Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Asymmetric key data unit tests #9078

Open
wants to merge 4 commits into
base: development
Choose a base branch
from
Open

Asymmetric key data unit tests #9078

wants to merge 4 commits into from

Conversation

gilles-peskine-arm
Copy link
Contributor

@gilles-peskine-arm gilles-peskine-arm commented Apr 30, 2024
edited

Validate asymmetric key data. Uses the OpenSSL 3 command line, because that turned out to be convenient.

This will avoid a repeat of #8986 (comment), and make reviewing future changes to asymmetric_key_data.py easier.

Needs #9101 because I want to use subprocess.check_output and this requires upgrading pylint and mypy to slightly less old versions.

PR checklist

  • changelog no (test only)
  • 3.6 backport TODO
  • 2.28 backport no need: at this point, any relevant test data added to 2.28 is very likely to be backported from development where it will have been validated.
  • tests provided

@gilles-peskine-arm
Unit tests to validate key data
ad0675c 
Use the openssl command line. It seems to be the least inconvenient method.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Automatically run all Python scripts with unit tests
43a5d0d 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Pacify pylint 2.4
61a0e55 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Require OpenSSL 3
a8b593b 
OpenSSL 1.1.1 doesn't work (it doesn't support 'pkey -check' for Montgomery
and Edwards keys). Error out with an explicit message rather than failing
some test cases if OpenSSL is too old. Support overriding the 'openssl'
command through environment variables, and default to $OPENSSL_3 which we
set in our CI Docker images.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm gilles-peskine-arm added needs-ci Needs to pass CI tests size-s Estimated task size: small (~2d) component-test Test framework and CI scripts priority-medium Medium priority - this can be reviewed as time permits labels Apr 30, 2024
@gilles-peskine-arm gilles-peskine-arm mentioned this pull request Apr 30, 2024
Merged
4 tasks
@gilles-peskine-arm gilles-peskine-arm added needs-work needs-preceding-pr Requires another PR to be merged first labels May 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
component-test Test framework and CI scripts needs-ci Needs to pass CI tests needs-preceding-pr Requires another PR to be merged first needs-work priority-medium Medium priority - this can be reviewed as time permits size-s Estimated task size: small (~2d)
Projects
Non-roadmap pull requests
Status: In Development
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@gilles-peskine-arm