yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
29266 commits 1 branch 0 tags 94 MiB
Commit graph

10504 commits

Author SHA1 Message Date
Gilles Peskine
21570cf232 Auto-detect the need to link with pthread on Unix-like platforms 
When building with Make on a Unix-like platform (shell and compiler),
auto-detect configurations that may require linking with pthread.

This removes the need for MAKE_THREADING_FLAGS in all.sh.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 11:53:42 +01:00
Gilles Peskine
4392fc101f Unify some common rules of programs/Makefile and tests/Makefile 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 11:49:35 +01:00
Gilles Peskine
076fd25480 Unify common variables of programs/Makefile and tests/Makefile 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 11:48:56 +01:00
Gilles Peskine
f3d1ae1f05 Create common.make with LOCAL_CFLAGS and friends 
Create a common.make for definitions that are shared between tests/Makefile
and programs/Makefile, to facilitate maintenance. Start populating it with
CFLAGS/LDFLAGS variables. More to follow in subsequent commits.

Keep library/Makefile independent, at least for the time being.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 11:48:56 +01:00
Gilles Peskine
f5c5ce7789 Partly unify LOCAL_CFLAGS 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 11:48:56 +01:00
Gilles Peskine
4ad5733836 Unify treatment of MBEDTLS_TEST_OBJS 
Unify the treatment of MBEDTLS_TEST_OBJS between programs/Makefile and
tests/Makefile: include it via LOCAL_LD_FLAGS in both cases. Document why
the definition of MBEDTLS_TEST_OBJS is different.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 11:48:56 +01:00
Gilles Peskine
afccc1a6d5 Indent nested conditionals 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 11:48:52 +01:00
Dave Rodgman
5c7e94487e fix line length 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-21 15:42:22 +00:00
Valerio Setti
a72a797ffd all.sh: keep PKCS[5/12] enabled in accel_cipher_aead tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-21 16:40:40 +01:00
Valerio Setti
a69e872001 pkcs[5/12]: add CIPHER_C for [en/de]crypting functions 
This commit also updates corresponding test suites.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-21 16:39:04 +01:00
Dave Rodgman
3bc249959c
Merge branch 'development' into default-compiler-all 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-21 14:35:14 +00:00
Gilles Peskine
907cb020ef
Merge pull request #8618 from Ryan-Everett-arm/new-state-transition-documentation 
Update thread safety state transition documentation
 2023-12-21 12:09:58 +00:00
Gilles Peskine
0e6fdc4f1d
Merge pull request #8342 from yanesca/threading_test_pc 
Threading test proof of concept and plan
 2023-12-21 12:08:41 +00:00
Waleed Elmelegy
049cd302ed Refactor record size limit extension handling 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-12-20 17:28:31 +00:00
Tomi Fontanilles
9c69348c24 pk test suite: rename the parameter named parameter 
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Tomi Fontanilles
8174662b64 pk: implement non-PSA mbedtls_pk_sign_ext() 
This makes the function always available with its
its implementation depending on MBEDTLS_USE_PSA_CRYPTO.

Related dependencies and tests are updated as well.

Fixes #7583.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Valerio Setti
5f665c3a0d analyze_outcomes: add exceptions to disparities for block_cipher dispatch 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-20 09:56:05 +01:00
Valerio Setti
9afa329b80 analyze_outcomes: allow ignored test suites to have a dot in the name 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-20 09:55:28 +01:00
Valerio Setti
45c84feacc test_suite_ccm: add missing BLOCK_CIPHER_PSA_[INIT/DONE]() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-20 09:54:39 +01:00
Valerio Setti
689c0f71cb tests: use new CCM/GCM capability macros in tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-20 09:54:18 +01:00
Valerio Setti
4a8ef7cd9b all.sh: disable legacy AES/ARIA/CAMELLIA in test_full_block_cipher_psa_dispatch 
This commit also:
- rename the reference component as component_test_full_block_cipher_legacy_dispatch()
- add a common configuration function, named common_block_cipher_dispatch() that
  is used from both accelerated and reference components

