Ron Eldor
17233f5a5c
Increase okm_hex buffer to contain null character
...
Add an additional byte for the `okm_hex` buffer, to assure
it is null-terminated in case `okm` is 128 bytes long.
2019-01-28 15:18:15 +02:00
Ron Eldor
bc93219f66
Minor modifications to hkdf test
...
1. Fix comment grammar.
2. Rename `okm_string` to `okm_hex`.
2019-01-28 15:07:55 +02:00
Ron Eldor
1a3a7e5fc7
Add explanation for okm_string size
...
Add explanation for why the size of `okm_string` buffer
is twice as `okm` buffer.
2019-01-28 15:01:53 +02:00
Hanno Becker
8d865dfe37
PSA: Adapt PK test suite to new key policy initialization API
2019-01-25 14:25:16 +00:00
Hanno Becker
353295ac70
PSA: Adapt PK test suite to modified key slot allocation mechanism
2019-01-25 14:25:00 +00:00
Antonin Décimo
36e89b5b71
Fix #2370 , minor typos and spelling mistakes
2019-01-24 10:37:40 +01:00
Simon Butcher
8e763329ad
Merge remote-tracking branch 'public/pr/2040' into development
2019-01-23 10:28:25 +01:00
Simon Butcher
38cb940692
Merge remote-tracking branch 'public/pr/2231' into development
2019-01-23 10:20:08 +01:00
Simon Butcher
6944e05956
Merge remote-tracking branch 'public/pr/2232' into development
2019-01-08 15:33:28 +00:00
Simon Butcher
012a06cbf6
Merge remote-tracking branch 'public/pr/2228' into development
2019-01-08 15:26:58 +00:00
Andrzej Kurek
2349c4db88
Adapt to the new key allocation mechanism
2019-01-08 09:36:01 -05:00
Simon Butcher
6c164e754b
Update the version of the library to 2.16.0
2018-12-21 10:51:51 +00:00
Simon Butcher
ad7c2105a2
Merge remote-tracking branch 'public/pr/2274' into development
2018-12-20 12:16:57 +00:00
Simon Butcher
12b4240300
Merge remote-tracking branch 'public/pr/2288' into development
2018-12-20 12:16:46 +00:00
Simon Butcher
c831193c85
Merge remote-tracking branch 'public/pr/2302' into development
2018-12-20 12:16:39 +00:00
Simon Butcher
1efda39f8a
Merge remote-tracking branch 'public/pr/2297' into development
2018-12-20 12:16:29 +00:00
Simon Butcher
5aa7809ac8
Merge remote-tracking branch 'public/pr/2275' into development
2018-12-20 12:15:19 +00:00
Simon Butcher
780cf189b0
Merge remote-tracking branch 'public/pr/2271' into development
2018-12-20 12:15:08 +00:00
Simon Butcher
032c037052
Merge remote-tracking branch 'public/pr/2270' into development
2018-12-20 12:04:13 +00:00
Simon Butcher
a033633bb0
Merge remote-tracking branch 'public/pr/2269' into development
2018-12-20 12:02:56 +00:00
Simon Butcher
70935a4001
Merge remote-tracking branch 'public/pr/2299' into development
2018-12-20 12:02:23 +00:00
Simon Butcher
003c0e032f
Merge remote-tracking branch 'public/pr/2292' into development
2018-12-20 12:02:17 +00:00
Simon Butcher
decf2f5c2c
Merge remote-tracking branch 'public/pr/2291' into development
2018-12-20 12:02:11 +00:00
Simon Butcher
65ce5dc981
Merge remote-tracking branch 'public/pr/2290' into development
2018-12-20 12:02:05 +00:00
Simon Butcher
ad2e0dae32
Merge remote-tracking branch 'public/pr/2283' into development
2018-12-20 12:01:58 +00:00
Simon Butcher
0bbf7f450d
Merge remote-tracking branch 'public/pr/2279' into development
2018-12-20 12:01:49 +00:00
Simon Butcher
962b7b17d5
Merge remote-tracking branch 'public/pr/2273' into development
2018-12-20 12:01:17 +00:00
Simon Butcher
6be67a6518
Merge remote-tracking branch 'public/pr/2281' into development
2018-12-20 12:01:09 +00:00
Simon Butcher
dac513e246
Merge remote-tracking branch 'public/pr/2282' into development
2018-12-20 12:01:04 +00:00
Simon Butcher
ccafd14fee
Merge remote-tracking branch 'public/pr/2276' into development
2018-12-20 12:00:57 +00:00
Simon Butcher
2a8d32c6c1
Merge remote-tracking branch 'public/pr/2287' into development
2018-12-20 12:00:50 +00:00
Gilles Peskine
743e3988dc
Avoid unused-variable warnings for str as well
...
