diff --git a/ChangeLog.d/make_sha224_sha384_independent_from_sha256_sha512.txt b/ChangeLog.d/make_sha224_sha384_independent_from_sha256_sha512.txt new file mode 100644 index 000000000..d2c9b35dd --- /dev/null +++ b/ChangeLog.d/make_sha224_sha384_independent_from_sha256_sha512.txt @@ -0,0 +1,4 @@ +Features + * SHA224_C/SHA384_C are now independent from SHA384_C/SHA512_C respectively. + This helps in saving code size when some of the above hashes are not + required. diff --git a/configs/config-ccm-psk-dtls1_2.h b/configs/config-ccm-psk-dtls1_2.h index 183815dec..02bc829f9 100644 --- a/configs/config-ccm-psk-dtls1_2.h +++ b/configs/config-ccm-psk-dtls1_2.h @@ -47,10 +47,6 @@ #define MBEDTLS_ENTROPY_C #define MBEDTLS_MD_C #define MBEDTLS_NET_C -/* The library does not currently support enabling SHA-224 without SHA-256. - * A future version of the library will have this option disabled - * by default. */ -#define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SSL_CLI_C #define MBEDTLS_SSL_COOKIE_C diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index f935a33f2..84e5db3ad 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -46,10 +46,6 @@ #define MBEDTLS_ENTROPY_C #define MBEDTLS_MD_C #define MBEDTLS_NET_C -/* The library does not currently support enabling SHA-224 without SHA-256. - * A future version of the library will have this option disabled - * by default. */ -#define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SSL_CLI_C #define MBEDTLS_SSL_SRV_C diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 35622fcc6..89898b33a 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -60,10 +60,6 @@ #define MBEDTLS_OID_C #define MBEDTLS_PK_C #define MBEDTLS_PK_PARSE_C -/* The library does not currently support enabling SHA-224 without SHA-256. - * A future version of the library will have this option disabled - * by default. */ -#define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SHA384_C #define MBEDTLS_SHA512_C diff --git a/configs/config-thread.h b/configs/config-thread.h index c032fdc4b..0652136a5 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -63,10 +63,6 @@ #define MBEDTLS_OID_C #define MBEDTLS_PK_C #define MBEDTLS_PK_PARSE_C -/* The library does not currently support enabling SHA-224 without SHA-256. - * A future version of the library will have this option disabled - * by default. */ -#define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SSL_COOKIE_C #define MBEDTLS_SSL_CLI_C diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 99584c42f..677be87c0 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -695,10 +695,6 @@ #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SHA384_C) && !defined(MBEDTLS_SHA512_C) -#error "MBEDTLS_SHA384_C defined without MBEDTLS_SHA512_C" -#endif - #if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) #error "Must only define one of MBEDTLS_SHA512_USE_A64_CRYPTO_*" @@ -754,14 +750,6 @@ #error "MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system" #endif -#if defined(MBEDTLS_SHA224_C) && !defined(MBEDTLS_SHA256_C) -#error "MBEDTLS_SHA224_C defined without MBEDTLS_SHA256_C" -#endif - -#if defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA224_C) -#error "MBEDTLS_SHA256_C defined without MBEDTLS_SHA224_C" -#endif - #if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) #error "Must only define one of MBEDTLS_SHA256_USE_A64_CRYPTO_*" diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index b9c896f3b..092152d5f 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3046,9 +3046,6 @@ * * Enable the SHA-224 cryptographic hash algorithm. * - * Requires: MBEDTLS_SHA256_C. The library does not currently support enabling - * SHA-224 without SHA-256. - * * Module: library/sha256.c * Caller: library/md.c * library/ssl_cookie.c @@ -3062,9 +3059,6 @@ * * Enable the SHA-256 cryptographic hash algorithm. * - * Requires: MBEDTLS_SHA224_C. The library does not currently support enabling - * SHA-256 without SHA-224. - * * Module: library/sha256.c * Caller: library/entropy.c * library/md.c @@ -3132,8 +3126,6 @@ * * Enable the SHA-384 cryptographic hash algorithm. * - * Requires: MBEDTLS_SHA512_C - * * Module: library/sha512.c * Caller: library/md.c * library/psa_crypto_hash.c diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index fbf938dd1..85ecc43a1 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -65,8 +65,14 @@ typedef enum { #if defined(MBEDTLS_SHA512_C) #define MBEDTLS_MD_MAX_SIZE 64 /* longest known is SHA512 */ +#elif defined(MBEDTLS_SHA384_C) +#define MBEDTLS_MD_MAX_SIZE 48 /* longest