tests: psa: Reactivate and expand key management through test driver

The compilation guards in key_management.c are now accelerator compilation guards (MBEDTLS_PSA_ACCEL_KEY_TYPE_xyz). As a consequence when running the PSA driver wrapper tests as part of test_psa_crypto_config_basic and test_psa_crypto_drivers all.sh components all key management cryptographic operations were handled by the software builtin fallback, and not by the test driver as intended in the first place. This commits fixes this issue by: . declaring an accelerator for ECC key pairs in test_psa_crypto_config_basic. . declaring an accelerator for both ECC and RSA key pairs in test_psa_crypto_drivers. It is possible to declare an accelerator for both ECC and RSA key pairs in test_psa_crypto_drivers and not in test_psa_crypto_config_basic because in the case of test_psa_crypto_drivers the new PSA configuration is not activated. That way, the builtin fallback software implementation is present to supply the transparent test driver when some support is missing in it (mainly RSA key generation). Note that the declaration of accelerators does much more than just "fixing" the execution flow of driver wrapper tests, it makes all import and public key export cryptographic operations in all unit tests being handled by the transparent test driver (provided that it supports the key type). One test case related to key generation is partially disabled. This will be fixed with the rework of psa_generate_key along the lines described in psa-crypto-implementation-structure.md. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-12-01 14:19:33 +01:00 · 2020-12-01 14:19:33 +01:00 · 80eaa93b59
commit 80eaa93b59
parent c9066e4488
2 changed files with 3 additions and 3 deletions
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@ -1360,7 +1360,7 @@ component_test_psa_crypto_config_basic() {
    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
    msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG"
    make test
@ -2128,7 +2128,7 @@ component_test_psa_crypto_drivers () {
    msg "build: MBEDTLS_PSA_CRYPTO_DRIVERS w/ driver hooks"
    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
    msg "test: MBEDTLS_PSA_CRYPTO_DRIVERS, signature"
    make test
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@ -2757,7 +2757,7 @@ depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
 generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_NOT_SUPPORTED
 PSA generate key: ECC, Curve25519, good
-depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_ECP_DP_CURVE25519_ENABLED:!MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR
 generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS
 PSA generate key: RSA, default e