The exact guard is FS_IO && PK_PARSE_C. Just keep it simple.
2018-12-20 12:29:48 +01:00
Gilles Peskine
88ca3a244e
Avoid unused-variable warnings in some configurations
2018-12-20 12:26:16 +01:00
Gilles Peskine
d6027119be
Fix dependencies on MBEDTLS_FS_IO
2018-12-20 12:15:41 +01:00
Hanno Becker
73b79841b2
Remove parameter validation for deprecated function in ECDSA module
2018-12-20 09:53:24 +00:00
k-stachowiak
dd63359dae
Add tests for valid NULL in ccm_free()
2018-12-19 19:02:39 +01:00
k-stachowiak
508bcd96db
Remove unneeded test for the CCM free function
2018-12-19 19:02:39 +01:00
k-stachowiak
26d365eb54
Add parameter validation for CCM
2018-12-19 19:02:39 +01:00
k-stachowiak
fb54360f8c
Prevent unused variable in some configurations
2018-12-19 18:34:21 +01:00
Gilles Peskine
6af45ec53e
PK: document context validity requirements
...
Document when a context must be initialized or not, when it must be
set up or not, and whether it needs a private key or a public key will
do.
The implementation is sometimes more liberal than the documentation,
accepting a non-set-up context as a context that can't perform the
requested information. This preserves backward compatibility.
2018-12-19 18:10:03 +01:00
k-stachowiak
a85edd9415
Split the unconditional and conditional parameter validation tests
2018-12-19 18:06:35 +01:00
Hanno Becker
f25ee7f79d
Fix parameter validation for mbedtls_mpi_lsb()
...
The MPI_VALIDATE_RET() macro cannot be used for parameter
validation of mbedtls_mpi_lsb() because this function returns
a size_t.
Use the underlying MBEDTLS_INTERNAL_VALIDATE_RET() insteaed,
returning 0 on failure.
Also, add a test for this behaviour.
2018-12-19 16:51:50 +00:00
Gilles Peskine
d54b97503b
pk parse: the password is optional
...
For mbedtls_pk_parse_key and mbedtls_pk_parse_keyfile, the password is
optional. Clarify what this means: NULL is ok and means no password.
Validate parameters and test accordingly.
2018-12-19 17:36:14 +01:00
k-stachowiak
516897a44a
Remove unnecessary parameter validation from the Cipher module
2018-12-19 17:34:58 +01:00
k-stachowiak
95070a8286
Make some cipher parameter validation unconditional
2018-12-19 17:34:58 +01:00
k-stachowiak
5b01f8b3ae
Add a new line at the end of the test data file
2018-12-19 17:34:13 +01:00
k-stachowiak
90b8d4a11e
Include static cipher functions in the parameter validation scheme
2018-12-19 17:34:13 +01:00
k-stachowiak
a539070f82
Make all parameter validation tests optional
2018-12-19 17:34:13 +01:00
Krzysztof Stachowiak
e0215d7869
Add Cipher module parameter validation
2018-12-19 17:34:13 +01:00
k-stachowiak
5fccb3edf3
Add tests for valid NULL in gcm_free()
2018-12-19 17:30:38 +01:00
k-stachowiak
8ffc92a1e8
Add parameter validation for the GCM module
2018-12-19 17:30:38 +01:00
Gilles Peskine
ee3cfec3cc
PK sign/verify: hash=NULL is ok if md_alg=0 and hash_len=0
2018-12-19 17:11:44 +01:00
Gilles Peskine
998fbfbe68
Properly test pk_write with an empty output buffer
...
