AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
17,295 Commits 1 Branch 0 Tags 61 MiB
5977bc9e39
Commit Graph

3495 Commits

Author SHA1 Message Date
Paul Elliott
71b0567c87 Merge remote-tracking branch 'upstream/development' into psa-m-aead-merge 
Also fiixed the following merge problems:

crypto_struct.h   : Added MBEDTLS_PRIVATE to psa_aead_operation_s
                    members (merge conflict)
psa_crypto_aead.c : Added ciphertext_length to mbedtls_gcm_finish
                    call (change of API during development)

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-24 11:18:13 +01:00
Paul Elliott
3db0b70263 Remove unnecessary test steps 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:18 +01:00
Paul Elliott
88ecbe176d Test generated nonce test generates expected sizes 
(But only in the positive test cases)

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
Paul Elliott
2c363a802a Add NULL / 0 buffer tests for update test 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
Paul Elliott
fbb4c6d9a2 Replace AEAD operation init func with macro 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
Paul Elliott
a2a09b096c Remove double initialisation of AEAD operation 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
Paul Elliott
bb979e7748 Rename enum types 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
Paul Elliott
bdc2c68d97 Add missing not setting nonce tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
Paul Elliott
3ecdb3e308 Change test dependencys to PSA_WANT 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
Gilles Peskine
f0f2294f57
Merge pull request #4708 from mstarzyk-mobica/ccm_chunked 
Ccm chunked - enable multipart CCM in PSA
 2021-09-21 13:46:52 +02:00
Gilles Peskine
93cb6111ba
Merge pull request #4878 from SiliconLabs/remove_dependency_4877 
Remove dependency of built-in keys on storage
 2021-09-20 22:20:16 +02:00
Paul Elliott
64555bd98c Add missing initialisation to setup test. 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-20 18:47:28 +01:00
Paul Elliott
4a760882bb Fix leaked test buffer 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-20 09:43:46 +01:00
Paul Elliott
6043e49039 Fix missed documentation header pt 2 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-20 09:43:46 +01:00
Paul Elliott
8eec8d4436 Fix missed documentation header 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 22:39:06 +01:00
Paul Elliott
f94bd99368 Add missing aead state tests. 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
5221ef638a Add aead setup tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
1c67e0b38c Add extra verify edge test cases 
Add ability to pass NULL tag buffer (with length zero)

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
9961a668bd Remove negative tests from multipart_decrypt 
Multipart decrypt now always expects positive result (i.e. the plaintext
that is passed in). Added new test that expects fail, and does no
multipart versions and concentrates on aead_verify.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
fd0c154ce3 Add tests to oversend data/ad when lengths set 
Previous tests only tested when the expected lengths were set to zero.
New test sends all data/ad then goes over by one byte.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
ce2c1faf1a Remove uneccesary postive buffer size tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
6a60b12ef9 Make buffer size checks +-1 from correct size 
i.e Check correct buffer size +1 and correct buffer size -1 (where
applicable) to check too big and too small cases, and hopefully catch
edge cases.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
a3d153f928 Make nonce based test descriptions more clear 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
f38adbe558 Ensure tests expected to fail actually fail 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
e49fe45478 Remove unneccesary nesting 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
4e4d71a838 Move hidden logic into loop 'for' statement 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
33746aac32 Convert set lengths options over to enum 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
9454cfa911 Remove unneccesary safety check in test 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
6bfd0fbbc6 Convert all uint32_t lengths over to size_t 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
5a9642ff28 Correct switched blocks for output sizes 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
719c1324a1 Add tag buffer size tests to finish buffer tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
e58cb1e0cf Aligh finish_buffer_test vars with PSA standard 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
4023ffd275 Re-add option of NULL buffer for nonce tests 
NULL/zero length or valid buffer/zero length both now tested

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
e64deda873 Add missing check to multipart decrypt 
Ensure that the test actually does something, rather than skipping both
parts, also add comment to this effect.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Ronald Cron
133740b74e tests: Improve incomplete then overflow tests 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-09-17 09:38:07 +02:00
Archana
9d17bf4215
Styling and refactoring 
Signed-off-by: Archana <archana.madhavan@silabs.com>
 2021-09-10 07:16:08 +05:30
Archana
9a2b6ff8f2
Fix test vector dependency 
Fix opaque key test vector dependency to PSA_CRYPTO_DRIVER_TEST
instead of MBEDTLS_PSA_CRYPTO_DRIVERS while validating with
test drivers.