known is SHA384 */ +#elif defined(MBEDTLS_SHA256_C) +#define MBEDTLS_MD_MAX_SIZE 32 /* longest known is SHA256 */ +#elif defined(MBEDTLS_SHA224_C) +#define MBEDTLS_MD_MAX_SIZE 28 /* longest known is SHA224 */ #else -#define MBEDTLS_MD_MAX_SIZE 32 /* longest known is SHA256 or less */ +#define MBEDTLS_MD_MAX_SIZE 20 /* longest known is SHA1 or RIPE MD-160 */ #endif #if defined(MBEDTLS_SHA512_C) diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index 0cbbac11f..d256352c8 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -96,6 +96,10 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst, * \param is224 This determines which function to use. This must be * either \c 0 for SHA-256, or \c 1 for SHA-224. * + * \note is224 must be defined accordingly to the enabled + * MBEDTLS_SHA224_C/MBEDTLS_SHA256_C symbols otherwise the + * function will return #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. + * * \return \c 0 on success. * \return A negative error code on failure. */ @@ -178,13 +182,25 @@ int mbedtls_sha256( const unsigned char *input, #if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_SHA224_C) /** - * \brief The SHA-224 and SHA-256 checkup routine. + * \brief The SHA-224 checkup routine. + * + * \return \c 0 on success. + * \return \c 1 on failure. + */ +int mbedtls_sha224_self_test( int verbose ); +#endif /* MBEDTLS_SHA224_C */ + +#if defined(MBEDTLS_SHA256_C) +/** + * \brief The SHA-256 checkup routine. * * \return \c 0 on success. * \return \c 1 on failure. */ int mbedtls_sha256_self_test( int verbose ); +#endif /* MBEDTLS_SHA256_C */ #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index 48901cc39..2b1fafd45 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -99,9 +99,9 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, * \param is384 Determines which function to use. This must be * either \c 0 for SHA-512, or \c 1 for SHA-384. * - * \note When \c MBEDTLS_SHA384_C is not defined, - * \p is384 must be \c 0, or the function will return - * #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. + * \note is384 must be defined accordingly to the enabled + * MBEDTLS_SHA384_C/MBEDTLS_SHA512_C symbols otherwise the + * function will return #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. * * \return \c 0 on success. * \return A negative error code on failure. @@ -175,8 +175,11 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, * \param is384 Determines which function to use. This must be either * \c 0 for SHA-512, or \c 1 for SHA-384. * - * \note When \c MBEDTLS_SHA384_C is not defined, \p is384 must - * be \c 0, or the function will return + * \note is384 must be defined accordingly with the supported + * symbols in the config file. If: + * - is384 is 0, but \c MBEDTLS_SHA384_C is not defined, or + * - is384 is 1, but \c MBEDTLS_SHA512_C is not defined + * then the function will return * #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. * * \return \c 0 on success. @@ -189,13 +192,26 @@ int mbedtls_sha512( const unsigned char *input, #if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_SHA384_C) /** - * \brief The SHA-384 or SHA-512 checkup routine. + * \brief The SHA-384 checkup routine. + * + * \return \c 0 on success. + * \return \c 1 on failure. + */ +int mbedtls_sha384_self_test( int verbose ); +#endif /* MBEDTLS_SHA384_C */ + +#if defined(MBEDTLS_SHA512_C) + /** + * \brief The SHA-512 checkup routine. * * \return \c 0 on success. * \return \c 1 on failure. */ int mbedtls_sha512_self_test( int verbose ); +#endif /* MBEDTLS_SHA512_C */ + #endif /* MBEDTLS_SELF_TEST */ #ifdef __cplusplus diff --git a/library/sha256.c b/library/sha256.c index 1a9a855fa..6965820a2 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -24,7 +24,7 @@ #include "common.h" -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA224_C) #include "mbedtls/sha256.h" #include "mbedtls/platform_util.h" @@ -167,12 +167,15 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst, */ int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 ) { -#if defined(MBEDTLS_SHA224_C) +#if defined(MBEDTLS_SHA224_C) && defined(MBEDTLS_SHA256_C) if( is224 != 0 && is224 != 1 ) return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA; -#else +#elif defined(MBEDTLS_SHA256_C) if( is224 != 0 ) return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA; +#else /* defined MBEDTLS_SHA224_C only */ + if( is224 == 0 ) + return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA; #endif ctx->total[0] = 0; @@ -180,7 +183,7 @@ int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 ) if( is224 == 0 ) { - /* SHA-256 */ +#if defined(MBEDTLS_SHA256_C) ctx->state[0] = 0x6A09E667; ctx->state[1] = 0xBB67AE85; ctx->state[2] = 0x3C6EF372; @@ -189,11 +192,11 @@ int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 ) ctx->state[5] = 0x9B05688C; ctx->state[6] = 0x1F83D9AB; ctx->state[7] = 0x5BE0CD19; +#endif } else { #if defined(MBEDTLS_SHA224_C) - /* SHA-224 */ ctx->state[0] = 0xC1059ED8; ctx->state[1] = 0x367CD507; ctx->state[2] = 0x3070DD17; @@ -205,7 +208,9 @@ int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 ) #endif } +#if defined(MBEDTLS_SHA224_C) ctx->is224 = is224; +#endif return( 0 ); } @@ -678,12 +683,15 @@ int mbedtls_sha256( const unsigned char *input, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha256_context ctx; -#if defined(MBEDTLS_SHA224_C) +#if defined(MBEDTLS_SHA224_C) && defined(MBEDTLS_SHA256_C) if( is224 != 0 && is224 != 1 ) return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA; -#else +#elif defined(MBEDTLS_SHA256_C) if( is224 != 0 ) return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA; +#else /* defined MBEDTLS_SHA224_C only */ + if( is224 == 0 ) + return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA; #endif mbedtls_sha256_init( &ctx ); @@ -707,23 +715,26 @@ exit: /* * FIPS-180-2 test vectors */ -static const unsigned char sha256_test_buf[3][57] = +static const unsigned char sha_test_buf[3][57] = { { "abc" }, { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" }, { "" } }; -static const size_t sha256_test_buflen[3] = +static const size_t sha_test_buflen[3] = { 3, 56, 1000 }; -static const unsigned char sha256_test_sum[6][32] = +typedef const unsigned char (sha_test_sum_t)[32]; + +/* + * SHA-224 test vectors + */ +#if defined(MBEDTLS_SHA224_C) +static sha_test_sum_t sha224_test_sum[] = { - /* - * SHA-224 test vectors - */ { 0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8, 0x22, 0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2, 0x55, 0xB3, 0x2A, 0xAD, 0xBC, 0xE4, 0xBD, 0xA0, 0xB3, 0xF7, @@ -735,11 +746,16 @@ static const unsigned char sha256_test_sum[6][32] = { 0x20, 0x79, 0x46, 0x55, 0x98, 0x0C, 0x91, 0xD8, 0xBB, 0xB4, 0xC1, 0xEA, 0x97, 0x61, 0x8A, 0x4B, 0xF0, 0x3F, 0x42, 0x58, 0x19, 0x48, 0xB2, 0xEE, - 0x4E, 0xE7, 0xAD, 0x67 }, + 0x4E, 0xE7, 0xAD, 0x67 } +}; +#endif - /* - * SHA-256 test vectors - */ +/* + * SHA-256 test vectors + */ +#if defined(MBEDTLS_SHA256_C) +static sha_test_sum_t sha256_test_sum[] = +{ { 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA, 0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23, 0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C, @@ -753,17 +769,26 @@ static const unsigned char sha256_test_sum[6][32] = 0xF1, 0x80, 0x9A, 0x48, 0xA4, 0x97, 0x20, 0x0E, 0x04, 0x6D, 0x39, 0xCC, 0xC7, 0x11, 0x2C, 0xD0 } }; +#endif /* * Checkup routine */ -int mbedtls_sha256_self_test( int verbose ) +static int mbedtls_sha256_common_self_test( int verbose, int is224 ) { - int i, j, k, buflen, ret = 0; + int i, buflen, ret = 0; unsigned char *buf; unsigned char sha256sum[32]; mbedtls_sha256_context ctx; +#if defined(MBEDTLS_SHA224_C) && defined(MBEDTLS_SHA256_C) + sha_test_sum_t* sha_test_sum = ( is224 ) ? sha224_test_sum : sha256_test_sum; +#elif defined(MBEDTLS_SHA256_C) + sha_test_sum_t* sha_test_sum = sha256_test_sum; +#else + sha_test_sum_t* sha_test_sum = sha224_test_sum; +#endif + buf = mbedtls_calloc( 1024, sizeof(unsigned char) ); if( NULL == buf ) { @@ -775,22 +800,19 @@ int mbedtls_sha256_self_test( int verbose ) mbedtls_sha256_init( &ctx ); - for( i = 0; i < 6; i++ ) + for( i = 0; i < 3; i++ ) { - j = i % 3; - k = i < 3; - if( verbose != 0 ) - mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 ); + mbedtls_printf( " SHA-%d test #%d: ", 256 - is224 * 32, i + 1 ); - if( ( ret = mbedtls_sha256_starts( &ctx, k ) ) != 0 ) + if( ( ret = mbedtls_sha256_starts( &ctx, is224 ) ) != 0 ) goto fail; - if( j == 2 ) + if( i == 2 ) { memset( buf, 'a', buflen = 1000 ); - for( j = 0; j < 1000; j++ ) + for( int j = 0; j < 1000; j++ ) { ret = mbedtls_sha256_update( &ctx, buf, buflen ); if( ret != 0 ) @@ -800,8 +822,8 @@ int mbedtls_sha256_self_test( int verbose ) } else { - ret = mbedtls_sha256_update( &ctx, sha256_test_buf[j], - sha256_test_buflen[j] ); + ret = mbedtls_sha256_update( &ctx, sha_test_buf[i], + sha_test_buflen[i] ); if( ret != 0 ) goto fail; } @@ -810,7 +832,7 @@ int mbedtls_sha256_self_test( int verbose ) goto fail; - if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 ) + if( memcmp( sha256sum, sha_test_sum[i], 32 - is224 * 4 ) != 0 ) { ret = 1; goto fail; @@ -836,6 +858,20 @@ exit: return( ret ); } +#if defined(MBEDTLS_SHA256_C) +int mbedtls_sha256_self_test( int verbose ) +{ + return mbedtls_sha256_common_self_test( verbose, 0 ); +} +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA224_C) +int mbedtls_sha224_self_test( int verbose ) +{ + return mbedtls_sha256_common_self_test( verbose, 1 ); +} +#endif /* MBEDTLS_SHA224_C */ + #endif /* MBEDTLS_SELF_TEST */ -#endif /* MBEDTLS_SHA256_C */ +#endif /* MBEDTLS_SHA256_C || MBEDTLS_SHA224_C */ diff --git a/library/sha512.c b/library/sha512.c index 92ada8c35..5de151d60 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -24,7 +24,7 @@ #include "common.h" -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_SHA384_C) #include "mbedtls/sha512.h" #include "mbedtls/platform_util.h" @@ -191,12 +191,15 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, */ int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ) { -#if defined(MBEDTLS_SHA384_C) +#if defined(MBEDTLS_SHA384_C) && defined(MBEDTLS_SHA512_C) if( is384 != 0 && is384 != 1 ) return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; -#else +#elif defined(MBEDTLS_SHA512_C) if( is384 != 0 ) return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; +#else /* defined MBEDTLS_SHA384_C only */ + if( is384 == 0 ) + return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; #endif ctx->total[0] = 0; @@ -204,7 +207,7 @@ int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ) if( is384 == 0 ) { - /* SHA-512 */ +#if defined(MBEDTLS_SHA512_C) ctx->state[0] = UL64(0x6A09E667F3BCC908); ctx->state[1] = UL64(0xBB67AE8584CAA73B); ctx->state[2] = UL64(0x3C6EF372FE94F82B); @@ -213,13 +216,11 @@ int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ) ctx->state[5] = UL64(0x9B05688C2B3E6C1F); ctx->state[6] = UL64(0x1F83D9ABFB41BD6B); ctx->state[7] = UL64(0x5BE0CD19137E2179); +#endif /* MBEDTLS_SHA512_C */ } else { -#if !defined(MBEDTLS_SHA384_C) - return( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA ); -#else - /* SHA-384 */ +#if defined(MBEDTLS_SHA384_C) ctx->state[0] = UL64(0xCBBB9D5DC1059ED8); ctx->state[1] = UL64(0x629A292A367CD507); ctx->state[2] = UL64(0x9159015A3070DD17); @@ -836,12 +837,15 @@ int mbedtls_sha512( const unsigned char *input, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha512_context ctx; -#if defined(MBEDTLS_SHA384_C) +#if defined(MBEDTLS_SHA384_C) && defined(MBEDTLS_SHA512_C) if( is384 != 0 && is384 != 1 ) return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; -#else +#elif defined(MBEDTLS_SHA512_C) if( is384 != 0 ) return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; +#else /* defined MBEDTLS_SHA384_C only */ + if( is384 == 0 ) + return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; #endif mbedtls_sha512_init( &ctx ); @@ -866,24 +870,26 @@ exit: /* * FIPS-180-2 test vectors */ -static const unsigned char sha512_test_buf[3][113] = +static const unsigned char sha_test_buf[3][113] = { { "abc" }, { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" }, { "" } }; -static const size_t sha512_test_buflen[3] = +static const size_t sha_test_buflen[3] = { 3, 112, 1000 }; -static const unsigned char sha512_test_sum[][64] = -{ +typedef const unsigned char (sha_test_sum_t)[64]; + +/* + * SHA-384 test vectors + */ #if defined(MBEDTLS_SHA384_C) - /* - * SHA-384 test vectors - */ +static sha_test_sum_t sha384_test_sum[] = +{ { 0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B, 0xB5, 0xA0, 0x3D, 0x69, 0x9A, 0xC6, 0x50, 0x07, 0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63, @@ -901,12 +907,16 @@ static const unsigned char sha512_test_sum[][64] = 0xED, 0x14, 0x9E, 0x9C, 0x00, 0xF2, 0x48, 0x52, 0x79, 0x72, 0xCE, 0xC5, 0x70, 0x4C, 0x2A, 0x5B, 0x07, 0xB8, 0xB3, 0xDC, 0x38, 0xEC, 0xC4, 0xEB, - 0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 }, + 0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 } +}; #endif /* MBEDTLS_SHA384_C */ - /* - * SHA-512 test vectors - */ +/* + * SHA-512 test vectors + */ +#if defined(MBEDTLS_SHA512_C) +static sha_test_sum_t sha512_test_sum[] = +{ { 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73, 0x49, 0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2, @@ -932,19 +942,25 @@ static const unsigned char sha512_test_sum[][64] = 0xEB, 0x00, 0x9C, 0x5C, 0x2C, 0x49, 0xAA, 0x2E, 0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B } }; +#endif /* MBEDTLS_SHA512_C */ #define ARRAY_LENGTH( a ) ( sizeof( a ) / sizeof( ( a )[0] ) ) -/* - * Checkup routine - */ -int mbedtls_sha512_self_test( int verbose ) +static int