This needs a real key to test properly.
2018-12-19 17:08:51 +01:00
Gilles Peskine
cc274c2ebf
Do run the valid parameters test function
2018-12-19 17:08:01 +01:00
Gilles Peskine
1f19fa6f62
PK: Fix free(NULL) in library and tests
...
free() functions are documented as no-ops on NULL. Implement and test
this correctly.
2018-12-19 14:18:39 +01:00
Hanno Becker
f947c0a2dd
Move testing of mbedtls_blowfish_free() to separate test case
...
It should be tested regardless of the setting of MBEDTLS_CHECK_PARAMS.
2018-12-19 12:52:59 +00:00
Hanno Becker
49acc64c69
Minor improvements to Blowfish documentation and tests
2018-12-19 12:52:59 +00:00
Hanno Becker
e38b4cd661
Test parameter validation for Blowfish module
2018-12-19 12:52:59 +00:00
Hanno Becker
0294072c09
Avoid unused variable warning in ARIA param validation test
2018-12-19 12:51:00 +00:00
Hanno Becker
14b91e8e22
Move testing of mbedtls_aria_free() to separate test
...
The test that mbedtls_aria_free() accepts NULL parameters
can be performed even if MBEDTLS_CHECK_PARAMS is unset, but
was previously included in the test case aria_invalid_params()
which is only executed if MBEDTLS_CHECK_PARAMS is set.
2018-12-19 12:51:00 +00:00
Hanno Becker
fac1d44d62
Fix style in ARIA parameter validation tests
2018-12-19 12:51:00 +00:00
Hanno Becker
b0de9f5b03
Test that mbedtls_aria_free() accepts NULL parameter
2018-12-19 12:51:00 +00:00
Hanno Becker
9e45c1607e
Test parameter validation for ARIA module
2018-12-19 12:51:00 +00:00
Hanno Becker
f1931760d8
Move test of mbedtls_camellia_free() to separate test
...
The acceptance of NULL should be tested regardless of the
setting of MBEDTLS_CHECK_PARAMS.
2018-12-19 12:47:55 +00:00
Hanno Becker
ff62f44ad7
Remove duplicated parameter check in CAMELLIA module
2018-12-19 12:47:55 +00:00
Hanno Becker
e939de7247
Minor fixes to Camellia parameter validation
2018-12-19 12:47:55 +00:00
Hanno Becker
75788371df
Test parameter validation for CAMELLIA module
2018-12-19 12:47:55 +00:00
Gilles Peskine
e146e7dbae
Don't use TEST_VALID_PARAM with a value
...
TEST_VALID_PARAM is only for functions that return void. This commit
fixes the build with clang -Wunused-comparison.
2018-12-19 13:21:22 +01:00
Hanno Becker
1959535038
Add parameter validation test for mbedtls_ecp_check_pub_priv()
2018-12-19 08:52:08 +00:00
Hanno Becker
549e455a42
Add parameter validation test for mbedtls_ecp_gen_privkey()
2018-12-19 08:52:02 +00:00
Hanno Becker
0a4fa9b1fb
Add parameter validation test for mbedtls_ecp_check_budget()
2018-12-19 08:51:58 +00:00
Hanno Becker
807c107c3c
Fix typos in ECP test suite
2018-12-19 08:51:55 +00:00
Simon Butcher
54b789aa74
Merge remote-tracking branch 'public/pr/2298' into development
2018-12-19 08:08:14 +00:00
Gilles Peskine
78438e4109
Test parameter validation for pk, pkparse and pkwrite
2018-12-19 00:55:47 +01:00
Hanno Becker
59274d43cb
Remove unnecessary call to mbedtls_mpi_free() in MPI tests
2018-12-18 23:27:03 +00:00
Hanno Becker
b48e1aa846
Add separate test for mbedtls_mpi_free() accepting NULL
2018-12-18 23:25:01 +00:00
Hanno Becker
e118504a5f
Numerous minor improvements to bignum documentation
2018-12-18 18:12:13 +00:00
Hanno Becker
56b661cbf8
Add test that mbedtls_mpi_free() accepts NULL parameter
2018-12-18 18:12:13 +00:00
Hanno Becker
afb607b9db
Add tests for parameter validation in MPI module
2018-12-18 18:12:13 +00:00
Hanno Becker
d22df58a56
Add missing guards around SHA-1 tests
2018-12-18 17:02:03 +00:00
Hanno Becker