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-20 07:35:41 +01:00
Dave Rodgman
c393222643 Work around clang 3.8 bug 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-19 18:52:35 +00:00
Dave Rodgman
fc5b9553b2 Don't use full path for setting CC 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-19 16:08:19 +00:00
Dave Rodgman
bc8e61d962 Use gcc in test_full_deprecated_warning 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-19 14:07:15 +00:00
Dave Rodgman
d8d6451a6e Add -O2 to some CFLAGS which were not setting it 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-19 12:20:21 +00:00
Dave Rodgman
ea03ef9a77 Don't specify gcc unless the test requires it 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-19 12:19:59 +00:00
Dave Rodgman
dfe5ce81ee Use clang -O2 in common_block_cipher_no_decrypt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-19 11:47:18 +00:00
Dave Rodgman
590519f535 Enable -O2 in depends.py 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-19 11:33:55 +00:00
Valerio Setti
9da01a7f53 all.sh: rename test_psa_crypto_config_accel_cipher to accel_des 
Renaming this test component in order to better explain what it
really does.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-19 08:05:40 +01:00
Dave Rodgman
d0a594d444 Use gcc in test_psa_compliance 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-18 22:29:56 +00:00
Dave Rodgman
932ce859d5 Ensure test_psa_compliance uses gcc 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-18 20:35:54 +00:00
Dave Rodgman
0c5bfe816f Ensure clang is present 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-18 19:53:25 +00:00
Dave Rodgman
66cbc83844 Use clang by default 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-18 18:34:50 +00:00
Paul Elliott
22dbaf05b6 Add AES_PSA_INIT() to thread test case 
Tests were failing when PSA was being used in ctr_drbg_seed() as PSA was
not initialised.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 18:18:04 +00:00
Paul Elliott
445af3c25a Move test dependancies to function file 
Dependancies are determined by code in this case.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
79dc6dad81 Improve make pthread linking mechanism 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
40f0ec246e Remove requirement for SHA512 from ctr_drbg test 
Set the entropy len prior to doing the test to ensure the outcome is the
same regardless of whether SHA512 or SHA256 is used.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
20a95bc09a Remove explicit linking of PThread in make 
This would break platforms that do not have pthread. Put the linking
instead behind a define and add this define where required to all.sh.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
6587959a32 Add ability to pass make variables to psa_collect_statuses.py 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
be978a8c4f Add option to pass make variables to depends.py 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
356597f077 Make TSan test run operate on full config 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
bb0e48f94f Make number of threads a test argument 
Remove hard coded number of threads.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
fed410f58e Increase entropy buffer sizes 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
811c600d88 Guard tests correctly 
All guarded options change output, thus failing the test.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
6a997c9994 Fix code style 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
2667eda785 Explicitly link tests with pthreads 
Required to use pthreads within tests.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
bda25dd29c Add re-seeding option to test 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
20b2efa293 Fix missing include 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:33 +00:00
Janos Follath
178bf3ee8a Fix failing multi-threaded unit test 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-12-18 14:49:33 +00:00
Janos Follath
a16ee6b7d4 Add multi-threaded unit test 
The unit test we add is designed to fail. The goal is to test the tests
and show that they catch the problem. A later commit will fix the unit
test and will make it pass.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-12-18 14:49:33 +00:00
Janos Follath
9338cac050 Add tsan to all.sh 
component_test_tsan now builds and tests the library with
clang ThreadSanitizer enabled.