Signed-off-by: Archana <archana.madhavan@silabs.com>
 2021-09-09 12:32:16 +05:30
Archana
a316b7e42b
Rebase and update signature for curve448 tests 
Also include the opaque test cases for curve448 vectors.

Signed-off-by: Archana <archana.madhavan@silabs.com>
 2021-09-09 10:11:02 +05:30
Archana
74d99c6bfc
Add a test to validate copy to read only lifetime 
Signed-off-by: Archana <archana.madhavan@silabs.com>
 2021-09-09 10:11:02 +05:30
Archana
8a180368fb
Add opaque test driver support for copy key 
A minimal test driver extension is added to support
copy of opaque keys within the same location.
Test vector support is extended to cover opaque keys.

Signed-off-by: Archana <archana.madhavan@silabs.com>
 2021-09-08 22:04:07 +05:30
Archana
4d7ae1d8cf
Add test driver support for opaque key import 
-Add test driver support to import/export while wrapping keys
 meant to be stored in the PSA core as opaque( emulating an
 SE without storage ).
-Export validate_unstructured_key_bit_size as
 psa_validate_unstructured_key_bit_size, thereby changing its scope.
-Improve the import/export test cases in test_suite_psa_crypto to also
 cover opaque keys, thereby avoiding duplication.

Signed-off-by: Archana <archana.madhavan@silabs.com>
 2021-09-08 22:03:54 +05:30
Mateusz Starzyk
83e4c1270a Add CCM tests for passing unexpected input. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-09-06 12:09:34 +02:00
Mateusz Starzyk
efec38bb29 Extend CCM corner cases tests. 
Add tests covering skipped update() or update_ad()
for empty plaintext/ciphertext and empty auth data.

Test vector for P=0, A=0 generated using python's
cryptography.hazmat library.

Python script used for test vector generation:
```
import os
from cryptography.hazmat.primitives.ciphers.aead import AESCCM

def encrypt(key, iv, plaintext, associated_data):

    key = bytes.fromhex(key)
    iv = bytes.fromhex(iv)
    plaintext = bytes.fromhex(plaintext)
    associated_data = bytes.fromhex(associated_data)

    aesccm = AESCCM(key)
    ct = aesccm.encrypt(iv, plaintext, associated_data)
    return ct.hex()

def decrypt(key, associated_data, iv, ciphertext):

    key = bytes.fromhex(key)
    associated_data = bytes.fromhex(associated_data)
    iv = bytes.fromhex(iv)
    ciphertext = bytes.fromhex(ciphertext)

    aesccm = AESCCM(key)
    pt = aesccm.decrypt(iv, ciphertext, associated_data)
    return pt.hex()

key = "54caf96ef6d448734700aadab50faf7a"
plaintext = ""
iv = "a3803e752ae849c910d8da36af"
aad = ""

encrypted = encrypt(key, iv, plaintext, aad)

print(f"key: {key}")
print(f"iv: {iv}")
print(f"encrypted: {encrypted}")

print("--------------------------------------")

decrypted = decrypt(
    key,
    aad,
    iv,
    encrypted
)

print(f"decrypted: {decrypted}")
```

Results:
```
key: 54caf96ef6d448734700aadab50faf7a
iv: a3803e752ae849c910d8da36af
encrypted: eba8347baa6d61f87b67c2dd7c6d2053
--------------------------------------
decrypted:
```

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-09-06 12:09:34 +02:00
Mateusz Starzyk
cd975e4645 Extend CCM corner cases tests. 
Add tests for passing incomplete input data in
the first call and too much data in the second call.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-09-06 12:09:33 +02:00
Mateusz Starzyk
3050f054f2 Subtract 1 from input in CCM's incomplete data tests 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-09-03 12:59:44 +02:00
Mateusz Starzyk
df2507301b Use AES-128 for multipart CCM corner cases tests 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-09-02 12:36:02 +02:00
Paul Elliott
b0450febe6 Tests for sending too much data after set lengths 
We previously had tests for not sending enough (additional) data, but
were missing tests for sending too much. I have added these to the state
tests, as I don't think this is complex enough to deserve a standalone
test.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-01 15:09:15 +01:00
Paul Elliott
7f62842247 Add test for calling update when nonce not set 
Previously only testing calling update_ad in this state.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-01 15:09:15 +01:00
Paul Elliott
c6d11d02f5 Aligh update buffer test variables with psa naming 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-01 15:09:15 +01:00
Mateusz Starzyk
7251eda6ff Replace BAD_SEQUENCE error with BAD_INPUT 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-09-01 13:26:44 +02:00