That's actually the only non-PSK key exchange that needs to be
negative-tested: all the other key exchanges are either positive-tested
or use RSA, for which we can't even create opaque keys in this branch.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Use escape mechanism defined in RFC 1779 when parsing commas and other
special characters in X509 DN values. Resolves failures when generating
a certificate with a CSR containing a comma in subject value.
Fixes#769.
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
When executing eval in the background, the next "$!" gives the
eval PID, not the ssl-client2 pid. This causes problems when
a client times out and the script tries to kill it. Instead, it
kills the parent eval call.
This caused problems with subsequent proxy tests receiving
old packets from a client from a previous test.
Moving the "&" to inside the eval call fixes the problem.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Update to a branch with a fix for the test case
"expected error for psa_raw_key_agreement - Small buffer size"
since we just fixed the corresponding bug.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Systematically replace "TEST_ASSERT( $x <= $y )" by "TEST_LE_U( $x, $y )" in
test_suite_psa_crypto. In this file, all occurrences of this pattern are
size_t so unsigned.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Test assertions for integer comparisons that display the compared values on
failure. Similar to TEST_EQUAL.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
We want to check:
1. actual output <= PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE (the output fits
if the caller uses the key-specific buffer size macro)
2. actual output <= PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE (the output fits
if the caller uses the generic buffer size macro)
3. PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE <= PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE
(consistency in the calculation)
We were only testing (1) and (2). Test (3) as well. (1) and (3) together
imply (2) so there's no need to test (2).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Removes a case in mbedtls_asn1_named_data() where memcpy() could be
called with a null pointer and zero length. A test case is added for
this code path, to catch the undefined behavior when running tests with
UBSan.
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
Remaining hits seem to be hex data, certificates,
and other miscellaneous exceptions.
List generated by running codespell -w -L
keypair,Keypair,KeyPair,keyPair,ciph,nd
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Motivated by CVE-2022-21449, to which we're not vulnerable, but we
didn't have a test for it. Now we do.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
MD2 and MD4 were declared as enabled (PSA_WANT_ALG_MD{2,4} defined) but not
actually implemented in the test driver (MBEDTLS_MD{2,4}_C) not defined. Fix
this inconsistency caued deterministic ECDSA tests using those hashes to
fail. Now MD2 and MD4 are consistently off and the offending test cases
don't run.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Validate the size macros directly from the output length in the test data,
rather than using the value returned by the library. This is equivalent
since the value returned by the library is checked to be identical.
Enforce that SIZE() <= MAX_SIZE(), in addition to length <= SIZE(). This is
stronger than the previous code which merely enforced length <= SIZE() and
length <= MAX_SIZE().
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In PSA tests, don't try to exercise RC4 keys with other sizes. Do test that
attempts to use RC4 keys of other sizes fail with NOT_SUPPORTED (import does
work, which is not really useful, but removing import support would
technically break backward compatibility).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
We test some configurations using drivers where the driver doesn't
support certain hash algorithms, but declares that it supports
compound algorithms that use those hashes. Until this is fixed,
in those configurations, don't try to actually perform operations.
The built-in implementation of asymmetric algorithms that use a
hash internally only dispatch to the internal md module, not to
PSA. Until this is supported, don't try to actually perform
operations when the operation is built-in and the hash isn't.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This both simplifies parsing a little, and suppresses warnings. Suppressing
warnings is both good and bad: on the one hand it resolves problems such as
https://github.com/Mbed-TLS/mbedtls/issues/5731, on the other hand it may
hide clues as to why lsof wouldn't be working as expected.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