mbedtls_sha512_common_self_test( int verbose, int is384 ) { - int i, j, k, buflen, ret = 0; + int i, buflen, ret = 0; unsigned char *buf; unsigned char sha512sum[64]; mbedtls_sha512_context ctx; +#if defined(MBEDTLS_SHA384_C) && defined(MBEDTLS_SHA512_C) + sha_test_sum_t* sha_test_sum = ( is384 ) ? sha384_test_sum : sha512_test_sum; +#elif defined(MBEDTLS_SHA512_C) + sha_test_sum_t* sha_test_sum = sha512_test_sum; +#else + sha_test_sum_t* sha_test_sum = sha384_test_sum; +#endif + buf = mbedtls_calloc( 1024, sizeof(unsigned char) ); if( NULL == buf ) { @@ -956,26 +972,19 @@ int mbedtls_sha512_self_test( int verbose ) mbedtls_sha512_init( &ctx ); - for( i = 0; i < (int) ARRAY_LENGTH(sha512_test_sum); i++ ) + for( i = 0; i < 3; i++ ) { - j = i % 3; -#if defined(MBEDTLS_SHA384_C) - k = i < 3; -#else - k = 0; -#endif - if( verbose != 0 ) - mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 ); + mbedtls_printf( " SHA-%d test #%d: ", 512 - is384 * 128, i + 1 ); - if( ( ret = mbedtls_sha512_starts( &ctx, k ) ) != 0 ) + if( ( ret = mbedtls_sha512_starts( &ctx, is384 ) ) != 0 ) goto fail; - if( j == 2 ) + if( i == 2 ) { memset( buf, 'a', buflen = 1000 ); - for( j = 0; j < 1000; j++ ) + for( int j = 0; j < 1000; j++ ) { ret = mbedtls_sha512_update( &ctx, buf, buflen ); if( ret != 0 ) @@ -984,8 +993,8 @@ int mbedtls_sha512_self_test( int verbose ) } else { - ret = mbedtls_sha512_update( &ctx, sha512_test_buf[j], - sha512_test_buflen[j] ); + ret = mbedtls_sha512_update( &ctx, sha_test_buf[i], + sha_test_buflen[i] ); if( ret != 0 ) goto fail; } @@ -993,7 +1002,7 @@ int mbedtls_sha512_self_test( int verbose ) if( ( ret = mbedtls_sha512_finish( &ctx, sha512sum ) ) != 0 ) goto fail; - if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 ) + if( memcmp( sha512sum, sha_test_sum[i], 64 - is384 * 16 ) != 0 ) { ret = 1; goto fail; @@ -1019,8 +1028,22 @@ exit: return( ret ); } +#if defined(MBEDTLS_SHA512_C) +int mbedtls_sha512_self_test( int verbose ) +{ + return mbedtls_sha512_common_self_test( verbose, 0 ); +} +#endif /* MBEDTLS_SHA512_C */ + +#if defined(MBEDTLS_SHA384_C) +int mbedtls_sha384_self_test( int verbose ) +{ + return mbedtls_sha512_common_self_test( verbose, 1 ); +} +#endif /* MBEDTLS_SHA384_C */ + #undef ARRAY_LENGTH #endif /* MBEDTLS_SELF_TEST */ -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA512_C || MBEDTLS_SHA384_C */ diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 3f9bf87b4..a996174eb 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -38,23 +38,19 @@ #include /* - * If DTLS is in use, then at least one of SHA-1, SHA-256, SHA-384 is - * available. Try SHA-256 first, 384 wastes resources + * If DTLS is in use, then at least one of SHA-256 or SHA-384 is + * available. Try SHA-256 first as 384 wastes resources */ -#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA) -#define COOKIE_MD MBEDTLS_MD_SHA224 +#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA) +#define COOKIE_MD MBEDTLS_MD_SHA256 #define COOKIE_MD_OUTLEN 32 #define COOKIE_HMAC_LEN 28 #elif defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA) #define COOKIE_MD MBEDTLS_MD_SHA384 #define COOKIE_MD_OUTLEN 48 #define COOKIE_HMAC_LEN 28 -#elif defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA) -#define COOKIE_MD MBEDTLS_MD_SHA1 -#define COOKIE_MD_OUTLEN 20 -#define COOKIE_HMAC_LEN 20 #else -#error "DTLS hello verify needs SHA-1 or SHA-2" +#error "DTLS hello verify needs SHA-256 or SHA-384" #endif /* diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 2d6103c31..b4701cbe6 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -243,9 +243,15 @@ const selftest_t selftests[] = #if defined(MBEDTLS_SHA1_C) {"sha1", mbedtls_sha1_self_test}, #endif +#if defined(MBEDTLS_SHA224_C) + {"sha224", mbedtls_sha224_self_test}, +#endif #if defined(MBEDTLS_SHA256_C) {"sha256", mbedtls_sha256_self_test}, #endif +#if defined(MBEDTLS_SHA384_C) + {"sha384", mbedtls_sha384_self_test}, +#endif #if defined(MBEDTLS_SHA512_C) {"sha512", mbedtls_sha512_self_test}, #endif diff --git a/tests/include/test/drivers/config_test_driver.h b/tests/include/test/drivers/config_test_driver.h index 6a7fb1f3e..22518bfc4 100644 --- a/tests/include/test/drivers/config_test_driver.h +++ b/tests/include/test/drivers/config_test_driver.h @@ -35,7 +35,6 @@ /* PSA core mandatory configuration options */ #define MBEDTLS_CIPHER_C #define MBEDTLS_AES_C -#define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 #define MBEDTLS_CTR_DRBG_C @@ -46,6 +45,7 @@ * purpose of a specific set of tests. */ //#define MBEDTLS_SHA1_C +//#define