Commit graph

15105 commits

Author SHA1 Message Date
Dave Rodgman d6ee36ed04
Merge pull request #4110 from gilles-peskine-arm/psa-external-random-in-mbedtls
Expose the PSA RNG in mbedtls
2021-02-22 14:47:29 +00:00
Gilles Peskine bd21b18a1f
Merge pull request #4126 from gilles-peskine-arm/ccm-test-iv-overflow-warning
Silence gcc-10 warning in test_suite_ccm
2021-02-20 00:12:21 +01:00
David Brown 5fd5747402 Add missing header to cpp_dummy_build.cpp test
Part of build_default_make_gcc_and_cxx compares the list of headers
included by `programs/test/cpp_dummy_build.cpp` and the actual headers
present.  Add in the missing `mbedtls/psa_config.h` file to this list so
that this test passes.

Signed-off-by: David Brown <david.brown@linaro.org>
2021-02-19 14:19:51 -07:00
Ronald Cron a7ce0fca59
Merge pull request #4076 from gilles-peskine-arm/psa-test-enumerate-not-supported
Test case generation framework: PSA key-type-not-supported
2021-02-18 15:55:14 +01:00
Ronald Cron 17b3afcc33 tests: psa: Test sign/verify hash by a transparent driver
Test signature and signature verification by a transparent
driver in all.sh test_psa_crypto_config_basic and
test_psa_crypto_drivers components.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-18 15:45:12 +01:00
Ronald Cron 8d5645a858 tests: psa driver wrapper: Fix sign/verify unit test dependency
In test_suite_psa_crypto_driver_wrappers test suite, the
sign/verify tests with software fallback tests should be run
only if the software fallback is available.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-18 15:45:12 +01:00
Ronald Cron 4993c13cd3 tests: psa: Change test driver default forced return value
Change signature test driver default forced return
value from PSA_ERROR_NOT_SUPPORTED to PSA_SUCCESS to
be able to run the PSA unit tests with hash signature
and signature verification being handled by the
transparent test driver.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-18 15:45:12 +01:00
Ronald Cron b5399a8346 psa: Rework ECDSA sign/verify support in the transparent test driver
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-18 15:45:12 +01:00
Ronald Cron 8a494f3ebd psa: Post move adjustments to psa_sign/verify_hash_internal
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-18 15:45:12 +01:00
Ronald Cron 072722ccb0 psa: Move ECDSA sign/verify to PSA ECP specific file
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-18 15:45:12 +01:00
Ronald Cron d1cb91c603 psa: Change psa_ecdsa_sign/verify signature
Change psa_ecdsa_sign/verify signature to that of
a sign/verify_hash driver entry point before to
move them to the psa_crypto_ecp.c ECP specific file.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-18 15:45:12 +01:00
Ronald Cron d2fb85479a psa: Add RSA sign/verify hash support to the transparent test driver
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-18 15:45:06 +01:00
Gilles Peskine d75adfcb3b KeyType: do a sanity check on the key type expression
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 18:05:27 +01:00
Gilles Peskine f68a9cf1e7 Fix test code under MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:58:29 +01:00
Gilles Peskine 4fbffcd144 Do not require typing_extensions at runtime
There are type annotations that indirectly depend on the
typing_extensions module (on Python 3.5-3.7: Protocol was added to the
core typing module in 3.8). The typing_extensions module is not
installed by default, so the code didn't run on a pristine Python
installation.

To avoid depending on a non-default module, make the dependency on
typing_extensions optional. (It's still required to run mypy, but
installing mypy takes care of providing typing_extensions.) If it
isn't available, provide a substitute definition that's just good
enough to get the scripts to run.