There are no multi-threaded unit tests so far, the goal is that they are
automatically tested with TSan when they are added.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-12-18 14:49:33 +00:00
Bence Szépkúti
bbb5af9eae Set OpenSSL/GnuTLS variables in release components 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-12-15 21:06:01 +01:00
Bence Szépkúti
71c71eb91c all.sh: Parse arguments before checking if a test is supported 
Support for each test was checked before the command line had been
parsed, causing the support_ functions to ignore arguments that set a
tool's location.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-12-15 20:27:50 +01:00
Bence Szépkúti
89dd5c0654 Document release components in all.sh 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-12-15 17:05:47 +01:00
Dave Rodgman
543d275c68
Merge pull request #8635 from daverodgman/asan-opt 
CI perf - prefer clang for Asan
 2023-12-15 13:25:02 +00:00
Ryan Everett
abd8977cc1 Make check_files ignore png files in docs 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-15 12:33:38 +00:00
Dave Rodgman
d5635e95e2 Undo accidental change 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-15 11:04:34 +00:00
Dave Rodgman
a2cf240fff Add explanatory comment 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-15 11:04:13 +00:00
Dave Rodgman
c1f0f5b8af Fix a typo 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-14 23:34:48 +00:00
Dave Rodgman
b90f87b9a8 Use gcc for -m32 Asan builds 
There seem to be known issues with clang for this target.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-14 23:27:39 +00:00
Dave Rodgman
815b240d72 Fix unused function/variable warnings from clang 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-14 23:20:48 +00:00
Dave Rodgman
17127e9f39 Use clang as default compiler for Asan 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-14 19:34:52 +00:00
Valerio Setti
52ab8fa565 analyze_outcomes/all.sh: add reference component and entry for coverage comparison 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-14 18:09:26 +01:00
Valerio Setti
efdb8261b9 all.sh: keep CIPHER_C enabled in test_full_block_cipher_psa_dispatch() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-14 18:08:14 +01:00
Valerio Setti
ac7df142e8 test_suite_block_cipher: fix unused variable when !MBEDTLS_BLOCK_CIPHER_SOME_PSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-14 18:08:14 +01:00
Valerio Setti
c4831224d5 all.sh: keep PSA_WANT_ALG_[GCM/CCM] enabled in test_full_block_cipher_psa_dispatch() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-14 18:08:14 +01:00
Valerio Setti
1cf81c3c80 test_suite_block_cipher: add new data file for PSA/legacy dispatch test 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-14 18:08:14 +01:00
Valerio Setti
10e9aa26c5 tests: add PSA_INIT/PSA_DONE to CCM and GCM test suites 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-14 18:08:14 +01:00
Valerio Setti
f8e6cbacc0 all.sh: add new component for block_cipher dispatch to PSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-14 18:08:14 +01:00
Dave Rodgman
852de3c3f5 Build with -O2, but without assembly 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-14 16:44:11 +00:00
Waleed Elmelegy
26e3698357 Revert back checking on handshake messages length 
Revert back checking on handshake messages length due to
limitation on our fragmentation support of handshake
messages.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-12-14 16:23:25 +00:00
Dave Rodgman
a19c75381c Remove redundant use of -O2 with ASAN_FLAGS 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-14 14:52:58 +00:00
Manuel Pégourié-Gonnard
1f67363d6a
Merge pull request #8616 from lpy4105/issue/8553/test-driver-only-rsa 
Add test for driver-only RSA (crypto only)
 2023-12-14 11:05:55 +00:00
Dave Rodgman
bdba26c8d7
Merge pull request #8626 from davidhorstmann-arm/fix-uninit-mpi-test 
Fix possible free of uninitialized MPI
 2023-12-13 11:19:00 +00:00
Manuel Pégourié-Gonnard
7404af6ec3
Merge pull request #8599 from valeriosetti/issue8357 
G2 wrap-up
 2023-12-13 08:17:27 +00:00
Gilles Peskine
b4362d2cc7
Merge pull request #8523 from tom-daubney-arm/modify_check_generated_files_script 
Modify check generated files script to work with TF PSA Crypto too
 2023-12-11 21:15:00 +00:00
Gilles Peskine
a211bb7f01
Merge pull request #8596 from xkqian/tls13_early_data_input_file 
Change early data flag to input file
 2023-12-11 21:14:57 +00:00
David Horstmann
e04a97a1eb Move MPI initialization to start of function 
This prevents a call to mbedtls_mpi_free() on uninitialized data when
USE_PSA_INIT() fails.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-08 18:34:15 +00:00
Xiaokang Qian
aedfc0932b Revert to ae952174a7 and addressing some comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-08 10:43:24 +00:00
Pengyu Lv
d90fbf7769 Adjuest checks in generate_key_rsa suite 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 17:30:33 +08:00
Yanray Wang
177e49ad7a tls13: srv: improve DEBUG_MSG in case of TLS 1.2 disabled 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-08 11:00:33 +08:00
Ronald Cron
90d07118ad
Merge pull request #6721 from yuhaoth/pr/tls13-early-data-extension-of-nst 
TLS 1.3: EarlyData SRV: Write `early_data` extension of NewSessionTicket
 2023-12-07 09:25:35 +00:00
Pengyu Lv
abeca020d8 Remove test_psa_crypto_config_accel_rsa_signature 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 17:25:15 +08:00
Pengyu Lv
98a90c6542 Fix various issue 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 17:23:25 +08:00
Xiaokang Qian
dce183f2e2 Remove the duplicate cases and add early_data_file option 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 09:22:38 +00:00
Xiaokang Qian
864c62a906 Add one test case with early_data_file 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 06:11:38 +00:00
Xiaokang Qian
dd8a7f8acf Revert the early data test case 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 03:58:05 +00:00
Pengyu Lv
3cd16c47bd Add analyze_driver_vs_reference_rsa for analyze_outcomes 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 10:24:29 +08:00
Pengyu Lv
9e976f3649 Conditionally check the attribute of generated RSA key 
`psa_get_key_attributes` depends on some built-in
implementation of RSA. Guard the check with coresponding
macros.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 10:22:35 +08:00
Pengyu Lv
f1cacad870 Correctly use asymmetric encrypt/decrypt driver 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 10:22:35 +08:00
Pengyu Lv
e705f572f9 Add components to test crypto_full w/wo accelerated RSA 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 10:22:03 +08:00
Dave Rodgman
779819a4dd
Merge pull request #8613 from bensze01/valgrind-only-in-nightlies 
Do not run Valgrind tests in PR jobs
 2023-12-06 19:18:24 +00:00
Gilles Peskine
57e401b39f
Merge pull request #8521 from valeriosetti/issue8441 
[G4] Make CTR-DRBG fall back on PSA when AES not built in
 2023-12-06 18:25:44 +00:00
Waleed Elmelegy
9aec1c71f2 Add record size checking during handshake 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-12-06 15:18:15 +00:00
Jan Bruckner
f482dcc6c7 Comply with the received Record Size Limit extension 
Fixes #7010

Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2023-12-06 15:18:08 +00:00
Bence Szépkúti
0354d04d3c Do not run Valgrind tests in PR jobs 
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-12-06 16:14:37 +01:00
Jerry Yu
750e06743f remove misbehavior tests and code 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:22:15 +08:00
Jerry Yu
ea96ac3da9 fix various issues 
- get ticket_flags with function.
- improve output message and check it.
- improve `ssl_server2` help message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:17:37 +08:00
Jerry Yu
391c943340 Add tests for ticket early data permission bit 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:16:48 +08:00
Ronald Cron
40f3f1c36f
Merge pull request #7058 from yuhaoth/pr/tls13-early-data-parsing-0-rtt-data 
TLS 1.3 EarlyData SRV: Parsing 0-RTT data
 2023-12-06 06:47:32 +00:00
Xiaokang Qian
70fbdcf904 Change early data flag to input file 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-05 05:50:08 +00:00
Valerio Setti
5e18b90c95 config-tfm: disable CIPHER_C 
We also add a check in "all.sh" components:
- component_test_tfm_config_p256m_driver_accel_ec
- component_test_tfm_config
to ensure that CIPHER_C was not re-enabled accidentally.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 15:24:25 +01:00
Valerio Setti
58d0206f39 test_suite_block_cipher: fix depends_on for Camellia tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 15:24:25 +01:00
Valerio Setti
302a487499 test_driver_key_management: rename counter for export_public_key() hits 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti
829ce0facf test_driver_cipher: add forced return status for encrypt and set_iv 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti
7ef35a9b3c test_suite_psa_crypto_driver_wrappers: add counter for failing psa_cipher_update() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti
83e0de8481 crypto_extra: revert changes to mbedtls_psa_random_free() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti
0ca1868fcd test_suite_psa_crypto_driver_wrappers: fix missing hit counter reset before test 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti
7448367f68 test_suite_psa_crypto_slot_management: modify check on open key slots 
This commit
- Reverts changes previously done to psa_crypto_helpers.[c,h]
- Implements a new check for open key slots in
  mbedtls_test_helper_is_psa_leaking():
   - when CTR_DRBG does not use AES_C or PSA does not have an external
     RNG, then we allow 1 key slot (it's the one holding the AES key)
   - when the above conditions are not met, then we fallback to the
     usual check for "no open key slots remaining"