adc9b178ca
Minor improvements to DHM module
2018-12-18 16:59:09 +00:00
Hanno Becker
8c8a93c574
Test parameter validation for DHM module
2018-12-18 16:59:09 +00:00
Hanno Becker
4fbd4bf442
Fix guard in SHA-512 tests
2018-12-18 16:37:43 +00:00
Hanno Becker
36beb04fd5
Add tests or SHA-256 parameter validation
2018-12-18 16:31:06 +00:00
Hanno Becker
686c9a0e8d
Test SHA-512 parameter validation
2018-12-18 15:33:14 +00:00
Hanno Becker
a994b2379f
Test that xxx_free() functions accept NULL parameter
2018-12-18 15:30:30 +00:00
Hanno Becker
ae2ff02ff1
Add tests for ChaChaPoly parameter validation
...
Parameter validation was previously performed and tested unconditionally
for the ChaCha/Poly modules. This commit therefore only needs go guard the
existing tests accordingly and use the appropriate test macros for parameter
validation.
2018-12-18 15:30:30 +00:00
Hanno Becker
af05a90349
Test parameter validation in ECDSA module
2018-12-18 14:31:50 +00:00
Hanno Becker
491db772c3
Test parameter validation for ECJPAKE module
2018-12-18 14:31:18 +00:00
Hanno Becker
4c818483b2
Test parameter validation for ECDH module
2018-12-18 14:30:39 +00:00
Hanno Becker
b06f193d73
Add missing cases to RSA parameter validation test
2018-12-18 14:05:20 +00:00
Hanno Becker
05cf6dabb8
Add missing test for mbedtls_rsa_pkcs1_sign()
2018-12-18 13:38:05 +00:00
Hanno Becker
f04d923834
Test mbedtls_rsa_gen_key() with NULL ctx/RNG separately
2018-12-18 13:38:05 +00:00
Hanno Becker
71cd6c7ba9
Remove duplicate test in RSA parameter validation test
2018-12-18 13:38:05 +00:00
Hanno Becker
a7ee00225b
Test mbedtls_rsa_init() with invalid padding
2018-12-18 13:38:05 +00:00
Hanno Becker
046d2024c5
Test parameter validation for RSA module
2018-12-18 13:38:05 +00:00
Hanno Becker
57b684f9d1
Add separate test for xxx_free() functions in ECP module
2018-12-18 13:00:48 +00:00
Hanno Becker
12dff0352b
Test parameter validation for ECP module
2018-12-18 13:00:48 +00:00
Manuel Pégourié-Gonnard
488d9309fc
Fix unused param warnings in test function
2018-12-18 13:05:49 +01:00
Hanno Becker
0e24473b94
Test parameter validation in SHA-1 module
2018-12-18 11:37:28 +00:00
Manuel Pégourié-Gonnard
e55e103bfe
Fix off-by-one in iv_off check and add tests
2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
ab6b9758d6
Improve constant naming in test functions
2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
2bc535be86
Add parameter validation for AES-CTR
2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
8e41eb7187
Add parameter validation for AES-OFB
2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
1677cca54b
Add parameter validation for AES-CFB functions
2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
191af1313a
Add param validation for mbedtls_aes_crypt_xts()
2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
3178d1a997
Add param validation for mbedtls_aes_crypt_cbc()
2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
1aca260571
Add parameter validation for mbedtls_aes_crypt_ecb()
2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
68e3dff3f1
Add parameter validation XTS setkey functions
2018-12-18 12:22:40 +01:00
Manuel Pégourié-Gonnard
af0c6cb9e0
Fix missing guard on XTS function in tests
2018-12-18 12:02:52 +01:00
Hanno Becker
6640b0d9a3
Undo deprecation of MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH
2018-12-18 09:53:14 +00:00
Hanno Becker
938f9e9bdb
Undo deprecation of MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH
...
