Merge branch 'development' into convert_NO_SHA384_to_positive
Conflicts:
* configs/config-psa-crypto.h: modified here, removed in development
* tests/suites/test_suite_x509parse.data: all conflicts are in depends_on
lines where development made a change unrelated to MBEDTLS_SHAxxx and our
branch either changed `MBEDTLS_SHA256_C` to `MBEDTLS_SHA224_C` or
`MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384` to ``MBEDTLS_SHA384_C`, with
no change to what the test does. Pick the other branch's dependency
changes then apply our SHA dpeendency change.
diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function
index 36a7d23..ac00f45 100644
--- a/tests/suites/main_test.function
+++ b/tests/suites/main_test.function
@@ -33,6 +33,10 @@
#include "psa/crypto.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#if defined(MBEDTLS_TEST_HOOKS)
+#include "mbedtls/error.h"
+#endif
+
/* Test code may use deprecated identifiers only if the preprocessor symbol
* MBEDTLS_TEST_DEPRECATED is defined. When building tests, set
* MBEDTLS_TEST_DEPRECATED explicitly if MBEDTLS_DEPRECATED_WARNING is
@@ -279,6 +283,10 @@
*/
int main( int argc, const char *argv[] )
{
+#if defined(MBEDTLS_TEST_HOOKS) && defined (MBEDTLS_ERROR_C)
+ mbedtls_test_hook_error_add = &mbedtls_test_err_add_check;
+#endif
+
int ret = mbedtls_test_platform_setup();
if( ret != 0 )
{
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index 76e474f..3d3f6a3 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -422,124 +422,6 @@
valid_buffer, valid_size,
valid_buffer, NULL ) );
-#if defined(MBEDTLS_CIPHER_MODE_AEAD)
- /* mbedtls_cipher_auth_encrypt() */
- TEST_INVALID_PARAM_RET(
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
- mbedtls_cipher_auth_encrypt( NULL,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, &size_t_var,
- valid_buffer, valid_size ) );
- TEST_INVALID_PARAM_RET(
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
- mbedtls_cipher_auth_encrypt( &valid_ctx,
- NULL, valid_size,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, &size_t_var,
- valid_buffer, valid_size ) );
- TEST_INVALID_PARAM_RET(
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
- mbedtls_cipher_auth_encrypt( &valid_ctx,
- valid_buffer, valid_size,
- NULL, valid_size,
- valid_buffer, valid_size,
- valid_buffer, &size_t_var,
- valid_buffer, valid_size ) );
- TEST_INVALID_PARAM_RET(
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
- mbedtls_cipher_auth_encrypt( &valid_ctx,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- NULL, valid_size,
- valid_buffer, &size_t_var,
- valid_buffer, valid_size ) );
- TEST_INVALID_PARAM_RET(
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
- mbedtls_cipher_auth_encrypt( &valid_ctx,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- NULL, &size_t_var,
- valid_buffer, valid_size ) );
- TEST_INVALID_PARAM_RET(
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
- mbedtls_cipher_auth_encrypt( &valid_ctx,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, NULL,
- valid_buffer, valid_size ) );
- TEST_INVALID_PARAM_RET(
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
- mbedtls_cipher_auth_encrypt( &valid_ctx,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, &size_t_var,
- NULL, valid_size ) );
-
- /* mbedtls_cipher_auth_decrypt() */
- TEST_INVALID_PARAM_RET(
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
- mbedtls_cipher_auth_decrypt( NULL,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, &size_t_var,
- valid_buffer, valid_size ) );
- TEST_INVALID_PARAM_RET(
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
- mbedtls_cipher_auth_decrypt( &valid_ctx,
- NULL, valid_size,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, &size_t_var,
- valid_buffer, valid_size ) );
- TEST_INVALID_PARAM_RET(
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
- mbedtls_cipher_auth_decrypt( &valid_ctx,
- valid_buffer, valid_size,
- NULL, valid_size,
- valid_buffer, valid_size,
- valid_buffer, &size_t_var,
- valid_buffer, valid_size ) );
- TEST_INVALID_PARAM_RET(
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
- mbedtls_cipher_auth_decrypt( &valid_ctx,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- NULL, valid_size,
- valid_buffer, &size_t_var,
- valid_buffer, valid_size ) );
- TEST_INVALID_PARAM_RET(
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
- mbedtls_cipher_auth_decrypt( &valid_ctx,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- NULL, &size_t_var,
- valid_buffer, valid_size ) );
- TEST_INVALID_PARAM_RET(
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
- mbedtls_cipher_auth_decrypt( &valid_ctx,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, NULL,
- valid_buffer, valid_size ) );
- TEST_INVALID_PARAM_RET(
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
- mbedtls_cipher_auth_decrypt( &valid_ctx,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, valid_size,
- valid_buffer, &size_t_var,
- NULL, valid_size ) );
-#endif /* defined(MBEDTLS_CIPHER_MODE_AEAD) */
-
#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
/* mbedtls_cipher_auth_encrypt_ext */
TEST_INVALID_PARAM_RET(
@@ -1126,11 +1008,6 @@
* of AEAD decryption and AEAD encryption. Check that
* this results in the expected plaintext, and that
* decryption and encryption are inverse to one another.
- *
- * Do that twice:
- * - once with legacy functions auth_decrypt/auth_encrypt
- * - once with new functions auth_decrypt_ext/auth_encrypt_ext
- * This allows testing both without duplicating test cases.
*/
int ret;
@@ -1146,13 +1023,6 @@
unsigned char *encrypt_buf = NULL;
size_t encrypt_buf_len = 0;
-#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
- !defined(MBEDTLS_DEPRECATED_REMOVED)
- unsigned char *tmp_tag = NULL;
- unsigned char *tmp_cipher = NULL;
- unsigned char *tag_buf = NULL;
-#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
-
/* Null pointers are documented as valid for inputs of length 0.
* The test framework passes non-null pointers, so set them to NULL.
* key, cipher and tag can't be empty. */
@@ -1184,12 +1054,6 @@
cipher_id == MBEDTLS_CIPHER_AES_256_KW ||
using_nist_kw_padding;
- /****************************************************************
- * *
- * Part 1: non-deprecated API *
- * *
- ****************************************************************/
-
/*
* Prepare context for decryption
*/
@@ -1253,7 +1117,6 @@
ASSERT_COMPARE( decrypt_buf, outlen, clear->x, clear->len );
}
- /* Free this, but keep cipher_plus_tag for deprecated function with PSA */
mbedtls_free( decrypt_buf );
decrypt_buf = NULL;
@@ -1315,135 +1178,12 @@
encrypt_buf = NULL;
}
- /****************************************************************
- * *
- * Part 2: deprecated API *
- * *
- ****************************************************************/
-
-#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
- !defined(MBEDTLS_DEPRECATED_REMOVED)
-
- /*
- * Prepare context for decryption
- */
- if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
- MBEDTLS_DECRYPT ) )
- goto exit;
-
- /*
- * Prepare pointers for decryption
- */
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- if( use_psa == 1 )
- {
- /* PSA requires that the tag immediately follows the ciphertext.