MBEDTLS_SHA224_C //#define MBEDTLS_SHA384_C //#define MBEDTLS_SHA512_C //#define MBEDTLS_MD_C diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 18dc8a668..d166f779a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1969,7 +1969,8 @@ component_test_psa_crypto_config_accel_ecdsa () { scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING - # SHA384 needed for some ECDSA signature tests. + # These hashes are needed for some ECDSA signature tests. + scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA224_C scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA384_C scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C @@ -1978,6 +1979,7 @@ component_test_psa_crypto_config_accel_ecdsa () { make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" # Restore test driver base configuration + scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA224_C scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA384_C scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA512_C @@ -2062,6 +2064,7 @@ component_test_psa_crypto_config_accel_rsa_signature () { scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160_C scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA1_C + scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA224_C scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C # We need to define either MD_C or all of the PSA_WANT_ALG_SHAxxx. scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_MD_C @@ -2076,6 +2079,7 @@ component_test_psa_crypto_config_accel_rsa_signature () { # Restore test driver base configuration scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA1_C + scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA224_C scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA512_C scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_MD_C scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_PEM_PARSE_C diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index d09b732ca..d4fe4fdc1 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -44,12 +44,6 @@ The configuration building method can be one of the three following: direct dependencies, but rather non-trivial results of other configs missing. Then look for any unset symbols and handle their reverse dependencies. Examples of EXCLUSIVE_GROUPS usage: - - MBEDTLS_SHA256 job turns off all hashes except SHA256, however, when investigating - reverse dependencies, SHA224 is found to depend on SHA256, so it is disabled, - and then SHA256 is found to depend on SHA224, so it is also disabled. To handle - this, there's a field in EXCLUSIVE_GROUPS that states that in a SHA256 test SHA224 - should also be enabled before processing reverse dependencies: - 'MBEDTLS_SHA256_C': ['+MBEDTLS_SHA224_C'] - MBEDTLS_SHA512_C job turns off all hashes except SHA512. MBEDTLS_SSL_COOKIE_C requires either SHA256 or SHA384 to work, so it also has to be disabled. This is not a dependency on SHA512_C, but a result of an exclusive domain @@ -257,17 +251,14 @@ REVERSE_DEPENDENCIES = { 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED'], 'MBEDTLS_SHA256_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED', 'MBEDTLS_ENTROPY_FORCE_SHA256', - 'MBEDTLS_SHA224_C', 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', 'MBEDTLS_LMS_C', 'MBEDTLS_LMS_PRIVATE'], - 'MBEDTLS_SHA512_C': ['MBEDTLS_SHA384_C', - 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', + 'MBEDTLS_SHA512_C': ['MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY'], 'MBEDTLS_SHA224_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED', 'MBEDTLS_ENTROPY_FORCE_SHA256', - 'MBEDTLS_SHA256_C', 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY'], 'MBEDTLS_X509_RSASSA_PSS_SUPPORT': [] @@ -277,8 +268,6 @@ REVERSE_DEPENDENCIES = { # These are not necessarily dependencies, but just minimal required changes # if a given define is the only one enabled from an exclusive group. EXCLUSIVE_GROUPS = { - 'MBEDTLS_SHA256_C': ['+MBEDTLS_SHA224_C'], - 'MBEDTLS_SHA384_C': ['+MBEDTLS_SHA512_C'], 'MBEDTLS_SHA512_C': ['-MBEDTLS_SSL_COOKIE_C', '-MBEDTLS_SSL_PROTO_TLS1_3'], 'MBEDTLS_ECP_DP_CURVE448_ENABLED': ['-MBEDTLS_ECDSA_C', @@ -421,15 +410,15 @@ class DomainData: build_and_test), # Elliptic curves. Run the test suites. 