Add tests for key import-export and key import followed by public-key
export when the output buffer is too small. Add these tests for the
following curves:
* p256 as an example of a Weierstrass curve
* Curve25519
* Curve448
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This testcase calls psa_export_public_key() on an FFDH key with an
output buffer that is too small. Since the size is calculated based on
the required key size but not checked against the available buffer size,
we overflow the buffer.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
There was a single case for key_agreement_setup that was failing when
setting up the derivation operation. Move this test case to use
derive_setup() instead. Add a corresponding positive test with
derive_setup() to make it more obvious that KEY_AGREEEMENT(ECDH, KDF)
works and the problem really is that the KDF is unknown.
Not the expected_status_setup argument of key_agreement_setup is no
longer needed and can be removed.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
See the comment that was there. I chose not to split the test function
in two, but just have two arguments for each expected status.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Failing right now, will fix the library in the next commit.
For 8192-bit, we don't have any positive test, because we have a stupid
line length limitation [1] and we can't fit both our key, the peer's
key, and the output. But for negative tests we don't need the output and
the rest fits, so let's have those.
[1] https://github.com/Mbed-TLS/mbedtls/issues/1866
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Aligning on the name in development, which is also acceptable for 3.6,
and should reduce conflicts when backporting.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Also, while at it, add a test for input buffer too small. This had been
added previously in development but not backported.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Let applications configure prediction resistance at runtime.
Prediction resistance is always considered disabled when there is no actual
entropy source, only a nonvolatile seed.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In some scenarios, application or integration code knows that the random
generator should be reseeded, but the reseed cannot or must not happen
immediately and there is no way to report errors. In such scenarios, users
can call the new function `psa_random_deplete()`, which just marks the DRBG
as needing a reseed.
This change requires DRBG modules to treat `reseed_counter == reseed_interval`
as a condition that requires a reseed. Historically they reseeded when
`reseed_counter > reseed_interval`, but that made it impossible to require
a reseed when `reseed_interval == MAX_INT`. Note that this edge case is not
tested.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
They were in test_suite_psa_crypto_init, but their only connection to init
is that RNG setup is part of init. When testing how the RNG is set up, the
fact that it happens during init is incidental, what matters is the
difficulties around collecting entropy.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
With e.g. `CLOCK_BOOTTIME`, it's plausible that less than 1 second has
passed since the boot reference time.
Only assert that the returned time is nonzero (because all-bits-zero is
highly implausible as an actual clock value, but likely indicates that the
intended value was not copied out correctly).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
MinGW uses a legacy printf by default which doesn't support the `z` modifier
for `size_t`. Skip these test cases on MinGW.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In particular, test `"%zu"` for `size_t` and `"%lld"` for `long long`, which
older Windows runtimes do not support, but which Mbed TLS uses.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The goal isn't to do any functional testing, but to have a simple diagnostic
if some Unix platform function isn't available, and to have a record of
success in the outcome file.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In `test_suite_debug`, test `mbedtls_debug_snprintf()`, which uses
`mbedtls_vsnprintf()` like `mbedtls_debug_print_msg()`. Do this instead of
testing `mbedtls_snprintf()`, which might be subtly different (older
Windows runtimes had slightly different behavior for vsnprintf() vs
snprintf(); TF-PSA-Crypto might pick up a different function if the
platform configuration is different in TF-PSA-Crypto and Mbed TLS).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This is not only convenient, but now necessary, because if the content of
the generated files changes due to changes in Python files in the framework,
`all.sh check_generated_files` will fail in the framework CI.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