Merging MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH and
MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH is an API break.
2018-12-18 09:50:57 +00:00
Hanno Becker
d2f3a00062
Introduce single BLOWFISH error code for bad input data
...
Deprecate the old specific error codes
* MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH
* MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH
2018-12-17 13:26:37 +00:00
Hanno Becker
4c029d09be
Introduce single CAMELLIA error code for bad input data
...
Deprecate the old specific error codes
* MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH
* MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH
2018-12-17 13:26:33 +00:00
Manuel Pégourié-Gonnard
e7306d30a9
Improve some documentation and ChangeLog entry
2018-12-13 09:45:49 +01:00
Manuel Pégourié-Gonnard
a4251f4775
Test aes_free( NULL ) unconditionally
2018-12-12 12:04:51 +01:00
Manuel Pégourié-Gonnard
54e7f312d3
Make TEST_VALID_PARAM() available unconditionally
2018-12-12 11:56:09 +01:00
Manuel Pégourié-Gonnard
aae10fa427
Fix some whitespace issues
2018-12-12 10:24:19 +01:00
Manuel Pégourié-Gonnard
cd2b29cd12
Improve wording in documentation and ChangeLog
2018-12-12 10:23:57 +01:00
Manuel Pégourié-Gonnard
9b8ea89ae5
Fix a few style / whitespace issues
2018-12-11 12:28:56 +01:00
Manuel Pégourié-Gonnard
acfdc623d2
Fix test macro that was too lenient
...
Previously, one could change the definition of AES_VALIDATE_RET() to return
some other code than MBEDTLS_ERR_AES_BAD_INPUT_DATA, and the test suite
wouldn't notice. Now this modification would make the suite fail as expected.
2018-12-11 12:28:56 +01:00
Manuel Pégourié-Gonnard
44c5d58d05
Document AES functions and fix free() functions
2018-12-11 12:28:56 +01:00
Manuel Pégourié-Gonnard
a2b0e27378
Skip param validation tests if custom macro used
...
The test framework for validation of parameters depends on the macro
MBEDTLS_PARAM_FAILED() being set to its default value when building the
library. So far the test framework attempted to define this macro but this was
the wrong place - this definition wouldn't be picked by the library.
Instead, a different approach is taken: skip those tests when the macro is
defined in config.h, as in that case we have no way to know if it will indeed
end up calling mbedtls_param_failed() as we need it to.
This commit was tested by manually ensuring that aes_invalid_params:
- passes (and is not skipped) in the default configuration
- is skipped when MBEDTLS_PARAM_FAILED() is defined in config.h
2018-12-11 12:28:56 +01:00
Manuel Pégourié-Gonnard
3ef6a6dc5c
Fix const-ness in mbedtls_param_failed()
...
The previous prototype gave warnings are the strings produced by #cond and
__FILE__ are const, so we shouldn't implicitly cast them to non-const.
While at it modifying most example programs:
- include the header that has the function declaration, so that the definition
can be checked to match by the compiler
- fix whitespace
- make it work even if PLATFORM_C is not defined:
- CHECK_PARAMS is not documented as depending on PLATFORM_C and there is
no reason why it should
- so, remove the corresponding #if defined in each program...
- and add missing #defines for mbedtls_exit when needed
The result has been tested (make all test with -Werror) with the following
configurations:
- full with CHECK_PARAMS with PLATFORM_C
- full with CHECK_PARAMS without PLATFORM_C
- full without CHECK_PARAMS without PLATFORM_C
- full without CHECK_PARAMS with PLATFORM_C
Additionally, it has been manually tested that adding
mbedtls_aes_init( NULL );
near the normal call to mbedtls_aes_init() in programs/aes/aescrypt2.c has the
expected effect when running the program.