'curves': ExclusiveDomain(curve_symbols, build_and_test), - # Hash algorithms. Exclude three groups: - # - Exclusive domain of MD, RIPEMD, SHA1 (obsolete); - # - Exclusive domain of SHA224 (tested with and depends on SHA256); - # - Complementary domain of SHA224 and SHA384 - tested with and depend - # on SHA256 and SHA512, respectively. + # Hash algorithms. Excluding exclusive domains of MD, RIPEMD, SHA1, + # SHA224 and SHA384 because MBEDTLS_ENTROPY_C is extensively used + # across various modules, but it depends on either SHA256 or SHA512. + # As a consequence an "exclusive" test of anything other than SHA256 + # or SHA512 with MBEDTLS_ENTROPY_C enabled is not possible. 'hashes': DualDomain(hash_symbols, build_and_test, exclude=r'MBEDTLS_(MD|RIPEMD|SHA1_)' \ - '|MBEDTLS_SHA224_'\ - '|!MBEDTLS_(SHA224_|SHA384_)'), + '|MBEDTLS_SHA224_' \ + '|MBEDTLS_SHA384_'), # Key exchange types. Only build the library and the sample # programs. 'kex': ExclusiveDomain(key_exchange_symbols, diff --git a/tests/suites/test_suite_shax.data b/tests/suites/test_suite_shax.data index 3552346e4..2af85c3cd 100644 --- a/tests/suites/test_suite_shax.data +++ b/tests/suites/test_suite_shax.data @@ -169,10 +169,18 @@ SHA-1 Selftest depends_on:MBEDTLS_SELF_TEST:MBEDTLS_SHA1_C sha1_selftest: +SHA-224 Selftest +depends_on:MBEDTLS_SELF_TEST:MBEDTLS_SHA224_C +sha224_selftest: + SHA-256 Selftest depends_on:MBEDTLS_SELF_TEST:MBEDTLS_SHA256_C sha256_selftest: +SHA-384 Selftest +depends_on:MBEDTLS_SELF_TEST:MBEDTLS_SHA384_C +sha384_selftest: + SHA-512 Selftest depends_on:MBEDTLS_SELF_TEST:MBEDTLS_SHA512_C sha512_selftest: diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function index aebfd84a8..79afe015d 100644 --- a/tests/suites/test_suite_shax.function +++ b/tests/suites/test_suite_shax.function @@ -46,9 +46,9 @@ void sha224( data_t * src_str, data_t * hash ) memset(output, 0x00, 57); - TEST_ASSERT( mbedtls_sha256( src_str->x, src_str->len, output, 1 ) == 0 ); + TEST_EQUAL( mbedtls_sha256( src_str->x, src_str->len, output, 1 ), 0 ); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 28, hash->len ) == 0 ); + TEST_EQUAL( mbedtls_test_hexcmp( output, hash->x, 28, hash->len ), 0 ); } /* END_CASE */ @@ -60,9 +60,9 @@ void mbedtls_sha256( data_t * src_str, data_t * hash ) memset(output, 0x00, 65); - TEST_ASSERT( mbedtls_sha256( src_str->x, src_str->len, output, 0 ) == 0 ); + TEST_EQUAL( mbedtls_sha256( src_str->x, src_str->len, output, 0 ), 0 ); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 32, hash->len ) == 0 ); + TEST_EQUAL( mbedtls_test_hexcmp( output, hash->x, 32, hash->len ), 0 ); } /* END_CASE */ @@ -94,9 +94,9 @@ void sha384( data_t * src_str, data_t * hash ) memset(output, 0x00, 97); - TEST_ASSERT( mbedtls_sha512( src_str->x, src_str->len, output, 1 ) == 0 ); + TEST_EQUAL( mbedtls_sha512( src_str->x, src_str->len, output, 1 ), 0 ); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 48, hash->len ) == 0 ); + TEST_EQUAL( mbedtls_test_hexcmp( output, hash->x, 48, hash->len ), 0 ); } /* END_CASE */ @@ -108,9 +108,9 @@ void mbedtls_sha512( data_t * src_str, data_t * hash ) memset(output, 0x00, 129); - TEST_ASSERT( mbedtls_sha512( src_str->x, src_str->len, output, 0 ) == 0 ); + TEST_EQUAL( mbedtls_sha512( src_str->x, src_str->len, output, 0 ), 0 ); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 64, hash->len ) == 0 ); + TEST_EQUAL( mbedtls_test_hexcmp( output, hash->x, 64, hash->len ), 0 ); } /* END_CASE */ @@ -121,16 +121,30 @@ void sha1_selftest( ) } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_SHA224_C:MBEDTLS_SELF_TEST */ +void sha224_selftest( ) +{ + TEST_EQUAL( mbedtls_sha224_self_test( 1 ), 0 ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_SELF_TEST */ void sha256_selftest( ) { - TEST_ASSERT( mbedtls_sha256_self_test( 1 ) == 0 ); + TEST_EQUAL( mbedtls_sha256_self_test( 1 ), 0 ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SHA384_C:MBEDTLS_SELF_TEST */ +void sha384_selftest( ) +{ + TEST_EQUAL( mbedtls_sha384_self_test( 1 ), 0 ); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:MBEDTLS_SELF_TEST */ void sha512_selftest( ) { - TEST_ASSERT( mbedtls_sha512_self_test( 1 ) == 0 ); + TEST_EQUAL( mbedtls_sha512_self_test( 1 ), 0 ); } /* END_CASE */ diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 95fa8ef85..274a89420 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -4532,7 +4532,7 @@ void ssl_tls13_create_psk_binder( int hash_alg, data_t *transcript, data_t *binder_expected ) { - unsigned char binder[ MBEDTLS_MD_MAX_SIZE ]; + unsigned char binder[ MBEDTLS_HASH_MAX_SIZE ]; /* Double-check that we've passed sane parameters. */ psa_algorithm_t alg = (psa_algorithm_t) hash_alg; @@ -4664,7 +4664,7 @@ void ssl_tls13_key_evolution( int hash_alg, data_t *input, data_t *expected ) { - unsigned char secret_new[ MBEDTLS_MD_MAX_SIZE ]; + unsigned char secret_new[ MBEDTLS_HASH_MAX_SIZE ]; PSA_INIT(); diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 914dffa86..002f3dc41 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -704,7 +704,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR x509_verify:"data_files/server5-sha1.