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti
45337a8895 test_suite_psa_crypto_driver_wrappers: add counter for cipher_update() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti
6ef82ae39d test_suite_psa_crypto_driver_wrappers: improving driver access counters 
When AES_C is not defined CTR_DRBG relies on PSA to get AES-ECB. This
means that, when AES-ECB is accelerated, each random operation goes through
driver access as well. This might result in unexpectedly increased
counters for driver's access.
We add extra counters in test_driver_[cipher/key_management].c to be
more specific on which driver functions are accessed and ignore
extra accesses due to CTR_DRBG.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti
0a903db804 test_suite_psa_crypto_slot_management: some fix for available key slots 
When AES_C is not defined, CTR_DRBG relies on PSA to get AES-ECB. This means
that PSA holds an open AES key since psa_crypto_init() is called, which
- reduces the maximum number of available key slots
- shifts the 1st available index

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Valerio Setti
dc32ac20fd test_suite_[ctr_drbg/random]: initialize/close PSA in tests 
This commit also adds AES_PSA_[INIT/DONE] in "psa_crypto_helpers.h". Its
scope is to call PSA_[INIT/DONE] only when AES_C is not defined (which is
when PSA is effectively required for CTR_DRBG).

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Valerio Setti
402cfba4dc psa: free RNG implementation before checking for remaining open key slots 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Valerio Setti
40a93dff32 all.sh: keep CTR_DRBG enabled in test_psa_crypto_config_accel_cipher_aead() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Yanray Wang
3d82ffce5b ssl-opt: test handshake for TLS 1.2 only cli with TLS 1.3 only srv 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-04 17:50:43 +08:00
Thomas Daubney
10769bca9e Fix bad whitespace in keyword argument assignment 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-12-01 23:47:59 +00:00
Thomas Daubney
3a0690647e Use guess_mbedtls_root in Mbed-TLS-only script 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-12-01 18:27:25 +00:00
Thomas Daubney
04c446cc21 Modify crypto_core_directory to also return a relative path 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-12-01 17:18:38 +00:00
Ronald Cron
857d29f29a
Merge pull request #8528 from yanrayw/issue/6933/parse-max_early_data_size 
TLS1.3 EarlyData: client: parse max_early_data_size
 2023-12-01 08:27:26 +00:00
Thomas Daubney
08c6dc4942 Rename project_crypto_name 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 13:56:09 +00:00
Dave Rodgman
f5e46fd45c
Merge pull request #8535 from daverodgman/update-tfm 
Adjust to match current TF-M config
 2023-11-29 16:14:06 +00:00
Gilles Peskine
18eab984c7
Merge pull request #8560 from lpy4105/issue/8423/optimize-analyze_outcomes_py 
Optimize analyze_outcomes.py
 2023-11-29 14:51:41 +00:00
Janos Follath
c6f1637f8c
Merge pull request #8534 from paul-elliott-arm/fix_mutex_abstraction 
Make mutex abstraction and tests thread safe
 2023-11-29 13:26:23 +00:00
Gilles Peskine
172c0b930f
Merge pull request #8561 from ronald-cron-arm/fix-ciphersuites-list-in-ssl-opt 
ssl-opt.sh: Fix getting the list of supported ciphersuites.
 2023-11-29 11:31:33 +00:00
Pengyu Lv
5dcfd0c613 Some improvements 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-29 18:03:28 +08:00
Dave Rodgman
51e72456f9 Automatically set MBEDTLS_NO_PLATFORM_ENTROPY in TF-M config 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-29 09:44:44 +00:00
Manuel Pégourié-Gonnard
6b5cedf51f
Merge pull request #8547 from valeriosetti/issue8483 
[G2] Make PSA-AEAD work with cipher-light
 2023-11-29 08:53:42 +00:00
Pengyu Lv
550cd6f9b2 Use boolean hit instead of int hits 
Also fix a typo in the comments.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-29 09:17:59 +08:00
Ronald Cron
60f76663c0 Align forced ciphersuite with test description 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-28 17:52:42 +01:00
Dave Rodgman
c3cd410acf
Merge pull request #8286 from gilles-peskine-arm/check_mbedtls_calloc_overallocation-disable_with_asan 
Fix test_suite_platform failure with Asan on modern Clang
 2023-11-28 16:48:31 +00:00
Ronald Cron
29ad2d7609 ssl-opt.sh: Remove unnecessary symmetric crypto dependencies 
Same test cases as in the previous commit.
Remove the redundant symmetric crypto dependency.
The dependency is ensured by the fact that:
1) the test case forces a cipher suite
2) ssl-opt.sh enforces automatically that the
   forced ciphersuite is available.
3) The fact that the forced ciphersuite is
   available implies that the symmetric
   cipher algorithm it uses is available as
   well.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-28 17:44:39 +01:00
Dave Rodgman
82d7a875ff Update tests to refer to our tf-m config wrapper 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-28 16:10:37 +00:00
Ronald Cron
41bc42ac1b ssl-opt.sh: Fix some symmetric crypto dependencies 
Fix some dependencies on symmetric crypto that
were not correct in case of driver but not
builtin support. Revealed by "Analyze driver
test_psa_crypto_config_accel_cipher_aead vs reference
test_psa_crypto_config_reference_cipher_aead" in
analyze_outcomes.py.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-28 15:59:40 +01:00
