Jaeden Amero
c939f6fcba
fixup! New function mbedtls_rsa_get_bitlen
...
In some configurations (like config-mini-tls1_1.h), size is unused. This
leads to failures when building with CMake Asan, because that build
doesn't use "-Wno-unused-value".
Fixes: e01822299624 ("New function mbedtls_rsa_get_bitlen")
2018-09-12 16:22:51 +03:00
Gilles Peskine
12313cd84c
Implement psa_generate_key: AES, DES, RSA, ECP
...
In the test cases, try exporting the generated key and perform sanity
checks on it.
2018-09-12 16:22:51 +03:00
Gilles Peskine
e66ca3bbf3
psa_export_key: zero out potential garbage in the output buffer
...
In psa_export_key, ensure that each byte of the output buffer either
contains its original value, is zero, or is part of the actual output.
Specifically, don't risk having partial output on error, and don't
leave extra data at the end of the buffer when exporting an asymmetric
key.
Test that exporting to a previously zeroed buffer leaves the buffer
zeroed outside the actual output if any.
2018-09-12 16:22:51 +03:00
Gilles Peskine
0e2315859f
psa_export_key: fix asymmetric key in larger buffer
...
Exporting an asymmetric key only worked if the target buffer had
exactly the right size, because psa_export_key uses
mbedtls_pk_write_key_der or mbedtls_pk_write_pubkey_der and these
functions write to the end of the buffer, which psa_export_key did not
correct for. Fix this by moving the data to the beginning of the
buffer if necessary.
Add non-regression tests.
2018-09-12 16:22:51 +03:00
Gilles Peskine
05d69890ee
Implement psa_generate_random
2018-09-12 16:22:51 +03:00
Gilles Peskine
0ff4b0f7f9
psa_import_key: validate symmetric key size
...
When importing a symmetric key, validate that the key size is valid
for the given key type.
Non-supported key types may no longer be imported.
2018-09-12 16:22:51 +03:00
Gilles Peskine
ca36a23bce
Fix asymmetric encrypt/decrypt test with invalid key types
...
The key data was invalid on import. The import doesn't fail because it
doesn't check the data enough.
2018-09-12 16:22:51 +03:00
Gilles Peskine
313b8af18e
Improve the description of some test cases
...
Make the descriptions more consistent.
2018-09-12 16:22:51 +03:00
Gilles Peskine
d5b3322f72
Reorder PSA test cases to group them by topic
...
* init-deinit
* import-export
* policies
* lifetime
* hash
* MAC
* cipher
* AEAD
* asymmetric sign
* asymmetric verify
* asymmetric encrypt-decrypt
This commit only moves test functions and test cases around. It does
not modify, add or remove tests.
2018-09-12 16:22:49 +03:00
Gilles Peskine
34ef7f5a55
Check the curve of an elliptic curve key on import
...
psa_import_key must check that the imported key data matches the
expected key type. Implement the missing check for EC keys that the
curve is the expected one.
2018-09-12 16:19:04 +03:00
Gilles Peskine
e1fed0de18
Define elliptic curve identifiers from TLS
...
Instead of rolling our own list of elliptic curve identifiers, use one
from somewhere. Pick TLS because it's the right size (16 bits) and
it's as good as any.
2018-09-12 16:19:04 +03:00
Gilles Peskine
b3e6e5deeb
Rename hash max sizes for consistency
...
Use "hash" throughout the library, not "md" as in Mbed TLS.
2018-09-12 16:19:04 +03:00
Gilles Peskine
dec7261df1
Remove redundant initialization of policies to {0}
...
Some compilers don't like initializing a structure to {0} (incomplete
initializer). It's redundant anyway since we always call
psa_key_policy_init.
2018-09-12 16:19:04 +03:00
Gilles Peskine
c0ec97222b
mac_verify: remove unused IV argument
...
We aren't going to have MAC with IV in the API any time soon, if at
all, so remove the embryonic support for it in the tests.
2018-09-12 16:19:03 +03:00
Gilles Peskine
01b929c85b
Fix key_lifetime_set_fail not cleaning up the right key slot
2018-09-12 16:18:04 +03:00
Gilles Peskine
4abf741e6a
Hygiene improvements in PSA crypto test code
...
Get rid of many redundant casts. In particular, it is not useful to
cast uint32_t values to size_t before performing arithmetic or
comparisons on them.
Rewrap a number of function calls, many of which now have narrower
arguments thanks to the removed casts. When a function call doesn't
fit on a single line, avoid grouping unrelated parameters together,
but do try to group a buffer pointer and the associated size.