- * Fortunately, we already have that from testing the new API. */
- tmp_cipher = cipher_plus_tag;
- tmp_tag = tmp_cipher + cipher->len;
- }
- else
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
- {
- tmp_cipher = cipher->x;
- tmp_tag = tag->x;
- }
-
- /*
- * Authenticate and decrypt, and check result
- */
-
- ASSERT_ALLOC( decrypt_buf, cipher->len );
- outlen = 0;
- ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
- tmp_cipher, cipher->len, decrypt_buf, &outlen,
- tmp_tag, tag->len );
-
- if( using_nist_kw )
- {
- /* NIST_KW with legacy API */
- TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
- }
- else if( strcmp( result, "FAIL" ) == 0 )
- {
- /* unauthentic message */
- TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED );
- TEST_ASSERT( buffer_is_all_zero( decrypt_buf, cipher->len ) );
- }
- else
- {
- /* authentic message: is the plaintext correct? */
- TEST_ASSERT( ret == 0 );
- ASSERT_COMPARE( decrypt_buf, outlen, clear->x, clear->len );
- }
-
- mbedtls_free( decrypt_buf );
- decrypt_buf = NULL;
- mbedtls_free( cipher_plus_tag );
- cipher_plus_tag = NULL;
-
- /*
- * Encrypt back if test data was authentic
- */
- if( strcmp( result, "FAIL" ) != 0 )
- {
- /* prepare context for encryption */
- if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
- MBEDTLS_ENCRYPT ) )
- goto exit;
-
- /* prepare buffers for encryption */
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- if( use_psa )
- {
- ASSERT_ALLOC( cipher_plus_tag, cipher->len + tag->len );
- tmp_cipher = cipher_plus_tag;
- tmp_tag = cipher_plus_tag + cipher->len;
- }
- else
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
- {
- ASSERT_ALLOC( encrypt_buf, cipher->len );
- ASSERT_ALLOC( tag_buf, tag->len );
- tmp_cipher = encrypt_buf;
- tmp_tag = tag_buf;
- }
-
- /*
- * Encrypt and check the result
- */
- outlen = 0;
- ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
- clear->x, clear->len, tmp_cipher, &outlen,
- tmp_tag, tag->len );
-
- if( using_nist_kw )
- {
- TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
- }
- else
- {
- TEST_ASSERT( ret == 0 );
-
- TEST_ASSERT( outlen == cipher->len );
- if( cipher->len != 0 )
- TEST_ASSERT( memcmp( tmp_cipher, cipher->x, cipher->len ) == 0 );
- TEST_ASSERT( memcmp( tmp_tag, tag->x, tag->len ) == 0 );
- }
- }
-
-#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
-
exit:
mbedtls_cipher_free( &ctx );
mbedtls_free( decrypt_buf );
mbedtls_free( encrypt_buf );
mbedtls_free( cipher_plus_tag );
-#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
- !defined(MBEDTLS_DEPRECATED_REMOVED)
- mbedtls_free( tag_buf );
-#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( use_psa == 1 )
diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data
index eb99b79..0935c12 100644
--- a/tests/suites/test_suite_debug.data
+++ b/tests/suites/test_suite_debug.data
@@ -38,11 +38,11 @@
mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30":"MyFile(0999)\: dumping 'Test return value' (49 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\nMyFile(0999)\: 0010\: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................\nMyFile(0999)\: 0020\: 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./\nMyFile(0999)\: 0030\: 30 0\n"
Debug print certificate #1 (RSA)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: 01\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using \: RSA with SHA1\nMyFile(0999)\: RSA key size \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\: a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\: 15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\: 43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\: dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\: 83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\: 70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\: 4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\: f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\: ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\: 24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\: ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\: 69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\: 73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\: db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\: 5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\: ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\: 01 00 01\n"
Debug print certificate #2 (EC)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n"
Debug print mbedtls_mpi #1
diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function
index 377d630..ad50e53 100644
--- a/tests/suites/test_suite_debug.function
+++ b/tests/suites/test_suite_debug.function
@@ -131,7 +131,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
void mbedtls_debug_print_crt( char * crt_file, char * file, int line,
char * prefix, char * result_str )
{
diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function
index 8157234..58cedc1 100644
--- a/tests/suites/test_suite_ecdsa.function
+++ b/tests/suites/test_suite_ecdsa.function
@@ -599,7 +599,8 @@
cnt_restart = 0;
do {
ret = mbedtls_ecdsa_write_signature_restartable( &ctx,
- md_alg, hash, hlen, sig, &slen, NULL, NULL, &rs_ctx );
+ md_alg, hash, hlen, sig, &slen, mbedtls_test_rnd_std_rand, NULL,
+ &rs_ctx );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
TEST_ASSERT( ret == 0 );
@@ -614,7 +615,8 @@
if( min_restart > 0 )
{
ret = mbedtls_ecdsa_write_signature_restartable( &ctx,
- md_alg, hash, hlen, sig, &slen, NULL, NULL, &rs_ctx );
+ md_alg, hash, hlen, sig, &slen, mbedtls_test_rnd_std_rand, NULL,
+ &rs_ctx );
TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
}
diff --git a/tests/suites/test_suite_oid.function b/tests/suites/test_suite_oid.function
index 9e8d437..5c56ef4 100644
--- a/tests/suites/test_suite_oid.function
+++ b/tests/suites/test_suite_oid.function
@@ -6,7 +6,7 @@
/* END_HEADER */
/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_OID_C
+ * depends_on:MBEDTLS_OID_C:!MBEDTLS_X509_REMOVE_INFO
* END_DEPENDENCIES
*/
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index bc469b6..9454fe7 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -821,7 +821,8 @@
cnt_restart = 0;
do {
ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen,
- sig, &slen, NULL, NULL, &rs_ctx );
+ sig, &slen, mbedtls_test_rnd_std_rand,
+ NULL, &rs_ctx );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
TEST_ASSERT( ret == 0 );
@@ -868,7 +869,8 @@
slen = sizeof( sig );
ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen,
- sig, &slen, NULL, NULL, &rs_ctx );
+ sig, &slen, mbedtls_test_rnd_std_rand,
+ NULL, &rs_ctx );
TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
}
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 8f04bc8..bff0c35 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -2924,24 +2924,16 @@
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
unsigned char *output_data = NULL;
size_t output_size = 0;
size_t output_length = 0;
unsigned char *output_data2 = NULL;
size_t output_length2 = 0;
- size_t tag_length = PSA_AEAD_TAG_LENGTH( alg );
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
psa_status_t expected_result = expected_result_arg;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- output_size = input_data->len + tag_length;
- /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
- * should be exact. */
- if( expected_result != PSA_ERROR_INVALID_ARGUMENT )
- TEST_EQUAL( output_size,
- PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) );
- ASSERT_ALLOC( output_data, output_size );
-
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
@@ -2950,6 +2942,22 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ key_bits = psa_get_key_bits( &attributes );
+
+ output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits,
+ alg );
+ /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
+ * should be exact. */
+ if( expected_result != PSA_ERROR_INVALID_ARGUMENT &&
+ expected_result != PSA_ERROR_NOT_SUPPORTED )
+ {
+ TEST_EQUAL( output_size,
+ PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) );
+ TEST_ASSERT( output_size <=
+ PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
+ }
+ ASSERT_ALLOC( output_data, output_size );
status = psa_aead_encrypt( key, alg,
nonce->x, nonce->len,
@@ -2977,7 +2985,7 @@
/* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE
* should be exact. */
TEST_EQUAL( input_data->len,
- PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, output_length ) );
+ PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg, output_length ) );
TEST_ASSERT( input_data->len <=
PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( output_length ) );
@@ -3014,22 +3022,13 @@
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
unsigned char *output_data = NULL;
size_t output_size = 0;
size_t output_length = 0;
- size_t tag_length = PSA_AEAD_TAG_LENGTH( alg );
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
- output_size = input_data->len + tag_length;
- /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
- * should be exact. */
- TEST_EQUAL( output_size,
- PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) );
- TEST_ASSERT( output_size <=
- PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
- ASSERT_ALLOC( output_data, output_size );
-
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
@@ -3038,6 +3037,18 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ key_bits = psa_get_key_bits( &attributes );
+
+ output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits,
+ alg );
+ /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
+ * should be exact. */
+ TEST_EQUAL( output_size,
+ PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) );
+ TEST_ASSERT( output_size <=
+ PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
+ ASSERT_ALLOC( output_data, output_size );
status = psa_aead_encrypt( key, alg,
nonce->x, nonce->len,
@@ -3078,26 +3089,14 @@
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
unsigned char *output_data = NULL;
size_t output_size = 0;
size_t output_length = 0;
- size_t tag_length = PSA_AEAD_TAG_LENGTH( alg );
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t expected_result = expected_result_arg;
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
- output_size = input_data->len - tag_length;
- if( expected_result != PSA_ERROR_INVALID_ARGUMENT )
- {
- /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE
- * should be exact. */
- TEST_EQUAL( output_size,
- PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, input_data->len ) );
- TEST_ASSERT( output_size <=
- PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
- }
- ASSERT_ALLOC( output_data, output_size );
-
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
@@ -3106,6 +3105,22 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ key_bits = psa_get_key_bits( &attributes );
+
+ output_size = input_data->len - PSA_AEAD_TAG_LENGTH( key_type, key_bits,
+ alg );
+ if( expected_result != PSA_ERROR_INVALID_ARGUMENT &&
+ expected_result != PSA_ERROR_NOT_SUPPORTED )
+ {
+ /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE
+ * should be exact. */
+ TEST_EQUAL( output_size,
+ PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) );
+ TEST_ASSERT( output_size <=
+ PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
+ }
+ ASSERT_ALLOC( output_data, output_size );
status = psa_aead_decrypt( key, alg,
nonce->x, nonce->len,
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data
index 241d715..5fbfac6 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data
@@ -243,3 +243,81 @@
PSA AEAD decrypt, AES-GCM, 144 bytes #1, INSUFFICIENT_MEMORY
depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INSUFFICIENT_MEMORY
+
+PSA opaque driver builtin key export: AES
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_SUCCESS
+
+PSA opaque driver builtin key export: AES (registered to ID_MAX-1)
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_SUCCESS
+
+PSA opaque driver builtin key export: AES (registered to ID_MAX)
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_SUCCESS
+
+PSA opaque driver builtin key export: key ID out of range (ID_MIN - 1)
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_ERROR_INVALID_HANDLE
+
+PSA opaque driver builtin key export: key ID out of range (ID_MAX + 1)
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_ERROR_INVALID_HANDLE
+
+PSA opaque driver builtin key export: secp256r1
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"dc7d9d26d67a4f632c34c2dc0b6986183882c206df04cdb7d69aabe28be4f81a":PSA_SUCCESS
+
+PSA opaque driver builtin pubkey export: secp256r1
+builtin_pubkey_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"0485f64d89f00be66c88dd937efd6d7c445648dcb701150b8a9509295850f41c1931e571fb8f8c78317a20b380e866584bbc2516c3d2702d792f131a922095fd6c":PSA_SUCCESS
+
+PSA opaque driver builtin pubkey export: not a public key
+builtin_pubkey_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"0485f64d89f00be66c88dd937efd6d7c445648dcb701150b8a9509295850f41c1931e571fb8f8c78317a20b380e866584bbc2516c3d2702d792f131a922095fd6c":PSA_ERROR_INVALID_ARGUMENT
+
+Hash compute: SHA-256, computed by the driver
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS:PSA_SUCCESS
+
+Hash compute: SHA-256, fallback
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+Hash compute: SHA-256, no fallback
+depends_on:!MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED
+
+Hash compute: SHA-256, INSUFFICIENT_MEMORY
+hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY
+
+Hash multi-part setup: SHA-256, computed by the driver
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS:PSA_SUCCESS
+
+Hash multi-part setup: SHA-256, fallback
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+Hash multi-part setup: SHA-256, no fallback
+depends_on:!MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED
+
+Hash multi-part setup: SHA-256, INSUFFICIENT_MEMORY
+hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY
+
+Hash multi-part update: SHA-256, update successful
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS
+
+Hash multi-part update: SHA-256, update failure
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED
+
+Hash multi-part finish: SHA-256, finish successful
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS
+
+Hash multi-part finish: SHA-256, finish failure
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED
+
+Hash clone: SHA-256, clone successful
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_clone:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS
+
+Hash clone: SHA-256, clone failure
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_clone:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
index b287ce1..a0b719e 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
@@ -23,7 +23,8 @@
uint8_t signature[64];
size_t signature_length = 0xdeadbeef;
psa_status_t actual_status;
- test_driver_signature_sign_hooks = test_driver_signature_hooks_init();
+ mbedtls_test_driver_signature_sign_hooks =
+ mbedtls_test_driver_signature_hooks_init();
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_type( &attributes,
@@ -34,11 +35,13 @@
key_input->x, key_input->len,
&key );
- test_driver_signature_sign_hooks.forced_status = force_status;
+ mbedtls_test_driver_signature_sign_hooks.forced_status = force_status;
if( fake_output == 1 )
{
- test_driver_signature_sign_hooks.forced_output = expected_output->x;
- test_driver_signature_sign_hooks.forced_output_length = expected_output->len;
+ mbedtls_test_driver_signature_sign_hooks.forced_output =
+ expected_output->x;
+ mbedtls_test_driver_signature_sign_hooks.forced_output_length =
+ expected_output->len;
}
actual_status = psa_sign_hash( key, alg,
@@ -51,13 +54,14 @@
ASSERT_COMPARE( signature, signature_length,
expected_output->x, expected_output->len );
}
- TEST_EQUAL( test_driver_signature_sign_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_signature_sign_hooks.hits, 1 );
exit:
psa_reset_key_attributes( &attributes );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_signature_sign_hooks = test_driver_signature_hooks_init();
+ mbedtls_test_driver_signature_sign_hooks =
+ mbedtls_test_driver_signature_hooks_init();
}
/* END_CASE */
@@ -75,7 +79,8 @@
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 );
psa_status_t actual_status;
- test_driver_signature_verify_hooks = test_driver_signature_hooks_init();
+ mbedtls_test_driver_signature_verify_hooks =
+ mbedtls_test_driver_signature_hooks_init();
PSA_ASSERT( psa_crypto_init( ) );
if( register_public_key )
@@ -99,19 +104,20 @@
&key );
}
- test_driver_signature_verify_hooks.forced_status = force_status;
+ mbedtls_test_driver_signature_verify_hooks.forced_status = force_status;
actual_status = psa_verify_hash( key, alg,
data_input->x, data_input->len,
signature_input->x, signature_input->len );
TEST_EQUAL( actual_status, expected_status );
- TEST_EQUAL( test_driver_signature_verify_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_signature_verify_hooks.hits, 1 );
exit:
psa_reset_key_attributes( &attributes );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_signature_verify_hooks = test_driver_signature_hooks_init();
+ mbedtls_test_driver_signature_verify_hooks =
+ mbedtls_test_driver_signature_hooks_init();
}
/* END_CASE */
@@ -130,7 +136,8 @@
psa_status_t actual_status;
uint8_t actual_output[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(256)] = {0};
size_t actual_output_length;
- test_driver_key_management_hooks = test_driver_key_management_hooks_init();
+ mbedtls_test_driver_key_management_hooks =
+ mbedtls_test_driver_key_management_hooks_init();
psa_set_key_type( &attributes,
PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) );
@@ -140,18 +147,22 @@
if( fake_output->len > 0 )
{
- expected_output = test_driver_key_management_hooks.forced_output = fake_output->x;
- expected_output_length = test_driver_key_management_hooks.forced_output_length =
+ expected_output =
+ mbedtls_test_driver_key_management_hooks.forced_output =
+ fake_output->x;
+
+ expected_output_length =
+ mbedtls_test_driver_key_management_hooks.forced_output_length =
fake_output->len;
}
- test_driver_key_management_hooks.hits = 0;