Ronald Cron
5b73de8ddb ssl-opt.sh: Add a check of the list of supported ciphersuites 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-28 15:59:03 +01:00
Tom Cosgrove
9e1d2e5727
Merge pull request #8029 from gilles-peskine-arm/fix-MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA 
Update old dependency to MBEDTLS_MD_CAN
 2023-11-28 13:12:10 +00:00
Valerio Setti
6632a12fa3 all.sh: re-enable CCM/GCM in test_full_no_cipher_with_crypto[_config]() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-28 11:45:38 +01:00
Dave Rodgman
be5489ae98 Simplify test for building P256-M 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-28 10:15:37 +00:00
Dave Rodgman
897bb77c0c Update tf-m tests in all.sh for P256-M 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-28 10:15:11 +00:00
Pengyu Lv
451ec8a4bc Add comment to read_outcome_file in analyze_outcomes.py 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 17:59:05 +08:00
Pengyu Lv
c2e8f3a080 Add type annotations to analyze_outcomes.py 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 17:22:04 +08:00
Manuel Pégourié-Gonnard
294f5d7ea9
Merge pull request #8540 from valeriosetti/issue8060 
[G2] Make CCM and GCM work with the new block_cipher module
 2023-11-28 08:18:45 +00:00
Pengyu Lv
20e3ca391e Run tests for ref_vs_driver outside task function 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 15:30:03 +08:00
Pengyu Lv
18908ec276 Define named tuple for component outcomes 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 13:04:11 +08:00
Pengyu Lv
28ae4648a6 Use mutable set all the time 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 11:35:19 +08:00
Pengyu Lv
59b9efc6dd Check if driver_component is missing 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 11:15:00 +08:00
Pengyu Lv
f28cf594b1 Break the loop when case hits 
We don't care about the number of hits of the test cases,
so break the iteration when the case hits.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 10:56:29 +08:00
Pengyu Lv
dd1d6a7cca Improve readability of the script 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 10:52:25 +08:00
Pengyu Lv
a1ddcfaef8 Extend the pattern of pkparse test on encrypted keys 
These test cases are ignored when analyzing outcomes on
analyze_driver_vs_reference_cipher_aead task.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 09:46:01 +08:00
Pengyu Lv
6c927c0795 Merge branch 'development' into review/gilles/update-old-dep-MD_CAN 2023-11-28 09:31:44 +08:00
Gilles Peskine
150002c9f9 Skip calloc overallocation test case 
This test case is incompatible with sanitizers (e.g. ASan), and thus
skipped. If the driver component uses a sanitizer but the reference
component doesn't, we have a PASS vs SKIP mismatch. Since this test case is
unrelated to drivers, we don't mind ignoring it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-27 18:24:45 +01:00
Dave Rodgman
9fbac381e6
Merge pull request #8326 from daverodgman/aesce-thumb2 
Support hw-accelerated AES on Thumb and Arm
 2023-11-27 09:58:58 +00:00
Paul Elliott
392ed3fe7f Add better documentation for mbedtls_test_mutex_mutex 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-24 15:48:28 +00:00
Thomas Daubney
e8f3789312 Revert change that removed in_tf_psa_crypto_repo variable 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-24 11:41:23 +00:00
Thomas Daubney
6130a619f8 Remove unused variable 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-24 10:58:07 +00:00
Thomas Daubney
fc60e9b7bf Make function calls consistent 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-24 10:56:04 +00:00
Paul Elliott
f25d831123 Ensure mutex test mutex gets free'd 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-23 18:49:43 +00:00
Dave Rodgman
8cd4bc4ac2
Merge pull request #8124 from yanrayw/support_cipher_encrypt_only 
Support the negative option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
 2023-11-23 17:43:00 +00:00
Dave Rodgman
c44042ddbc
Merge pull request #7905 from lpy4105/issue/misc-improvement 
misc improvements
 2023-11-23 16:20:58 +00:00
Ronald Cron
34915fac3a ssl-opt.sh: Fix getting the list of supported ciphersuites. 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-23 17:20:19 +01:00
Yanray Wang
18040ede3f all.sh: export LC_COLLATE=C for sorting in ASCII order 
By default, 'sort' sorts characters with system default locale,
which causes unexpected sorting order. To sort characters in ASCII
from computer perspective, export LC_COLLATE=C to specify character
collation for regular expressions and sorting with C locale.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-23 21:30:00 +08:00
Thomas Daubney
8932404c45 Introduce project_crypto_name in build_tree.py 
Add new function to build_tree.py to return the crypto
name for the project; either tfpsacrypto or mbedcrypto.
Deploy this function where needed.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-23 10:14:12 +00:00
Thomas Daubney
d0c3076dba Make use of crypto_core_directory function in script 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-23 09:59:57 +00:00
Yanray Wang
42be1bab30 block_cipher_no_decrypt: improve comment 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-23 14:34:41 +08:00
Yanray Wang
70642ecb24 all.sh: check_test_dependencies: add one more option 
- add !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT in whitelist