Define more auxiliary variables xxx of a particular integer
type (psa_algorithm_t, psa_key_usage_t, etc.) corresponding to a test
function xxx_arg which has the type int. This avoids the need to cast
xxx_arg to an unsigned type sometimes in the code.
2018-09-12 16:18:04 +03:00
Gilles Peskine
7bcfc0a9ae
Be more consistent about blank lines
2018-09-12 16:18:04 +03:00
Gilles Peskine
c1bb6c8dcc
Formatting improvements
...
Avoid lines longer than 80 columns.
Remove some redundant parentheses, e.g. change
if( ( a == b ) && ( c == d ) )
to
if( a == b && c == d )
which makes lines less long and makes the remaining parentheses more
relevant.
Add missing parentheses around return statements.
There should be no semantic change in this commit.
2018-09-12 16:18:02 +03:00
Gilles Peskine
2d2778650b
Normalize whitespace
...
Normalize whitespace to Mbed TLS standards. There are only whitespace
changes in this commit.
2018-09-12 16:15:52 +03:00
Nir Sonnenschein
1e2b046026
adding more test cases for hmac
2018-09-12 16:13:49 +03:00
itayzafrir
27fbaf7781
Fixed test sign_deterministic, macro PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE
...
Arguments in the wrong order
2018-09-12 16:13:49 +03:00
itayzafrir
3e02b3b280
On target testing tests adaptation
...
Updated all psa crypto tests to use the new test format
2018-09-12 16:13:39 +03:00
itayzafrir
423f219bb2
Fixed missing dependencies in psa crypto tests
...
PSA verify RSA PKCS#1 v1.5 SHA-256, wrong hash
PSA Symmetric decryption: AES-CTR, 16 bytes, good
PSA Symmetric encryption: AES-CTR, 15 bytes, good
PSA Symmetric encryption: AES-CTR, 16 bytes, good
2018-09-05 12:46:20 +03:00
Gilles Peskine
8605428dcf
Merge remote-tracking branch 'psa/pr/27' into feature-psa
2018-09-05 12:46:19 +03:00
Gilles Peskine
eebd7381bb
Rename asymmetric_encrypt to clarify what it does
...
Renamed to asymmetric_encrypt_decrypt
2018-09-05 12:44:18 +03:00
Gilles Peskine
c4def2f228
Add input length check in psa_asymmetric_decrypt
...
Remove output size check which is not needed here and was copypasta.
Add non-regression tests.
2018-09-05 12:44:18 +03:00
Gilles Peskine
61b91d4476
Normalize whitespace to Mbed TLS standards
...
Only whitespace changes in this commit.
2018-09-05 12:44:17 +03:00
Nir Sonnenschein
d708260de4
add key policy enforcement implementation
...
add checks that keys have been set for the correct usage for asymmetric
functions.
2018-09-05 12:44:17 +03:00
Nir Sonnenschein
d70bc48630
Fix test output size
...
1. set output size to safe value
2. set output size correctly
3. check correct length of actual output
2018-09-05 12:44:17 +03:00
Nir Sonnenschein
553b8f39e9
Fix test data
...
test data used incorrect clear-text length.
2018-09-05 12:44:17 +03:00
Nir Sonnenschein
72eca16afe
Fix scenario test names
...
1. make all names unique
2. fix spacing issue in names
2018-09-05 12:44:17 +03:00
Gilles Peskine
5b051bc608
Remove trailing whitespace
...
Only horizontal whitespace changes in this commit.
2018-09-05 12:44:12 +03:00
Gilles Peskine
6afe789d4c
Finish renaming around PSA_ALG_IS_RSA_PKCS1V15
...
Now the code compiles. Some OAEP and PSS macros may still need to be fixed.
2018-09-05 12:41:53 +03:00
Gilles Peskine
a1cac84e83
Move AEAD tests just after cipher
...
Always adding things at the end tends to create merge conflicts.
Adding in the middle in this way makes the order more logical in
addition to avoiding conflicts.
2018-09-05 12:41:53 +03:00
Nir Sonnenschein
0f3bdbddee
change RSA encryption tests compensate for random component in encryption.
2018-09-05 12:41:53 +03:00
Nir Sonnenschein
39e59144f6
added support for PKCSv1.5 signature verification and encryption/decryption and very basic tests.
