This was a mistake, there's no reason for the dependencies to be
commented out. The dependencies on PSA_WANT_ALG_EDDSA aren't actually
necessary at the moment, but they might be in certain configurations
if some macros are simplified to save code size.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Write a simple unit test for mbedtls_ecp_muladd().
Add just one pair of test cases. #2 fails since PR #3512. Thanks to
Philippe Antoine (catenacyber) for the test case, found by ecfuzzer.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Fix expected error code when importing a persistent key or
registering a key with an invalid key identifier:
PSA_ERROR_INVALID_ARGUMENT instead of PSA_ERROR_INVALID_HANDLE.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Add negative tests checking that psa_copy_key()
returns PSA_ERROR_INVALID_ARGUMENT when passed in
an invalid key identifier or key lifetime for the
target key.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit adds a test exercising the reader in a random way
and comparing the outcomes against what we expect based on the
abstract model of the reader from the producer's and consumer's
perspective.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
This commit adds an MPS unit test suite `test_suite_mps` which will
subsequently be populated with unit tests for all components of MPS.
As a start, a test case
```
mbedtls_mps_reader_no_pausing_single_step_single_round()
```
is added which exercises the most basic usage of the MPS reader
component; see the test case description for more details.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
Add the test keys from RFC 8032 (§7.1 Ed25519 "TEST 1", §7.4 Ed448 "Blank").
This replaces the generic byte-sized data used for unknown key types
which no longer works now that Ed25519 is considered to have 255 bits.
Re-generate the automatically generated test data accordingly.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Define algorithms for PureEdDSA and for HashEdDSA, the EdDSA variants
defined by RFC 8032.
The encoding for HashEdDSA needs to encode the hash algorithm so that
the hash can be calculated by passing PSA_ALG_SIGN_GET_HASH(sig_alg)
to psa_hash_compute() or psa_hash_setup(). As a consequence,
Ed25519ph (using SHA-512) and Ed448ph (using SHAKE256) need to have
different algorithm encodings (the key is enough to tell them apart,
but it is not known while hashing). Another consequence is that the
API needs to recognize the Ed448 prehash (64 bytes of SHAKE256 output)
as a hash algorithm.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add an elliptic curve family for the twisted Edwards curves
Edwards25519 and Edwards448 ("Goldilocks"). As with Montgomery curves,
since these are the only two curves in common use, the family has a
generic name.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Given the PSA_WANT_* config options added lately,
update set_psa_test_dependencies.py and run it
on test_suite_psa_crypto*.data files but the SE
and generated ones.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Fix likely harmless undefined behavior in cipher tests pointed out by
UBSan with recent compilers (e.g. Clang 10). When the complete output
is empty, the output buffer is NULL. Adding an integer to a null
pointer is undefined behavior even when the integer is 0, so make a
special case for that.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>