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-23 14:34:15 +08:00
Pengyu Lv
31a9b7891a Improve comments and variable naming 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-23 14:15:37 +08:00
Pengyu Lv
a442858878 Restruct the structure of outcome file presentation 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-23 10:52:42 +08:00
Yanray Wang
690ee81533 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-11-23 10:31:26 +08:00
Pengyu Lv
a6cf5d67c5 Share parsed outcomes among tasks when ananlyzing 
This extremely improves the performance.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-23 09:51:58 +08:00
Thomas Daubney
755d32117b Rename guess_mbedtls_root to guess_project_root 
Rename for consistency. Also, replace all calls to
this function with correct name.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-22 17:18:22 +00:00
Gilles Peskine
3b2b7f8acf MSan and TSan complain as well, not just ASan 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-22 18:08:17 +01:00
Gilles Peskine
05ebe967be Disable check_mbedtls_calloc overallocation under ASan 
This test case exercises an integer overflow in calloc. Under Asan, with
a modern Clang, this triggers an Asan complaint. The complaint can be
avoided with ASAN_OPTIONS=allocator_may_return_null=1, but this has to
be set in the environment before the program starts, and could hide
other errors.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-22 17:56:26 +01:00
Gilles Peskine
fa8ec2611e Detect enabled GCC/Clang sanitizers 
Occasionally we want tests to take advantage of sanitizers, or work around
them.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-22 17:56:26 +01:00
Jerry Yu
0e9eafff13 Update tests to the code status 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-22 16:48:39 +08:00
Yanray Wang
951b3cb400 tls13-misc: cli: check parser of max_early_data_size ext 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-22 10:33:11 +08:00
Jerry Yu
aa5dc24df9 Change if to switch case 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:25 +08:00
Jerry Yu
60e997205d replace check string 
The output has been changed

