platform.h unconditionally
Programs must not include mbedtls/platform.h if MBEDTLS_PLATFORM_C is
not defined. Test suites don't need to include mbedtls/platform.h
because helpers.function takes care of it.

This commit also removes a stray `;` which is technically not standard C.
2018-12-04 12:25:40 +01:00
Jaeden Amero
5dfca1e1bd Update library version to 2.15.1 2018-12-01 18:44:29 +00:00
Janos Follath
fc03e8dfa9 ECDH: Adapt tests for mbedtls_ecdh_setup()
The recently added `mbedtls_ecdh_setup()` function is not used in the
tests yet. This commit adapts the tests to the new workflow.

Having done that, the old lifecycle is not tested anymore, so we add a
new test to ensure backward compatibility.
2018-11-30 14:09:57 +00:00