- test_driver_key_management_hooks.forced_status = force_status;
+ mbedtls_test_driver_key_management_hooks.hits = 0;
+ mbedtls_test_driver_key_management_hooks.forced_status = force_status;
PSA_ASSERT( psa_crypto_init( ) );
actual_status = psa_generate_key( &attributes, &key );
- TEST_EQUAL( test_driver_key_management_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 );
TEST_EQUAL( actual_status, expected_status );
if( actual_status == PSA_SUCCESS )
@@ -178,7 +189,8 @@
psa_reset_key_attributes( &attributes );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_key_management_hooks = test_driver_key_management_hooks_init();
+ mbedtls_test_driver_key_management_hooks =
+ mbedtls_test_driver_key_management_hooks_init();
}
/* END_CASE */
@@ -194,25 +206,27 @@
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t actual_status;
- test_driver_key_management_hooks = test_driver_key_management_hooks_init();
+ mbedtls_test_driver_key_management_hooks =
+ mbedtls_test_driver_key_management_hooks_init();
psa_set_key_type( &attributes,
key_type );
psa_set_key_bits( &attributes, 0 );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
- test_driver_key_management_hooks.forced_status = force_status;
+ mbedtls_test_driver_key_management_hooks.forced_status = force_status;
PSA_ASSERT( psa_crypto_init( ) );
actual_status = psa_import_key( &attributes, key_input->x, key_input->len, &key );
- TEST_EQUAL( test_driver_key_management_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 );
TEST_EQUAL( actual_status, expected_status );
exit:
psa_reset_key_attributes( &attributes );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_key_management_hooks = test_driver_key_management_hooks_init();
+ mbedtls_test_driver_key_management_hooks =
+ mbedtls_test_driver_key_management_hooks_init();
}
/* END_CASE */
@@ -236,7 +250,8 @@
psa_status_t actual_status;
uint8_t actual_output[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(256)] = {0};
size_t actual_output_length;
- test_driver_key_management_hooks = test_driver_key_management_hooks_init();
+ mbedtls_test_driver_key_management_hooks =
+ mbedtls_test_driver_key_management_hooks_init();
psa_set_key_type( &attributes, input_key_type );
psa_set_key_bits( &attributes, 256 );
@@ -247,8 +262,12 @@
if( fake_output->len > 0 )
{
- expected_output_ptr = test_driver_key_management_hooks.forced_output = fake_output->x;
- expected_output_length = test_driver_key_management_hooks.forced_output_length =
+ expected_output_ptr =
+ mbedtls_test_driver_key_management_hooks.forced_output =
+ fake_output->x;
+
+ expected_output_length =
+ mbedtls_test_driver_key_management_hooks.forced_output_length =
fake_output->len;
}
else
@@ -257,8 +276,8 @@
expected_output_length = expected_output->len;
}
- test_driver_key_management_hooks.hits = 0;
- test_driver_key_management_hooks.forced_status = force_status;
+ mbedtls_test_driver_key_management_hooks.hits = 0;
+ mbedtls_test_driver_key_management_hooks.forced_status = force_status;
if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) )
actual_status = psa_export_public_key( handle, actual_output, sizeof(actual_output), &actual_output_length );
@@ -268,7 +287,7 @@
if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) &&
!PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( input_key_type ) )
- TEST_EQUAL( test_driver_key_management_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 );
if( actual_status == PSA_SUCCESS )
{
@@ -279,7 +298,8 @@
psa_reset_key_attributes( &attributes );
psa_destroy_key( handle );
PSA_DONE( );
- test_driver_key_management_hooks = test_driver_key_management_hooks_init();
+ mbedtls_test_driver_key_management_hooks =
+ mbedtls_test_driver_key_management_hooks_init();
}
/* END_CASE */
@@ -303,8 +323,8 @@
size_t total_output_length = 0;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
- test_driver_cipher_hooks.forced_status = force_status;
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks.forced_status = force_status;
PSA_ASSERT( psa_crypto_init( ) );
@@ -316,12 +336,12 @@
&key ) );
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
output_buffer_size = ( (size_t) input->len +
PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
@@ -329,21 +349,21 @@
if( mock_output_arg )
{
- test_driver_cipher_hooks.forced_output = expected_output->x;
- test_driver_cipher_hooks.forced_output_length = expected_output->len;
+ mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x;
+ mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len;
}
PSA_ASSERT( psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
if( mock_output_arg )
{
- test_driver_cipher_hooks.forced_output = NULL;
- test_driver_cipher_hooks.forced_output_length = 0;
+ mbedtls_test_driver_cipher_hooks.forced_output = NULL;
+ mbedtls_test_driver_cipher_hooks.forced_output_length = 0;
}
total_output_length += function_output_length;
@@ -352,8 +372,8 @@
output_buffer_size - total_output_length,
&function_output_length );
/* Finish will have called abort as well, so expecting two hits here */
- TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
total_output_length += function_output_length;
@@ -362,7 +382,7 @@
{
PSA_ASSERT( psa_cipher_abort( &operation ) );
// driver function should've been called as part of the finish() core routine
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
ASSERT_COMPARE( expected_output->x, expected_output->len,
output, total_output_length );
}
@@ -372,7 +392,7 @@
mbedtls_free( output );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
}
/* END_CASE */
@@ -396,7 +416,7 @@
size_t total_output_length = 0;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
PSA_ASSERT( psa_crypto_init( ) );
@@ -408,12 +428,12 @@
&key ) );
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
output_buffer_size = ( (size_t) input->len +
PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
@@ -423,8 +443,8 @@
PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
output, output_buffer_size,
&function_output_length ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
TEST_ASSERT( function_output_length == output1_length );
total_output_length += function_output_length;
@@ -434,8 +454,8 @@
output + total_output_length,
output_buffer_size - total_output_length,
&function_output_length ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
TEST_ASSERT( function_output_length == output2_length );
total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_finish( &operation,
@@ -443,11 +463,11 @@
output_buffer_size - total_output_length,
&function_output_length ) );
/* Finish will have called abort as well, so expecting two hits here */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
- test_driver_cipher_hooks.hits = 0 ;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 );
+ mbedtls_test_driver_cipher_hooks.hits = 0 ;
total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_abort( &operation ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
ASSERT_COMPARE( expected_output->x, expected_output->len,
output, total_output_length );
@@ -457,7 +477,7 @@
mbedtls_free( output );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
}
/* END_CASE */
@@ -481,7 +501,7 @@
size_t total_output_length = 0;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
PSA_ASSERT( psa_crypto_init( ) );
@@ -493,12 +513,12 @@
&key ) );
PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
output_buffer_size = ( (size_t) input->len +
PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
@@ -509,8 +529,8 @@
input->x, first_part_size,
output, output_buffer_size,
&function_output_length ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
TEST_ASSERT( function_output_length == output1_length );
total_output_length += function_output_length;
@@ -520,8 +540,8 @@
output + total_output_length,
output_buffer_size - total_output_length,
&function_output_length ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
TEST_ASSERT( function_output_length == output2_length );
total_output_length += function_output_length;
@@ -530,11 +550,11 @@
output_buffer_size - total_output_length,
&function_output_length ) );
/* Finish will have called abort as well, so expecting two hits here */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_abort( &operation ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
ASSERT_COMPARE( expected_output->x, expected_output->len,
output, total_output_length );
@@ -544,7 +564,7 @@
mbedtls_free( output );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
}
/* END_CASE */
@@ -568,8 +588,8 @@
size_t total_output_length = 0;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
- test_driver_cipher_hooks.forced_status = force_status;
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks.forced_status = force_status;
PSA_ASSERT( psa_crypto_init( ) );
@@ -581,12 +601,12 @@
&key ) );
PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
output_buffer_size = ( (size_t) input->len +
PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
@@ -594,21 +614,21 @@
if( mock_output_arg )
{
- test_driver_cipher_hooks.forced_output = expected_output->x;
- test_driver_cipher_hooks.forced_output_length = expected_output->len;
+ mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x;
+ mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len;
}
PSA_ASSERT( psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
if( mock_output_arg )
{
- test_driver_cipher_hooks.forced_output = NULL;
- test_driver_cipher_hooks.forced_output_length = 0;
+ mbedtls_test_driver_cipher_hooks.forced_output = NULL;
+ mbedtls_test_driver_cipher_hooks.forced_output_length = 0;
}
total_output_length += function_output_length;
@@ -617,8 +637,8 @@
output_buffer_size - total_output_length,
&function_output_length );
/* Finish will have called abort as well, so expecting two hits here */
- TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
total_output_length += function_output_length;
TEST_EQUAL( status, expected_status );
@@ -626,7 +646,7 @@
if( expected_status == PSA_SUCCESS )
{
PSA_ASSERT( psa_cipher_abort( &operation ) );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
ASSERT_COMPARE( expected_output->x, expected_output->len,
output, total_output_length );
}
@@ -636,7 +656,7 @@
mbedtls_free( output );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
}
/* END_CASE */
@@ -654,7 +674,7 @@
size_t function_output_length = 0;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
ASSERT_ALLOC( output, input->len + 16 );
output_buffer_size = input->len + 16;
@@ -669,136 +689,136 @@
&key ) );
/* Test setup call, encrypt */
- test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
status = psa_cipher_encrypt_setup( &operation, key, alg );
/* When setup fails, it shouldn't call any further entry points */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_set_iv( &operation, iv->x, iv->len );
TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
/* Test setup call failure, decrypt */
status = psa_cipher_decrypt_setup( &operation, key, alg );
/* When setup fails, it shouldn't call any further entry points */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_set_iv( &operation, iv->x, iv->len );
TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
/* Test IV setting failure */
- test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
status = psa_cipher_encrypt_setup( &operation, key, alg );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
- test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
status = psa_cipher_set_iv( &operation, iv->x, iv->len );
/* When setting the IV fails, it should call abort too */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
/* Failure should prevent further operations from executing on the driver */
- test_driver_cipher_hooks.hits = 0;
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length );
TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
psa_cipher_abort( &operation );
/* Test IV generation failure */
- test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
status = psa_cipher_encrypt_setup( &operation, key, alg );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
- test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
status = psa_cipher_generate_iv( &operation, output, 16, &function_output_length );
/* When generating the IV fails, it should call abort too */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
/* Failure should prevent further operations from executing on the driver */
- test_driver_cipher_hooks.hits = 0;
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length );
TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
psa_cipher_abort( &operation );
/* Test update failure */
- test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
status = psa_cipher_encrypt_setup( &operation, key, alg );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_set_iv( &operation, iv->x, iv->len );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
- test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length );
/* When the update call fails, it should call abort too */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
/* Failure should prevent further operations from executing on the driver */
- test_driver_cipher_hooks.hits = 0;
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length );
TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
psa_cipher_abort( &operation );
/* Test finish failure */
- test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
status = psa_cipher_encrypt_setup( &operation, key, alg );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_set_iv( &operation, iv->x, iv->len );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- test_driver_cipher_hooks.hits = 0;
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
- test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+ mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
status = psa_cipher_finish( &operation,
output + function_output_length,
output_buffer_size - function_output_length,
&function_output_length );
/* When the finish call fails, it should call abort too */
- TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
- TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 );
+ TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status );
/* Failure should prevent further operations from executing on the driver */
- test_driver_cipher_hooks.hits = 0;
+ mbedtls_test_driver_cipher_hooks.hits = 0;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length );
TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
- TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
psa_cipher_abort( &operation );
exit:
@@ -806,7 +826,7 @@
mbedtls_free( output );
psa_destroy_key( key );
PSA_DONE( );
- test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
}
/* END_CASE */
@@ -822,23 +842,14 @@
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
psa_status_t forced_status = forced_status_arg;
unsigned char *output_data = NULL;
size_t output_size = 0;
size_t output_length = 0;
- size_t tag_length = PSA_AEAD_TAG_LENGTH( alg );
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
- test_driver_aead_hooks = test_driver_aead_hooks_init();
-
- output_size = input_data->len + tag_length;
- /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
- * should be exact. */
- TEST_EQUAL( output_size,
- PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) );
- TEST_ASSERT( output_size <=
- PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
- ASSERT_ALLOC( output_data, output_size );
+ mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init();
PSA_ASSERT( psa_crypto_init( ) );
@@ -848,16 +859,28 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ key_bits = psa_get_key_bits( &attributes );
- test_driver_aead_hooks.forced_status = forced_status;
+ output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits,
+ alg );
+ /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
+ * should be exact. */
+ TEST_EQUAL( output_size,
+ PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) );
+ TEST_ASSERT( output_size <=
+ PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
+ ASSERT_ALLOC( output_data, output_size );
+
+ mbedtls_test_driver_aead_hooks.forced_status = forced_status;
status = psa_aead_encrypt( key, alg,
nonce->x, nonce->len,
additional_data->x, additional_data->len,
input_data->x, input_data->len,
output_data, output_size,
&output_length );
- TEST_EQUAL( test_driver_aead_hooks.hits, 1 );
- TEST_EQUAL( test_driver_aead_hooks.driver_status, forced_status );
+ TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_aead_hooks.driver_status, forced_status );
TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ?
PSA_SUCCESS : forced_status );
@@ -872,7 +895,7 @@
psa_destroy_key( key );
mbedtls_free( output_data );
PSA_DONE( );
- test_driver_aead_hooks = test_driver_aead_hooks_init();
+ mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init();
}
/* END_CASE */
@@ -888,17 +911,14 @@
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
psa_status_t forced_status = forced_status_arg;
unsigned char *output_data = NULL;
size_t output_size = 0;
size_t output_length = 0;
- size_t tag_length = PSA_AEAD_TAG_LENGTH( alg );
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
- test_driver_aead_hooks = test_driver_aead_hooks_init();
-
- output_size = input_data->len - tag_length;
- ASSERT_ALLOC( output_data, output_size );
+ mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init();
PSA_ASSERT( psa_crypto_init( ) );
@@ -908,8 +928,14 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ key_bits = psa_get_key_bits( &attributes );
- test_driver_aead_hooks.forced_status = forced_status;
+ output_size = input_data->len - PSA_AEAD_TAG_LENGTH( key_type, key_bits,
+ alg );
+ ASSERT_ALLOC( output_data, output_size );
+
+ mbedtls_test_driver_aead_hooks.forced_status = forced_status;
status = psa_aead_decrypt( key, alg,
nonce->x, nonce->len,
additional_data->x,
@@ -917,8 +943,8 @@
input_data->x, input_data->len,
output_data, output_size,
&output_length );
- TEST_EQUAL( test_driver_aead_hooks.hits, 1 );
- TEST_EQUAL( test_driver_aead_hooks.driver_status, forced_status );
+ TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_aead_hooks.driver_status, forced_status );
TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ?