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:25 +08:00
Jerry Yu
713ce1f889 various improvement 
- improve change log entry
- improve comments
- remove unnecessary statement
- change type of client_age

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:25 +08:00
Jerry Yu
4ac648ef20 improve readability 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:24 +08:00
Jerry Yu
d84c14f80c improve code style 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:24 +08:00
Jerry Yu
b2455d2472 Guards ticket_creation_time 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:24 +08:00
Jerry Yu
472a69260b fix build failure 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:20 +08:00
Jerry Yu
342a555eef rename ticket received 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu
25ba4d40ef rename ticket_creation to ticket_creation_time 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu
28547c49ed update tests 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:18 +08:00
Gilles Peskine
8b1a124126
Merge pull request #8438 from yuhaoth/pr/disable-stdout-for-config-query-call 
Disable stdout in require_*_configs_* functions
 2023-11-20 18:27:03 +00:00
Gilles Peskine
885bcfc9d0
Merge pull request #7649 from yuhaoth/pr/add-command-for-server9-bad-saltlen 
Add command for server9-bad-saltlen
 2023-11-20 14:07:19 +00:00
Gilles Peskine
473ff34d59
Merge pull request #8489 from valeriosetti/issue8482 
Make CCM* and CCM independent
 2023-11-20 14:07:14 +00:00
Gilles Peskine
6267dd59c8
Merge pull request #8463 from gilles-peskine-arm/metatest-create 
Create a metatest program
 2023-11-20 14:07:08 +00:00
Manuel Pégourié-Gonnard
a4e7953f59
Merge pull request #8527 from lpy4105/issue/6324/driver-only-cipher+aead-tls-compat 
[G3] Driver-only cipher+aead: TLS: compat.sh
 2023-11-20 09:37:06 +00:00
Ronald Cron
97137f91b6
Merge pull request #7071 from yuhaoth/pr/tls13-ticket-add-max_early_data_size-field 
TLS 1.3 EarlyData: add `max_early_data_size` field for ticket
 2023-11-20 08:04:57 +00:00
Paul Elliott
9e25936241 Rename mutex->is_valid to mutex->state 
Rename struct member to make it more representative of its current use.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-16 15:14:16 +00:00
Paul Elliott
3774637518 Make threading helpers tests thread safe 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-16 15:13:49 +00:00
Paul Elliott
5fa986c8cb Move handling of mutex->is_valid into threading_helpers.c 
This is now a field only used for testing.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-16 15:13:05 +00:00
Pengyu Lv
7afd9a4663 Change the test messages 
We are now testing driver-only cipher+aead with full config.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-16 17:55:25 +08:00
Valerio Setti
59de2ae6de all.sh: re-enable CCM/GCM in test_full_no_cipher() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-16 08:20:27 +01:00
Pengyu Lv
c5d4c46983 Add missing PSA init 
EC might be supported through PSA, so use `MD_OR_USE_PSA_INIT`
in pk_parse_{public_}keyfile_ec.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-16 09:07:28 +08:00
Gilles Peskine
e7fc8a232f Readability improvement 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-15 16:56:26 +01:00
Manuel Pégourié-Gonnard
dc848955d6
Merge pull request #8519 from mpg/block-cipher 
[G2] Add internal module block_cipher
 2023-11-15 11:53:22 +00:00
Gilles Peskine
4ebccc0396 Update PSA init for md-ligt 
Also initialize PSA in builds where hashes are PSA-only, for the sake of
encrypted keys (otherwise PBKDF fails).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-15 11:04:30 +01:00