2018-09-05 12:41:53 +03:00
Gilles Peskine
84861a95ca
Merge remote-tracking branch 'psa/psa-wrapper-apis-aead' into feature-psa
2018-09-05 12:41:52 +03:00
mohammad1603
3158564f08
add nonce as argument to the test function of encrypt/decrypt
2018-09-05 12:41:52 +03:00
mohammad1603
8ffd764e23
re-group test vectors and change vectors' names
2018-09-05 12:41:52 +03:00
mohammad1603
f7f72da769
add invalid signature test case
2018-09-05 12:41:52 +03:00
mohammad1603
c1ee32e1f4
add GCM test vectors encrypt/decrypt
2018-09-05 12:41:52 +03:00
mohammad1603
371a6e4067
add decrypt tests for CCM
2018-09-05 12:41:52 +03:00
mohammad1603
ed8dbeb434
add and fix data vectors
2018-09-05 12:41:52 +03:00
mohammad1603
f14394b25f
add policy checks
2018-09-05 12:41:52 +03:00
mohammad1603
0317945a37
disable uncompleted tests
2018-09-05 12:41:51 +03:00
mohammad1603
f2525ebda7
add encryption only test case
2018-09-05 12:41:51 +03:00
mohammad1603
4b26850a15
fix tests according to the code changes in error value
2018-09-05 12:41:51 +03:00
Gilles Peskine
ee652a344c
Fix psa_aead_decrypt to read the tag at the end of the ciphertext
2018-09-05 12:41:51 +03:00
mohammad1603
e797945ea9
initialize length variables and process decrypt only when encrypts passes
2018-09-05 12:38:18 +03:00
mohammad1603
9b07132591
remove compilation warnings
2018-09-05 12:38:18 +03:00
mohammad1603
f07db2e919
Add more test scenario for GCM and failure cases
2018-09-05 12:38:18 +03:00
mohammad1603
d973472a37
Fix loop index and output size parameter value
2018-09-05 12:38:18 +03:00
mohammad1603
bdd892aef5
Add test scenario
2018-09-05 12:38:18 +03:00
mohammad1603
091e73b22b
Fix usage of TEST_ASSERT
...
Add missing == PSA_SUCCESS in TEST_ASSERT usage
2018-09-05 12:38:18 +03:00
mohammad1603
9112693930
aead test scenario
2018-09-05 12:38:18 +03:00
Gilles Peskine
3aa8efb230
Merge remote-tracking branch 'psa/psa-wrapper-apis-march-12' into feature-psa
2018-09-05 12:38:17 +03:00
Gilles Peskine
5809ce7bd6
Add PKCS#7 good decryption test cases
2018-09-05 12:38:17 +03:00
Gilles Peskine
42b8aec792
Correct some bad test data
...
* PKCS#7 padding always adds at least one byte of padding, so test
data with plaintext length = ciphertext length could not have been
correct.
* CTR has plaintext length = ciphertext length, so test data with
differing lengths could not have been correct.
2018-09-05 12:38:17 +03:00
Gilles Peskine
a7ec95f1ea
Cipher tests: calculate and verify the actual output size
2018-09-05 12:38:17 +03:00
Gilles Peskine
50e586b691
We don't need _test_ in test function names
...
Also fix typo multpart -> multipart
2018-09-05 12:38:17 +03:00
Gilles Peskine
048b7f0802
Rename some variables to make the code easier to read
...
In cipher_test_verify_output_multpart, tweak the ways chunk sizes are
added in order to get rid of the variable temp. In other functions,
this commit does not change the logic at all.
2018-09-05 12:38:17 +03:00
Moran Peker
8172b87a63
add tests cases
2018-09-05 12:38:17 +03:00
Moran Peker
a9c3a658be
tests fix + max_output_size
2018-09-05 12:38:17 +03:00
Moran Peker
9e3aa62c13
change variable naming
2018-09-05 12:38:17 +03:00
Gilles Peskine
17ddaa27b0
Correct and improve cipher test case descriptions
2018-09-05 12:38:17 +03:00
Gilles Peskine
9cf78d301d
Fix some test case dependencies on cipher modes
2018-09-05 12:38:17 +03:00
Gilles Peskine
4ca9c3f9a1
Fix whitespace issues
...
Only whitespace changes.
* Remove tabs.
* Remove trailing whitespace.
* Correct some misindented lines.
* Normalize whitespace around some punctuation.
* Split some lines to avoid going over 80 columns.
2018-09-05 12:38:17 +03:00
Moran Peker
7f87850fc4
fix and add tests case + fix for padding mode
2018-09-05 12:38:17 +03:00
Moran Peker
ded844092e
fix and add tests case + fix for padding mode
2018-09-05 12:38:17 +03:00
Gilles Peskine
5cbb4c8508
Correct some test case descriptions
2018-09-05 12:38:17 +03:00
Gilles Peskine
7268afc29e
Reordered cipher tests to be just after MAC tests
2018-09-05 12:38:15 +03:00
Gilles Peskine
691dfb3e3a
Whitespce normalization
...