2018-12-11 12:28:56 +01:00
Manuel Pégourié-Gonnard
8e661bf6a8
Fix arity of the PARAM_FAILED() macro and function
...
It was inconsistent between files: sometimes 3 arguments, sometimes one.
Align to 1 argument for the macro and 3 for the function, because:
- we don't need 3 arguments for the macro, it can add __FILE__ and __LINE__
in its expansion, while the function needs them as parameters to be correct;
- people who re-defined the macro should have flexibility, and 3 arguments
can give the impression they they don't have as much as they actually do;
- the design document has the macro with 1 argument, so let's stick to that.
2018-12-11 12:28:56 +01:00
Simon Butcher
249b3d6efe
Remove use of the macro TEST_FN from the AES test suite
...
The TEST_FN macro is now redundant and no longer necessary.
2018-12-11 12:28:56 +01:00
Simon Butcher
6542f6c597
Change the use of setjmp/longjmp in parameter failure callback
...
Change the use of setjmp and longjmp in signalling parameter validation failures
when using the MBEDTLS_CHECK_PARAMS config.h option. This change allows
all calls which might result in a call to the parameter validation failure
handler to always be caught, even without use of the new macros, by placing a
setjmp() in the outer function which calls the test function, which the handler
can jump to.
This has several benefits:
* it allows us to remove the clang compiler warning (-Wclobbered) caused
by local auto variables being in the same function as the call to setjmp.
* removes the need to wrap all function calls in the test functions with the
TEST_ASSERT() macro. Now all parameter validation function calls should be
caught.
2018-12-11 12:28:56 +01:00
Simon Butcher
747f5fe3e2
Add disabling of gcc 'clobbered' warning
...
With gcc, use of setjmp() was triggering warnings about use of auto variables
being clobbered.
2018-12-11 12:28:56 +01:00
Simon Butcher
a646345e3f
Add additional parameter validation tests for the AES module
...
This adds additional tests to validate the AES module parameter validation
checks which are enabled using the MBEDTLS_CHECK_PARAMS option.
2018-12-11 12:28:56 +01:00
Jaeden Amero
fedb407a3f
Merge remote-tracking branch 'upstream-public/pr/2208' into development
2018-12-07 16:16:04 +00:00
Jaeden Amero
52ed0b9030
Merge remote-tracking branch 'upstream-public/pr/2101' into development
2018-12-07 16:15:31 +00:00
Jaeden Amero
41722ec29e
Merge remote-tracking branch 'upstream-public/pr/1958' into development
2018-12-06 15:53:56 +00:00
Janos Follath
36c5f7fe9b
ECDH: Hide context from tests
...
The tests for the ECDH key exchange that use the context accessed it
directly. This can't work with the new context, where we can't make any
assumptions about the implementation of the context. This commit works
around this problem and comes with the cost of allocating an extra
structures on the stack when executing the test.
One of the tests is testing an older interface for the sake of backward
compatibility. The new ECDH context is not backward compatible and this
test doesn't make any sense for it, therefore we skip this test in
non-legacy mode.
2018-12-06 12:22:46 +00:00
Jaeden Amero
5dfca1e1bd
Update library version to 2.15.1
2018-12-01 18:44:29 +00:00
Janos Follath
fc03e8dfa9
ECDH: Adapt tests for mbedtls_ecdh_setup()
...
The recently added `mbedtls_ecdh_setup()` function is not used in the
tests yet. This commit adapts the tests to the new workflow.
Having done that, the old lifecycle is not tested anymore, so we add a
new test to ensure backward compatibility.
2018-11-30 14:09:57 +00:00
Simon Butcher
51b8a2fa87
Merge remote-tracking branch 'restricted/pr/512' into development
2018-11-29 16:56:02 +00:00
Simon Butcher
658618b6b2
Merge remote-tracking branch 'restricted/pr/516' into development
2018-11-29 16:53:51 +00:00
Andres Amaya Garcia
687d6739b2
Fix resource leak of file desc in test code
2018-11-26 21:23:28 +00:00
Gilles Peskine
d919993b76
CTR_DRBG: deprecate mbedtls_ctr_drbg_update because it ignores errors
...