PSA_SUCCESS : forced_status );
@@ -933,6 +959,363 @@
psa_destroy_key( key );
mbedtls_free( output_data );
PSA_DONE( );
- test_driver_aead_hooks = test_driver_aead_hooks_init();
+ mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+void builtin_key_export( int builtin_key_id_arg,
+ int builtin_key_type_arg,
+ int builtin_key_bits_arg,
+ int builtin_key_algorithm_arg,
+ data_t *expected_output,
+ int expected_status_arg )
+{
+ psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg;
+ psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg;
+ psa_algorithm_t builtin_key_alg = (psa_algorithm_t) builtin_key_algorithm_arg;
+ size_t builtin_key_bits = (size_t) builtin_key_bits_arg;
+ psa_status_t expected_status = expected_status_arg;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0, builtin_key_id );
+ uint8_t* output_buffer = NULL;
+ size_t output_size = 0;
+ psa_status_t actual_status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ ASSERT_ALLOC( output_buffer, expected_output->len );
+
+ actual_status = psa_export_key( key, output_buffer, expected_output->len, &output_size );
+
+ if( expected_status == PSA_SUCCESS )
+ {
+ PSA_ASSERT( actual_status );
+ TEST_EQUAL( output_size, expected_output->len );
+ ASSERT_COMPARE( output_buffer, output_size,
+ expected_output->x, expected_output->len );
+
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ TEST_EQUAL( psa_get_key_bits( &attributes ), builtin_key_bits );
+ TEST_EQUAL( psa_get_key_type( &attributes ), builtin_key_type );
+ TEST_EQUAL( psa_get_key_algorithm( &attributes ), builtin_key_alg );
+ }
+ else
+ {
+ if( actual_status != expected_status )
+ fprintf( stderr, "Expected %d but got %d\n", expected_status, actual_status );
+ TEST_EQUAL( actual_status, expected_status );
+ TEST_EQUAL( output_size, 0 );
+ }
+
+exit:
+ mbedtls_free( output_buffer );
+ psa_reset_key_attributes( &attributes );
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+void builtin_pubkey_export( int builtin_key_id_arg,
+ int builtin_key_type_arg,
+ int builtin_key_bits_arg,
+ int builtin_key_algorithm_arg,
+ data_t *expected_output,
+ int expected_status_arg )
+{
+ psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg;
+ psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg;
+ psa_algorithm_t builtin_key_alg = (psa_algorithm_t) builtin_key_algorithm_arg;
+ size_t builtin_key_bits = (size_t) builtin_key_bits_arg;
+ psa_status_t expected_status = expected_status_arg;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0, builtin_key_id );
+ uint8_t* output_buffer = NULL;
+ size_t output_size = 0;
+ psa_status_t actual_status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ ASSERT_ALLOC( output_buffer, expected_output->len );
+
+ actual_status = psa_export_public_key( key, output_buffer, expected_output->len, &output_size );
+
+ if( expected_status == PSA_SUCCESS )
+ {
+ PSA_ASSERT( actual_status );
+ TEST_EQUAL( output_size, expected_output->len );
+ ASSERT_COMPARE( output_buffer, output_size,
+ expected_output->x, expected_output->len );
+
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ TEST_EQUAL( psa_get_key_bits( &attributes ), builtin_key_bits );
+ TEST_EQUAL( psa_get_key_type( &attributes ), builtin_key_type );
+ TEST_EQUAL( psa_get_key_algorithm( &attributes ), builtin_key_alg );
+ }
+ else
+ {
+ TEST_EQUAL( actual_status, expected_status );
+ TEST_EQUAL( output_size, 0 );
+ }
+
+exit:
+ mbedtls_free( output_buffer );
+ psa_reset_key_attributes( &attributes );
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_compute( int alg_arg,
+ data_t *input, data_t *hash,
+ int forced_status_arg,
+ int expected_status_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t forced_status = forced_status_arg;
+ psa_status_t expected_status = expected_status_arg;
+ unsigned char *output = NULL;
+ size_t output_length;
+
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+ mbedtls_test_driver_hash_hooks.forced_status = forced_status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) );
+
+ TEST_EQUAL( psa_hash_compute( alg, input->x, input->len,
+ output, PSA_HASH_LENGTH( alg ),
+ &output_length ), expected_status );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status );
+
+ if( expected_status == PSA_SUCCESS )
+ {
+ ASSERT_COMPARE( output, output_length, hash->x, hash->len );
+ }
+
+exit:
+ mbedtls_free( output );
+ PSA_DONE( );
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_multipart_setup( int alg_arg,
+ data_t *input, data_t *hash,
+ int forced_status_arg,
+ int expected_status_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t forced_status = forced_status_arg;
+ psa_status_t expected_status = expected_status_arg;
+ unsigned char *output = NULL;
+ psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+ size_t output_length;
+
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+ ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ mbedtls_test_driver_hash_hooks.forced_status = forced_status;
+ TEST_EQUAL( psa_hash_setup( &operation, alg ), expected_status );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status );
+
+ if( expected_status == PSA_SUCCESS )
+ {
+ PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits,
+ forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 2 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status );
+
+ PSA_ASSERT( psa_hash_finish( &operation,
+ output, PSA_HASH_LENGTH( alg ),
+ &output_length ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits,
+ forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 4 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status );
+
+ ASSERT_COMPARE( output, output_length, hash->x, hash->len );
+ }
+
+exit:
+ psa_hash_abort( &operation );
+ mbedtls_free( output );
+ PSA_DONE( );
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_multipart_update( int alg_arg,
+ data_t *input, data_t *hash,
+ int forced_status_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t forced_status = forced_status_arg;
+ unsigned char *output = NULL;
+ psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+ size_t output_length;
+
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+ ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /*
+ * Update inactive operation, the driver shouldn't be called.
+ */
+ TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 );
+
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS );
+
+ mbedtls_test_driver_hash_hooks.forced_status = forced_status;
+ TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ),
+ forced_status );
+ /* One or two more calls to the driver interface: update or update + abort */
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits,
+ forced_status == PSA_SUCCESS ? 2 : 3 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status );
+
+ if( forced_status == PSA_SUCCESS )
+ {
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+ PSA_ASSERT( psa_hash_finish( &operation,
+ output, PSA_HASH_LENGTH( alg ),
+ &output_length ) );
+ /* Two calls to the driver interface: update + abort */
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS );
+
+ ASSERT_COMPARE( output, output_length, hash->x, hash->len );
+ }
+
+exit:
+ psa_hash_abort( &operation );
+ mbedtls_free( output );
+ PSA_DONE( );
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_multipart_finish( int alg_arg,
+ data_t *input, data_t *hash,
+ int forced_status_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t forced_status = forced_status_arg;
+ unsigned char *output = NULL;
+ psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+ size_t output_length;
+
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+ ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /*
+ * Finish inactive operation, the driver shouldn't be called.
+ */
+ TEST_EQUAL( psa_hash_finish( &operation, output, PSA_HASH_LENGTH( alg ),
+ &output_length ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 );
+
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS );
+
+ PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS );
+
+ mbedtls_test_driver_hash_hooks.forced_status = forced_status;
+ TEST_EQUAL( psa_hash_finish( &operation,
+ output, PSA_HASH_LENGTH( alg ),
+ &output_length ),
+ forced_status );
+ /* Two more calls to the driver interface: finish + abort */
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 4 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status );
+
+ if( forced_status == PSA_SUCCESS )
+ ASSERT_COMPARE( output, output_length, hash->x, hash->len );
+
+exit:
+ psa_hash_abort( &operation );
+ mbedtls_free( output );
+ PSA_DONE( );
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_clone( int alg_arg,
+ data_t *input, data_t *hash,
+ int forced_status_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t forced_status = forced_status_arg;
+ unsigned char *output = NULL;
+ psa_hash_operation_t source_operation = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t target_operation = PSA_HASH_OPERATION_INIT;
+ size_t output_length;
+
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+ ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /*
+ * Clone inactive operation, the driver shouldn't be called.