Move this ugly code to its own module to avoid the temptation of
spreading such ugliness all over the place. It's likely to be used in
other modules anyway.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:58:29 +01:00
Gilles Peskine 0d241eda69 Remove trailing comma which is only supported since Python 3.6
It's a syntax error in Python 3.5 and we run that in our CI.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:58:29 +01:00
Gilles Peskine 79f2166c22 Fix test suite declarations for cmake
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:58:29 +01:00
Gilles Peskine fa3c69a60f Improve documentation of crypto_knowledge.KeyType
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:58:29 +01:00
Gilles Peskine d169d60319 Skip dependency symbols that are not implemented
A temporary hack: at the time of writing, not all dependency symbols
are implemented yet. Skip test cases for which the dependency symbols are
not available. Once all dependency symbols are available, this comit
should be reverted.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:58:29 +01:00
Gilles Peskine 60b29fea46 Define WANT symbols for always-supported key types
PSA_KEY_TYPE_RAW_DATA and PSA_KEY_TYPE_DERIVE are always supported.
Make this explicit by declaring PSA_WANT_KEY_TYPE_RAW_DATA and
PSA_WANT_KEY_TYPE_DERIVE unconditionally. This makes it easier to
infer dependencies in a systematic way.

Don't generate not-supported test cases for those key types. They
would always be skipped, which is noise and would make it impossible
to eventually validate that all test cases pass in at least one
configuration over the whole CI.

Don't remove the exception in set_psa_test_dependencies.py for now, to
get less noise in dependencies. This may be revised later if it is
deemed more important to be systematic.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:52 +01:00
Gilles Peskine 7f756876b9 Append the key size to ECC curve dependencies
ECC curve dependency symbols include the key size in addition to the
curve family. Tweak the dependencies once the key size is known.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine 342cc7c475 Declare the new (automatically generated) test data file
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine 7d112ae04c Check in test_suite_psa_crypto_not_supported.generated.data
This test data file is automatically generated. We could do that as
part of the build, since the only requirement is Python and we have a
requirement on Python to build tests anyway (to generate the .c file
from the .function file). However, committing the generating file into
the repository has less impact on build scripts, and will be necessary
for some of the files generated by generate_psa_tests.py (at least the
storage format stability tests, for which stability is guaranteed by
the fact that the generated file doesn't change). To keep things
simple, for now, let's commit all the files generated by
generate_psa_tests.py into the repository.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine 505cc641de Use the base name of the generating script, not the full path
Otherwise the generation is sensitive to trivial differences such as
running `tests/scripts/generate_psa_tests.py` vs
`./tests/scripts/generate_psa_tests.py` vs an absolute path.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine af1728442d Generate not-supported test cases: ECC key types
Add support for ECC key types to the generation of not-supported test
cases in generate_psa_tests.py. For each curve, generate test cases
both for when ECC isn't supported and for when the curve isn't
supported.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine 0ac258ed0b Don't consider secp192r1
SECP192R1 is declared in the PSA API specification, but it's an old
one that Mbed TLS doesn't support and even OpenSSL doesn't support.
We don't have test vectors for it. Just skip it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine 0cbaf056fa Add some randomly generated keys
RSA-1536:
```
openssl genrsa 1536 2>/dev/null | openssl rsa -outform DER -pubout |hexlify
```
then formatted manually.

ECC except Montgomery:
```
function e { openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:$1 -text |perl -0777 -pe 's/.*\npriv:([\n 0-9a-f:]*)pub:([\n 0-9a-f:]*).*/"$1","$2"/s or die; y/\n ://d; s/,/,\n              /;' |xsel -b; }
```

Curve448:
```
openssl genpkey -algorithm x448
```
then formatted manually.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine 6f6483f2d2 New module for key material for asymmetric key types
Asymmetric keys can't just be arbitrary byte strings: the public key
has to match the private key and the private key usually has
nontrivial constraints.

In order to have deterministic test data and not to rely on
cryptographic dependencies in the Python script, hard-code some test
keys.

In this commit, copy some test keys from test_suite_psa_crypto.data.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine 14e428f921 Generate not-supported test cases automatically: import, generate
For each declared key type, generate test cases for psa_import_key and
psa_generate_key when the corresponding type is not supported.

Some special cases:
* Public keys can never be generated.
* Omit key types that Mbed TLS does not support at all.
* ECC and FFDH, which depend on a curve/group, are not covered yet.

The generated test cases are written to
tests/suites/test_suite_psa_crypto_not_supported.generated.data .

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine 0994049614 New framework for generating PSA test cases automatically
This commit creates a script to generate test cases automatically
based on enumerating PSA key types, algorithms and other
classifications of cryptographic mechanisms.