Deprecate mbedtls_ctr_drbg_update (which returns void) in favor of a
new function mbedtls_ctr_drbg_update_ret which reports error.
2018-11-26 19:26:00 +01:00
Ron Eldor
d5062dedeb
Add conditional dependency to tests
...
Add a way to check compile time defionitions values, for determining
whether to skip tests.
2018-11-26 14:23:14 +02:00
Ron Eldor
6dbb9aabf8
Test AD too long only when CCM_ALT not defined
...
Since the AD too long is a limitation on Mbed TLS,
HW accelerators may support this. Run the test for AD too long,
only if `MBEDTLS_CCM_ALT` is not defined.
Addresses comment in #1996 .
2018-11-25 10:31:53 +02:00
Simon Butcher
60ee838a8a
Merge remote-tracking branch 'public/pr/2224' into development-psa-proposed
2018-11-23 21:18:32 +00:00
Simon Butcher
ebeb6cb446
Update library version to 2.15.0
2018-11-23 14:18:15 +00:00
Hanno Becker
4ae8b497c0
Merge branch 'iotssl-2578-psa-sig-verification' into development-psa-proposed
2018-11-23 11:37:00 +00:00
Hanno Becker
f8b5f27bce
Merge branch 'psa_cipher' into development-psa-proposed
2018-11-23 11:18:02 +00:00
Andrzej Kurek
967cfd18fd
Remove trailing whitespace
2018-11-22 12:05:08 -05:00
Andrzej Kurek
4b11407258
Cosmetic changes
...
Adjust whitespaces, reduce test dependencies and reduce buffer size passed by 1.
2018-11-22 12:05:08 -05:00
Andrzej Kurek
5f7bad34bb
Add CSR write testing using opaque keys
...
Parse and verify CSR programatically instead of using predetermined data,
to not tamper with randomness in tests.
2018-11-22 12:05:08 -05:00
Manuel Pégourié-Gonnard
2baae9ef71
Add tests for ECDSA verify with short r, s values
...
This is intended to test transcoding the signature to the format expected by
PSA (fixed-length encoding of r, s) when r and s have respectively:
- full length with initial null byte
- full length without initial null byte
- non-full length with initial null byte
- non-full length without initial null byte
The signatures were generated using:
programs/pkey/pk_sign tests/data_files/server5.key foo
where foo is an empty file, and with a variant of one of the following patches
applied:
diff --git a/library/ecdsa.c b/library/ecdsa.c
index abac015cebc6..e4a27b044516 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -305,7 +305,9 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
goto cleanup;
}
+ printf("\ngenerating r...\n");
+gen:
MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) );
#if defined(MBEDTLS_ECP_RESTARTABLE)
@@ -317,6 +319,11 @@ mul:
MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &R, pk, &grp->G,
f_rng, p_rng, ECDSA_RS_ECP ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pr, &R.X, &grp->N ) );
+
+ size_t bits = mbedtls_mpi_bitlen( pr );
+ printf("%zu ", bits);
+ if( bits != 255 )
+ goto gen;
}
while( mbedtls_mpi_cmp_int( pr, 0 ) == 0 );
or:
diff --git a/library/ecdsa.c b/library/ecdsa.c
index abac015cebc6..d704376e0c42 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -305,7 +305,9 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
goto cleanup;
}
+ printf("\ngenerating r...\n");
+gen:
MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) );
#if defined(MBEDTLS_ECP_RESTARTABLE)
@@ -353,6 +355,11 @@ modn:
MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, pk, &grp->N ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) );
+
+ size_t bits = mbedtls_mpi_bitlen( s );
+ printf("%zu ", bits);
+ if( bits != 247 )
+ goto gen;
}
while( mbedtls_mpi_cmp_int( s, 0 ) == 0 );
with the value edited manually between each run to get the desired bit length.
2018-11-22 11:17:37 -05:00
Andrzej Kurek
c05ec9f39c
pk_wrap: test if a valid md_alg is passed to ecdsa_verify_wrap
...
Adjust tests to pass a valid algorithm
2018-11-22 11:17:37 -05:00