+ */
+ TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 );
+
+ PSA_ASSERT( psa_hash_setup( &source_operation, alg ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS );
+
+ mbedtls_test_driver_hash_hooks.forced_status = forced_status;
+ TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ),
+ forced_status );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits,
+ forced_status == PSA_SUCCESS ? 2 : 3 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status );
+
+ if( forced_status == PSA_SUCCESS )
+ {
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+ PSA_ASSERT( psa_hash_update( &target_operation,
+ input->x, input->len ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS );
+
+ PSA_ASSERT( psa_hash_finish( &target_operation,
+ output, PSA_HASH_LENGTH( alg ),
+ &output_length ) );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 3 );
+ TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS );
+
+ ASSERT_COMPARE( output, output_length, hash->x, hash->len );
+ }
+
+exit:
+ psa_hash_abort( &source_operation );
+ psa_hash_abort( &target_operation );
+ mbedtls_free( output );
+ PSA_DONE( );
+ mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
}
/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index bd98a76..4e2f4d5 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -134,17 +134,57 @@
depends_on:PSA_WANT_ALG_XTS:MBEDTLS_CIPHER_C
cipher_algorithm:PSA_ALG_XTS:0
-AEAD: CCM
-depends_on:PSA_WANT_ALG_CCM
-aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16
+AEAD: CCM-AES-128
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:128
-AEAD: GCM
-depends_on:PSA_WANT_ALG_GCM
-aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16
+AEAD: CCM-AES-192
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:192
+
+AEAD: CCM-AES-256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:256
+
+AEAD: CCM-CAMELLIA-128
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:128
+
+AEAD: CCM-CAMELLIA-192
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:192
+
+AEAD: CCM-CAMELLIA-256
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:256
+
+AEAD: GCM-AES-128
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:128
+
+AEAD: GCM-AES-192
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:192
+
+AEAD: GCM-AES-256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:256
+
+AEAD: GCM-CAMELLIA-128
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:128
+
+AEAD: GCM-CAMELLIA-192
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:192
+
+AEAD: GCM-CAMELLIA-256
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:256
AEAD: ChaCha20_Poly1305
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305
-aead_algorithm:PSA_ALG_CHACHA20_POLY1305:0:16
+aead_algorithm:PSA_ALG_CHACHA20_POLY1305:0:16:PSA_KEY_TYPE_CHACHA20:256
Asymmetric signature: RSA PKCS#1 v1.5 raw
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index 8acbe44..8134f44 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -169,6 +169,7 @@
}
void aead_algorithm_core( psa_algorithm_t alg, int classification_flags,
+ psa_key_type_t key_type, size_t key_bits,
size_t tag_length )
{
/* Algorithm classification */
@@ -183,7 +184,7 @@
algorithm_classification( alg, classification_flags );
/* Tag length */
- TEST_EQUAL( tag_length, PSA_AEAD_TAG_LENGTH( alg ) );
+ TEST_EQUAL( tag_length, PSA_AEAD_TAG_LENGTH( key_type, key_bits, alg ) );
exit: ;
}
@@ -367,19 +368,24 @@
/* BEGIN_CASE */
void aead_algorithm( int alg_arg, int classification_flags,
- int tag_length_arg )
+ int tag_length_arg,
+ int key_type_arg, int key_bits_arg )
{
psa_algorithm_t alg = alg_arg;
size_t tag_length = tag_length_arg;
size_t n;
+ psa_key_type_t key_type = key_type_arg;
+ size_t key_bits = key_bits_arg;
- aead_algorithm_core( alg, classification_flags, tag_length );
+ aead_algorithm_core( alg, classification_flags,
+ key_type, key_bits, tag_length );
/* Truncated versions */
for( n = 1; n <= tag_length; n++ )
{
psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, n );
- aead_algorithm_core( truncated_alg, classification_flags, n );
+ aead_algorithm_core( truncated_alg, classification_flags,
+ key_type, key_bits, n );
TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( truncated_alg ),
alg );
/* Check that calling PSA_ALG_AEAD_WITH_SHORTENED_TAG twice gives
@@ -411,7 +417,8 @@
for( n = 1; n <= tag_length; n++ )
{
psa_algorithm_t policy_alg = PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, n );
- aead_algorithm_core( policy_alg, classification_flags | ALG_IS_WILDCARD, n );
+ aead_algorithm_core( policy_alg, classification_flags | ALG_IS_WILDCARD,
+ key_type, key_bits, n );
TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( policy_alg ),
alg );
/* Check that calling PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG twice
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index 3d97515..c5390b2 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -9219,7 +9219,7 @@
SSL TLS 1.3 Key schedule: Derive-Secret( ., "c hs traffic", hash)
# Vector from RFC 8448
-ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_c_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03"::32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f"
+ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_c_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f"
SSL TLS 1.3 Key schedule: Derive-Secret( ., "s hs traffic", hash)
# Vector from RFC 8448
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index 11817cf..8b7b09a 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -203,79 +203,79 @@
x509_parse_san:"data_files/server5-unsupported_othername.crt":""
X509 CRL information #1
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n"
X509 CRL Information MD2 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl_md2.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA with MD2\n"
X509 CRL Information MD4 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl_md4.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD4\n"
X509 CRL Information MD5 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl_md5.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD5\n"
X509 CRL Information SHA1 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl_sha1.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n"
X509 CRL Information SHA224 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA224_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA224_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl_sha224.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-224\n"
X509 CRL Information SHA256 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl_sha256.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-256\n"
X509 CRL Information SHA384 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA384_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA384_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl_sha384.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-384\n"
X509 CRL Information SHA512 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl_sha512.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\n"
X509 CRL information RSA-PSS, SHA1 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n"
X509 CRL information RSA-PSS, SHA224 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA224_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA224_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n"
X509 CRL information RSA-PSS, SHA256 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n"
X509 CRL information RSA-PSS, SHA384 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA384_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA384_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n"
X509 CRL information RSA-PSS, SHA512 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\n"
X509 CRL Information EC, SHA1 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl-ec-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA1\n"
X509 CRL Information EC, SHA224 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA224_C:MBEDTLS_ECDSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA224_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl-ec-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA224\n"
X509 CRL Information EC, SHA256 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl-ec-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA256\n"
X509 CRL Information EC, SHA384 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA384_C:MBEDTLS_ECDSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA384_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl-ec-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA384\n"
X509 CRL Information EC, SHA512 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl-ec-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA512\n"
X509 CRL Malformed Input (trailing spaces at end of file)
@@ -291,71 +291,71 @@
mbedtls_x509_crl_parse:"data_files/crl-idpnc.pem":0
X509 CSR Information RSA with MD4
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server1.req.md4":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\n"
X509 CSR Information RSA with MD5
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server1.req.md5":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\n"
X509 CSR Information RSA with SHA1
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server1.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\n"
X509 CSR Information RSA with SHA224
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA224_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA224_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server1.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\n"
X509 CSR Information RSA with SHA-256
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTS_X509_INFO
mbedtls_x509_csr_info:"data_files/server1.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n"
X509 CSR Information RSA with SHA384
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA384_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA384_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server1.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\n"
X509 CSR Information RSA with SHA512
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server1.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\n"
X509 CSR Information EC with SHA1
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server5.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n"
X509 CSR Information EC with SHA224
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA224_C
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA224_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server5.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\n"
X509 CSR Information EC with SHA256
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server5.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n"
X509 CSR Information EC with SHA384
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA384_C
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA384_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server5.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\n"
X509 CSR Information EC with SHA512
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server5.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\n"
X509 CSR Information RSA-PSS with SHA1
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n"
X509 CSR Information RSA-PSS with SHA224
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA224_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA224_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n"
X509 CSR Information RSA-PSS with SHA256
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size \: 1024 bits\n"
X509 CSR Information RSA-PSS with SHA384
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA384_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA384_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size \: 1024 bits\n"
X509 CSR Information RSA-PSS with SHA512
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size \: 1024 bits\n"
