Ronald Cron
0e39ece23f
Merge pull request #5916 from yuhaoth/pr/tls13-refactor-get-sig-alg-from-pk
...
Refactor signature algorithm chooser
2022-07-04 09:10:08 +02:00
Manuel Pégourié-Gonnard
790ab52ee0
Merge pull request #5962 from gilles-peskine-arm/storage-format-doc-202206
...
Documentation about storage format compatibility
2022-07-01 12:21:17 +02:00
Ronald Cron
cb67e1a890
Merge pull request #5917 from gilles-peskine-arm/asn1write-0-fix
...
Improve ASN.1 write tests
2022-06-30 15:42:16 +02:00
Jerry Yu
a0bb906c9f
fix handshake_version test fail.
...
when both tls13 and tls12 are enabled, the
test will fail.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-06-29 16:16:09 +08:00
Gilles Peskine
d86abf2392
Merge pull request #5861 from wernerlewis/csr_subject_comma
...
Fix output of commas and other special characters in X509 DN values
2022-06-28 21:00:49 +02:00
Ronald Cron
585cd70d04
tests: ssl: Fix coverity deadcode issue
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-06-28 09:21:13 +02:00
Ronald Cron
b94854f8e3
Merge pull request #5973 from ronald-cron-arm/tls13-misc-tests
...
TLS 1.3: Enable and add tests
2022-06-28 09:15:17 +02:00
Gilles Peskine
5969a4b5e0
Don't call memcpy(NULL, 0) which has undefined behavior
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-27 23:59:53 +02:00
Dave Rodgman
f5b7082f6e
Merge pull request #5811 from polhenarejos/bug_x448
...
Fix order value for curve x448
2022-06-27 13:47:24 +01:00
Werner Lewis
9b0e940135
Fix case where final special char exceeds buffer
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-06-27 12:01:22 +01:00
Werner Lewis
31ecb9600a
Add tests for exceeded buffer size
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-06-27 11:23:43 +01:00
Werner Lewis
b33dacdb50
Fix parsing of special chars in X509 DN values
...
Use escape mechanism defined in RFC 1779 when parsing commas and other
special characters in X509 DN values. Resolves failures when generating
a certificate with a CSR containing a comma in subject value.
Fixes #769 .
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-06-27 11:19:50 +01:00
Ronald Cron
21a1b2d374
Enable "Sending app data" SSL unit tests for TLS 1.3
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-06-24 12:06:46 +02:00
Manuel Pégourié-Gonnard
93a7f7d7f8
Merge pull request #5954 from wernerlewis/x509_next_merged
...
Add mbedtls_x509_dn_get_next function
2022-06-24 09:59:22 +02:00
Werner Lewis
3e5585b45d
Replace TEST_ASSERT macro uses
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-06-23 15:12:10 +01:00
Werner Lewis
ac80a66395
Reduce buffer sizes to expected size
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-06-23 15:11:50 +01:00
Przemek Stekiel
0c9e74bd55
Remove mbedtls_psa_hkdf_expand() and mbedtls_psa_hkdf_extract() tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-21 07:22:33 +02:00
Gilles Peskine
76851ae3a6
Add warnings to test code and data about storage format stability
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-20 19:10:35 +02:00
Gilles Peskine
36aeb7f163
Merge pull request #5834 from mprse/HKDF_1
...
HKDF 1: PSA: implement HKDF_Expand and HKDF_Extract algorithms
2022-06-20 15:27:46 +02:00
Werner Lewis
12657cdcc6
Remove binary int use
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-06-20 11:57:35 +01:00
Werner Lewis
90c46c376b
Use consistent test case names
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-06-20 11:53:17 +01:00
Werner Lewis
b3acb053fb
Add mbedtls_x509_dn_get_next function
...
Allow iteration through relative DNs when X509 name contains multi-
value RDNs.
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-06-17 16:40:55 +01:00
Dave Rodgman
eb8570f174
Fix missing newline
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-06-17 14:59:36 +01:00
Dave Rodgman
5cab9dafb7
fix whitespace
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-06-17 13:48:29 +01:00
Dave Rodgman
57080461f7
Add test-case for checking curve order
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-06-17 13:42:40 +01:00
Gilles Peskine
6194053feb
ASN.1: test that we can parse what we can write
...