No semantic change.
2018-09-05 12:14:29 +03:00
Moran Peker
5eb6e9ed60
PSA_ALG_CBC_BASE -> SA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE
2018-09-05 12:14:29 +03:00
Gilles Peskine
d8100245d8
Remove cipher_test_positive, duplicated as cipher_test_encrypt
...
cipher_test_positive was never compiled due to a syntax error in the
BEGIN_CASE magic comment. It has now been duplicated as
cipher_test_encrypt. Remove the copy that was never compiled.
2018-09-05 12:14:29 +03:00
Moran Peker
7691fb7b6b
add new test scenario (cipher_test_encrypt_multipart)
2018-09-05 12:14:29 +03:00
Moran Peker
96cc00a857
add missing tests function
2018-09-05 12:14:28 +03:00
Moran Peker
f55e804e07
adjust indentation per Mbed TLS standards
2018-09-05 12:14:28 +03:00
Moran Peker
0071b873a3
add missing parameter output_size on psa_cipher_finish
2018-09-05 12:14:28 +03:00
mohammad1603
b152d4d8b6
add test scenarios to decrypt and encrypt input and compare with given output
2018-09-05 12:14:28 +03:00
Moran Peker
e1210dcac3
remove unused parameter in psa_cipher_finish.
2018-09-05 12:14:28 +03:00
Moran Peker
3205a6592b
tests fix
2018-09-05 12:14:28 +03:00
mohammad1603
8481e74ecc
CR fixes
...
more fixes
Compilation fixes
Compilation fixes for PSA crypto code and tests
2018-09-05 12:14:28 +03:00
mohammad1603
e6b67a1e78
Fix parameters in test suite
...
Fix test function signature in test suite
2018-09-05 12:13:23 +03:00
Gilles Peskine
d1e8e41737
Adapt older import_export test data to the new function signature
2018-09-05 12:13:23 +03:00
mohammad1603
d7d7ba5749
add positive test scenarios
2018-09-05 12:13:23 +03:00
Gilles Peskine
5100318a92
Merge pull request #18 from ARMmbed/psa-wrapper-apis-export-publickey
...
Export public key implementation (#18 )
2018-09-05 12:13:23 +03:00
Moran Peker
f709f4a356
move import_export_public_key func place
2018-09-05 12:13:23 +03:00
Moran Peker
9bc76953ae
export->export-public + move tests case
2018-09-05 12:13:23 +03:00
Moran Peker
ce1b23a68c
PSA_ALG_CBC_BASE -> PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE
...
+ update tests description
2018-09-05 12:13:23 +03:00
Moran Peker
a964a8f9b0
add non-regression tests for export public/non public key
2018-09-05 12:13:23 +03:00
Gilles Peskine
785fd55a39
Whitespace fixes; removed redundant parentheses
...
No semantic change.
2018-09-05 12:13:23 +03:00
Gilles Peskine
c425e87af7
Add cast to satisfy gcc -Wsign-compare
2018-09-05 12:13:23 +03:00
Moran Peker
b34879b61a
fix import_export_public_key test to use policy
2018-09-05 12:13:23 +03:00
Moran Peker
338a0cf569
fix import_export_public_key test
2018-09-05 12:13:23 +03:00
Moran Peker
4ff99f36a7
change test case descriptions + add newline of test_suite_psa_crypto.function
2018-09-05 12:13:22 +03:00
Moran Peker
b4d0ddd2d3
psa_export_public_key
2018-09-05 12:13:20 +03:00
Moran Peker
dd4ea38d58
export public key
2018-09-05 12:10:47 +03:00
itayzafrir
5c7533923a
ECDSA sign and verify implementation and tests
...
ECDSA sign and verify implementation and tests
2018-09-05 12:10:47 +03:00
Gilles Peskine
a0655c3501
Merge remote-tracking branch 'psa/pr/13' into feature-psa
...
Conflicts:
library/psa_crypto.c
tests/suites/test_suite_psa_crypto.data
tests/suites/test_suite_psa_crypto.function
All the conflicts are concurrent additions where the order doesn't
matter. I put the code from feature-psa (key policy) before the code
from PR #13 (key lifetime).
2018-09-05 12:10:43 +03:00
mohammad1603
5d7ec2033d
fix key lifetime set implementation , tests accordingly
2018-09-05 12:01:37 +03:00