X509 CSR Information RSA with SHA-256 - Microsoft header
@@ -2131,7 +2131,7 @@
# 03020001 signatureValue BIT STRING
# The subsequent TBSCertList negative tests remove or modify some elements.
X509 CRL ASN1 (TBSCertList, sig present)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA224_C
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA224_C:!MBEDTLS_X509_REMOVE_INFO
x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nserial number\: AB\:CD revocation date\: 2008-12-31 23\:59\:59\nsigned using \: RSA with SHA-224\n":0
X509 CRL ASN1 (TBSCertList, signatureValue missing)
@@ -2167,7 +2167,7 @@
x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128402abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
X509 CRL ASN1 (TBSCertList, no entries)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA224_C
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA224_C:!MBEDTLS_X509_REMOVE_INFO
x509parse_crl:"30463031020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nsigned using \: RSA with SHA-224\n":0
X509 CRL ASN1 (invalid version 2)
@@ -2197,7 +2197,7 @@
x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c0101ff041e301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
X509 CRL ASN1 (extension not critical explicit, crl-idp.pem byte 129)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO
x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c010100041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2018-03-14 07\:31\:48\nnext update \: 2028-03-14 07\:31\:48\nRevoked certificates\:\nsigned using \: RSA with SHA-256\n":0
X509 CRT parse path #2 (one cert)
@@ -2536,7 +2536,7 @@
x509_parse_rsassa_pss_params:"a303020102":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG
X509 CSR ASN.1 (OK)
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_parse:"308201183081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d04010349003046022100b49fd8c8f77abfa871908dfbe684a08a793d0f490a43d86fcf2086e4f24bb0c2022100f829d5ccd3742369299e6294394717c4b723a0f68b44e831b6e6c3bcabf97243":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n":0
X509 CSR ASN.1 (bad first tag)
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index 46d9724..a6361d8 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -7,6 +7,7 @@
#include "mbedtls/pem.h"
#include "mbedtls/oid.h"
#include "mbedtls/base64.h"
+#include "mbedtls/error.h"
#include "string.h"
#if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19
@@ -320,18 +321,18 @@
ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE );
if( ret != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
if( *p + len != end )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
/*
* Cannot be an empty sequence.
*/
if( len == 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
while( *p < end )
{
@@ -342,13 +343,13 @@
*/
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
policy_end = *p + len;
if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len,
MBEDTLS_ASN1_OID ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
/*
* Recognize exclusively the policy with OID 1
@@ -366,7 +367,7 @@
{
if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
/*
* Skip the optional policy qualifiers.
*/
@@ -374,13 +375,13 @@
}
if( *p != policy_end )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
}
if( *p != end )
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( parse_ret );
}
@@ -388,7 +389,8 @@
memcmp( new_oid->p, oid->p, oid->len ) == 0 )
return( 0 );
else
- return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+ MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/* END_HEADER */
@@ -438,7 +440,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:!MBEDTLS_X509_REMOVE_INFO:MBEDTLS_X509_CRT_PARSE_C */
void x509_cert_info( char * crt_file, char * result_str )
{
mbedtls_x509_crt crt;
@@ -461,7 +463,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
void mbedtls_x509_crl_info( char * crl_file, char * result_str )
{
mbedtls_x509_crl crl;
@@ -500,7 +502,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
void mbedtls_x509_csr_info( char * csr_file, char * result_str )
{
mbedtls_x509_csr csr;
@@ -523,7 +525,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
void x509_verify_info( int flags, char * prefix, char * result_str )
{
char buf[2000];
@@ -738,7 +740,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
void mbedtls_x509_dn_gets( char * crt_file, char * entity, char * result_str )
{
mbedtls_x509_crt crt;
@@ -826,30 +828,37 @@
void x509parse_crt( data_t * buf, char * result_str, int result )
{
mbedtls_x509_crt crt;
- unsigned char output[2000];
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
+ unsigned char output[2000] = { 0 };
int res;
+#else
+ ((void) result_str);
+#endif
mbedtls_x509_crt_init( &crt );
- memset( output, 0, 2000 );
TEST_ASSERT( mbedtls_x509_crt_parse_der( &crt, buf->x, buf->len ) == ( result ) );
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
if( ( result ) == 0 )
{
res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt );
-
TEST_ASSERT( res != -1 );
TEST_ASSERT( res != -2 );
TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 );
}
+ memset( output, 0, 2000 );
+#endif
mbedtls_x509_crt_free( &crt );
mbedtls_x509_crt_init( &crt );
- memset( output, 0, 2000 );
TEST_ASSERT( mbedtls_x509_crt_parse_der_nocopy( &crt, buf->x, buf->len ) == ( result ) );
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
if( ( result ) == 0 )
{
+ memset( output, 0, 2000 );
+
res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt );
TEST_ASSERT( res != -1 );
@@ -857,12 +866,14 @@
TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 );
}
+ memset( output, 0, 2000 );
+#endif /* !MBEDTLS_X509_REMOVE_INFO */
mbedtls_x509_crt_free( &crt );
mbedtls_x509_crt_init( &crt );
- memset( output, 0, 2000 );
TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 0, NULL, NULL ) == ( result ) );
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
if( ( result ) == 0 )
{
res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt );
@@ -872,12 +883,14 @@
TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 );
}
+ memset( output, 0, 2000 );
+#endif /* !MBEDTLS_X509_REMOVE_INFO */
mbedtls_x509_crt_free( &crt );
mbedtls_x509_crt_init( &crt );
- memset( output, 0, 2000 );
TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 1, NULL, NULL ) == ( result ) );
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
if( ( result ) == 0 )
{
res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt );
@@ -887,6 +900,7 @@
TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 );
}
+#endif /* !MBEDTLS_X509_REMOVE_INFO */
exit:
mbedtls_x509_crt_free( &crt );
@@ -898,17 +912,22 @@
{
mbedtls_x509_crt crt;
mbedtls_x509_buf oid;
- unsigned char output[2000];
+
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
+ unsigned char output[2000] = { 0 };
int res;
+#else
+ ((void) result_str);
+#endif
oid.tag = MBEDTLS_ASN1_OID;
oid.len = MBEDTLS_OID_SIZE(MBEDTLS_OID_PKIX "\x01\x1F");
oid.p = (unsigned char *)MBEDTLS_OID_PKIX "\x01\x1F";
mbedtls_x509_crt_init( &crt );
- memset( output, 0, 2000 );
TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 0, parse_crt_ext_cb, &oid ) == ( result ) );
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
if( ( result ) == 0 )
{
res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt );
@@ -918,12 +937,14 @@
TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 );
}
+ memset( output, 0, 2000 );
+#endif /* !MBEDTLS_X509_REMOVE_INFO */
mbedtls_x509_crt_free( &crt );
mbedtls_x509_crt_init( &crt );
- memset( output, 0, 2000 );
TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 1, parse_crt_ext_cb, &oid ) == ( result ) );
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
if( ( result ) == 0 )
{
res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt );
@@ -933,13 +954,14 @@
TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 );
}
+#endif /* !MBEDTLS_X509_REMOVE_INFO */
exit:
mbedtls_x509_crt_free( &crt );
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
void x509parse_crl( data_t * buf, char * result_str, int result )
{
mbedtls_x509_crl crl;
@@ -966,7 +988,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
void mbedtls_x509_csr_parse( data_t * csr_der, char * ref_out, int ref_ret )
{
mbedtls_x509_csr csr;
@@ -1099,7 +1121,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C:!MBEDTLS_X509_REMOVE_INFO */
void x509_oid_desc( data_t * buf, char * ref_desc )
{
mbedtls_x509_buf oid;