In asn1_write tests, when there's a parsing function corresponding to the
write function, call it and check that it can parse what we wrote.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-15 21:17:25 +02:00
Gilles Peskine
b7e215f6bc
Fix copypasta in test data
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-15 21:16:42 +02:00
Przemek Stekiel
6c9fd61565
exercise_key_agreement_key: add special handling for HKDF_EXPAND
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-14 14:41:42 +02:00
Gilles Peskine
2c2730a372
ASN.1 write tests: test with larger buffer
...
Test with the output buffer size up to *and including* the expected output
size plus one. `... < expected->len + 1` was evidently a mistake.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-10 20:15:44 +02:00
Gilles Peskine
321a08944b
Fix bug whereby 0 was written as 0200 rather than 020100
...
0200 is not just non-DER, it's completely invalid, since there has to be a
sign bit.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-10 20:13:33 +02:00
Gilles Peskine
c9a30fba74
Add MPI write tests when the MPI object has a leading zero limb
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-10 20:13:07 +02:00
Gilles Peskine
0ab804a794
Fix mismatch between test data and test description
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-10 20:12:25 +02:00
Gilles Peskine
d8579b7673
Uncomment mbedtls_asn1_write_mpi tests with leading 1 bit
...
mbedtls_asn1_write_mpi() correctly handles the sign bit, so there's no
reason not to test that it's handled correctly.
Fix copypasta in test data that was commented out.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-10 20:10:37 +02:00
Dave Rodgman
11930699f1
Merge pull request #5827 from wernerlewis/time_utc
...
Use ASN1 UTC tags for dates before 2000
2022-06-08 13:54:19 +01:00
Paul Elliott
5f2bc754d6
Merge pull request #5792 from yuhaoth/pr/add-tls13-moving-state-tests
...
Pr/add-tls13-moving-state-tests
2022-06-08 13:39:52 +01:00
Przemek Stekiel
b088a900f4
test_suite_psa_crypto_storage_format: disable KA(ECDH,HKDF_EXTRACT/EXPAND...) test cases
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-07 15:34:18 +02:00
Ronald Cron
00e5eaad62
test: ssl: Remove more TLS 1.2 dependencies in handshake state tests
...
That way the concerned tests are also run in the
TLS 1.3 only configuration where a TLS 1.3
handshake is performed.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-06-07 11:14:01 +02:00
Ronald Cron
bdddaef9bb
test: ssl: Enable client authentication in handshake state tests
...
The endpoint initialization function was setting up
a certificate but the client certificate was not
used because client authentication was not enabled
(not enabled in the default SSL server configuration).
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-06-07 11:13:49 +02:00
Dave Rodgman
4b55a89327
Merge pull request #5887 from tom-daubney-arm/mbedtls_x509_crt_ext_types_accessor
...
Add accessor for x509 certificate extension types
2022-06-06 21:51:38 +01:00
Thomas Daubney
5c9c2ce86d
Add correct test dependencies
...
Functions called within the test mean that MBEDTLS_X509_CRT_PARSE_C
is a test dependency and so is declared in this commit.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-06-06 16:36:43 +01:00
Thomas Daubney
a5f39e0ec2
Move accessor definition
...
Move the definition of the accessor so that it is not defined
within the MBEDTLS_X509_CRT_WRITE_C guards. Thus remove the
dependency from the test and test cases.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-06-06 15:42:32 +01:00
Przemek Stekiel
66867731aa
derive_output tests: fix output key length to be consistent with teh description
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-06 11:26:02 +02:00
Przemek Stekiel
cde3f783f5
Make info valid only after secret for HKDF-EXPAND + adapt tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-06 11:26:02 +02:00
Przemek Stekiel
0586f4c4ea
Make salt mandatory for HKDF-EXTRACT + adapt tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-06 11:25:43 +02:00
Jerry Yu
6994e3e0c2
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-06-06 11:50:49 +08:00
Przemek Stekiel
0e99391afe
derive_output test: fix output key bit length
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-03 16:18:15 +02:00
Przemek Stekiel
3e8249cde0
Add PSA_WANT_ALG_HKDF_EXPAND, PSA_WANT_ALG_HKDF_EXTRACT, adapt code and dependencies
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-03 16:18:15 +02:00
Przemek Stekiel
f0f0bd068b
test_suite_psa_crypto_metadata: add test cases for the HKDF-Extract/Expand algorithms
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-03 16:18:15 +02:00
Werner Lewis
acd01e58a3
Use ASN1 UTC tags for dates before 2000
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-06-01 16:24:28 +01:00
Jerry Yu
f2d32e6c3d
fix tls13_only test fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-06-01 18:05:18 +08:00