Subsequent commits will implement the generation of test cases.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine 069346cdab New test suite for not-supported cases: key creation (import, generate)
To start with, test that key creation fails as intended when the key
type is not supported. This commit only covers psa_import_key and
psa_generate_key. A follow-up will cover psa_key_derivation_output_key.

My primary intent in creating this new test suite is to automatically
generate test cases by enumerating the key types and algorithms that
the library supports. But this commit only adds a few manually written
test cases, to get the ball rolling.

Move the relevant test cases of test_suite_psa_crypto.data that only
depend on generic knowledge about the API. Keep test cases that depend
more closely on the implementation, such as tests of non-supported key
sizes, in test_suite_psa_crypto.data.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:17 +01:00
Gilles Peskine 8ffb585659 New function to write a whole .data file
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Gilles Peskine db2f575c9d New Python module for generating Mbed TLS test cases
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Gilles Peskine 397b0287b1 Create sample key material for symmetric keys
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Gilles Peskine df63968c0c Enumerate sizes to test for each key type
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Gilles Peskine 0156a15190 Framework for knowledge about key types
New Python module intended to gather knowledge about key types and
cryptographic mechanisms, such as the ability to create test data for
a given key type and the determination of whether an algorithm is
compatible with a key type.

This commit just creates a class for knowledge about key types.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Gilles Peskine 8c8325bba9 Allow longer method names
Older versions of Pylint (<2.1.0) limited the names of various things
to 30 characters. We allowed up to 35 characters for method name due
to pre-existing identifiers.

Modern versions of Pylint no longer have an upper limit. Let's not be
pickier than Pylint's default configuration.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Gilles Peskine 0655b4f1e0 Check if the last word is 'MASK', not if it ends with 'MASK'
At the moment it makes no difference, but it could if e.g. a new
algorithm was called 'foomask'.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Gilles Peskine 13d60eb4fc MacroCollector: default to not including intermediate macros
By default, exclude macros whose numerical value is not a valid member
of the semantic type (e.g. PSA_ALG_xxx_BASE is not itself an
algorithm, only an intermediate value used to construct others). But
do include them with include_intermediate=True, which
generate_psa_constants.py does.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Gilles Peskine f8deb759ba Factor out is_internal_name as a separate method
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Gilles Peskine e7c445542d Move PSAMacroCollector to a module of its own
This will make it possible to use the class from other scripts.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Gilles Peskine 7bb85c2640 Separate the parsing and generation parts of MacroCollector
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-17 14:50:16 +01:00
Ronald Cron 58fd20c464
Merge pull request #4009 from d3zd3z/pr/psa-symm
PSA configs for symmetric crypto
2021-02-17 13:43:59 +01:00
Bence Szépkúti 7921cceec8 Fix typo in config_psa.h
The correct macro is PSA_WANT_ALG_CFB

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-02-17 11:47:40 +01:00
Ronald Cron 7bdbca33b2 psa: Move RSA sign/verify hash to the PSA RSA specific file
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-17 10:52:26 +01:00
Ronald Cron a99bcc0e17 psa: Change psa_rsa_sign/verify signature
Change psa_rsa_sign/verify signature to that of
a sign/verify_hash driver entry point before to
move them to the psa_crypto_rsa.c RSA specific file.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-17 10:52:26 +01:00
Ronald Cron fce9df2cad psa: Call sign/verify hash software implementation as a driver
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-17 10:52:24 +01:00
Ronald Cron 36f641bd16 psa: Export "internally" mbedtls_md_info_from_psa()
Export mbedtls_md_info_from_psa() from psa_crypto.c
to make it available to psa_crypto_rsa/ecp.c.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-17 10:51:46 +01:00
Ronald Cron 67b1eb309b psa: Export "internally" psa_sign/verify_hash_internal
Export psa_sign/verify_hash_internal from psa_crypto.c
to make it available to the driver wrapper.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-17 10:51:46 +01:00
Ronald Cron 9f17aa48c2 psa: Change psa_driver_wrapper_sign/verify_hash signature
Change psa_driver_wrapper_sign/verify_hash signature
to that of a sign/verify_hash driver entry point.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-17 10:51:43 +01:00