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #37 (Valid, EC CA, SHA224 Digest) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509_verify:"data_files/server5-sha224.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #38 (Valid, EC CA, SHA384 Digest) @@ -840,7 +840,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_S x509_verify:"data_files/server9-bad-saltlen.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #69 (RSASSA-PSS, wrong mgf_hash) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509_verify:"data_files/server9-bad-mgfhash.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #70 (v1 trusted CA) @@ -2117,35 +2117,35 @@ X509 CRL ASN1 (TBSCertList, sig_oid1 id unknown) x509parse_crl:"30143012020100300d06092a864886f70d01010f0500":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG X509 CRL ASN1 (TBSCertList, sig_oid1 correct, issuer missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"30143012020100300d06092a864886f70d01010e0500":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, issuer set missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"30163014020100300d06092a864886f70d01010e05003000":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, correct issuer, thisUpdate missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"30253023020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, correct thisUpdate, nextUpdate missing, entries length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"30343032020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c30393031303130303030303030":"":MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, entries present, invalid sig_alg) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c30383132333132333539353900":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRL ASN1 (TBSCertList, entries present, date in entry invalid) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd190c30383132333132333539353900":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRL ASN1 (TBSCertList, sig_alg present, sig_alg does not match) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"30583047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010d0500":"":MBEDTLS_ERR_X509_SIG_MISMATCH X509 CRL ASN1 (TBSCertList, sig present, len mismatch) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"305d3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e05000302000100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH # 305c @@ -2171,35 +2171,35 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA: x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nserial number\: AB\:CD revocation date\: 2008-12-31 23\:59\:59\nsigned using \: RSA with SHA-224\n":0 X509 CRL ASN1 (TBSCertList, signatureValue missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"30583047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e0500":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, signatureAlgorithm missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"30493047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, single empty entry at end) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"30373035020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c30393031303130303030303030023000":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, good entry then empty entry at end) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"304b3049020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301630128202abcd170c3038313233313233353935393000":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, missing time in entry) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"304e3039020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300630048202abcd300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, missing time in entry at end) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"303b3039020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300630048202abcd":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, invalid tag for time in entry) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd190c303831323331323335393539300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRL ASN1 (TBSCertList, invalid tag for serial) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128402abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRL ASN1 (TBSCertList, no entries)