Commit graph

10235 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
bce640b7e3
Merge pull request #8499 from valeriosetti/issue8488
Clean up libtestdriver1 config: unconditonal removals
2023-11-15 04:25:14 +00:00
Manuel Pégourié-Gonnard
752dd39a69
Merge pull request #8508 from valeriosetti/issue6323
[G3] Driver-only cipher+aead: TLS: ssl-opt.sh
2023-11-14 11:39:06 +00:00
Yanray Wang
c43479103a aesce: fix unused parameter
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-14 11:09:56 +08:00
Valerio Setti
04c85e146c ssl-opt: fix wrong CCM dependencies with GCM
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-13 10:54:05 +01:00
Valerio Setti
c747306848 all.sh: remove redundant make in test_psa_crypto_config_accel_cipher_aead()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-13 10:51:52 +01:00
Yanray Wang
19583e44ed psa_information: improve code readability
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-13 17:43:37 +08:00
Yanray Wang
3ae1199788 all.sh: add config_block_cipher_no_decrypt to simplify code
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-13 17:43:21 +08:00
Yanray Wang
07e663de5e all.sh: block_cipher_no_decrypt: clean up cflags
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-13 17:23:40 +08:00
Yanray Wang
b2d6e52758 all.sh: block_cipher_no_decrypt: simplify code
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-13 17:23:19 +08:00
Yanray Wang
85b7465712 all.sh: block_cipher_no_decrypt: fix various issues
- improve test completeness
- renaming
- fix typo

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-13 17:18:34 +08:00
Manuel Pégourié-Gonnard
cf582df426
Merge pull request #8498 from mpg/legacy-deps-psa-tests
Remove legacy dependencies from PSA tests
2023-11-13 08:16:30 +00:00
Tom Cosgrove
08ea9bfa1f
Merge pull request #8487 from yanrayw/issue/6909/rename_tls13_conf_early_data
TLS 1.3: Rename early_data and max_early_data_size configuration function
2023-11-10 19:35:46 +00:00
Gilles Peskine
cce0012463 Add documentation
Explain the goals of metatests, how to write them, and how to read their
output.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-10 15:36:15 +01:00
Manuel Pégourié-Gonnard
76fa16cab3 block_cipher: add encrypt()
Test data copied from existing test suites.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 12:14:53 +01:00
Manuel Pégourié-Gonnard
3e0884fc53 block_cipher: add setkey()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 11:52:10 +01:00
Manuel Pégourié-Gonnard
21718769d1 Start adding internal module block_cipher.c
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 11:21:17 +01:00
Manuel Pégourié-Gonnard
9f164f0103 all.sh: more comments in check_test_cases()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 10:16:06 +01:00
Manuel Pégourié-Gonnard
5c6f787caa all.sh: robustness improvement
The original pattern would catch any extension, which could include
things like editor backup files etc, that we'd rather ignore.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 10:04:22 +01:00
Manuel Pégourié-Gonnard
a742337ef6 all.sh: add diff to can_keep_going_after_failure
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 09:58:31 +01:00
Valerio Setti
73d053123f ssl-opt: set proper cipher dependencies in tests using ticket_aead parameters
Check either legacy or PSA symbols based on USE_PSA_CRYPTO

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:27:45 +01:00
Valerio Setti
dd43d7b3a4 ssl-opt: set proper dependencies on tests with encrypted server5 key
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:12:07 +01:00
Valerio Setti
f941455e3b all.sh: enable ssl-opt testing in psa_crypto_config_[accel/reference]_cipher_aead
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:12:07 +01:00
Valerio Setti
ec9b25877f all.sh: disable CIPHER_C in test_psa_crypto_config_accel_cipher_aead
Extra features that depend on CIPHER_C are disabled also in the
reference component in order to get test parity.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:08:43 +01:00
Yanray Wang
799bd84b0d all.sh: resue support_build_armcc for *_armcc test
For time being, pre_check_tools check armcc and armclang together.
Therefore, we can resue support_build_armcc even if the test only
needs armclang.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-10 15:03:23 +08:00
Yanray Wang
4cd1b1617d all.sh: check additional symbols in asece for block_cipher_no_decrypt
check
 - mbedtls_aesce_inverse_key
 - aesce_decrypt_block

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-10 15:03:23 +08:00
Yanray Wang
49cd4b5f7d all.sh: refine and simplify component for block_cipher_no_decrypt
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-10 15:03:10 +08:00
Manuel Pégourié-Gonnard
7d7ce0e66a
Merge pull request #8495 from lpy4105/issue/6322/driver-only-cipher_aead-tls
[G3] Driver-only cipher+aead: TLS: main test suite
2023-11-09 11:10:34 +00:00
Jerry Yu
de7ead0a64
Update license
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-09 10:10:33 +08:00
Gilles Peskine
4dec9ebdc2
Merge pull request #8378 from mschulz-at-hilscher/fixes/issue-8377
Fixes "CSR parsing with critical fields fails"
2023-11-08 18:07:04 +00:00
Gilles Peskine
c75ee77dbb
Merge pull request #8439 from yuhaoth/pr/add-test-suite-parameter-to-ssl-opt
Add test-suite parameter to filter tests
2023-11-08 18:05:44 +00:00
Dave Rodgman
0d22539de0
Merge pull request #8468 from daverodgman/mbedtls-3.5.1-pr
Mbed TLS 3.5.1
2023-11-08 18:01:32 +00:00
Valerio Setti
b9015385fd test_driver_extension: use same def/undef pattern for all accelerated symbols
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-08 13:11:10 +01:00
Manuel Pégourié-Gonnard
3e1d39b332 Add check about legacy dependencies in PSA tests
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:54:02 +01:00
Dave Rodgman
28d40930ae Restore bump version
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:08 +00:00
Gilles Peskine
1d6de4ceb7 No more limitations accelerated algorithms using a built-in hash
It used to be the case that when an algorithm that uses a hash inside was
accelerated through a PSA driver, it might end up calling a hash algorithm
that is not available from the driver. Since we introduced MBEDTLS_MD_LIGHT,
this no longer happens: PSA accelerated hashes are available to callers of
the MD module, so the test driver can use all available hash algorithms.
Hence the workaround to skip testing certain accelerated cases is no longer
needed.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-08 12:30:52 +01:00
Manuel Pégourié-Gonnard
fcc5f31bb8 Rm unjustified MD_C dependencies in PSA test
RSA will auto-enable MD_LIGHT, we don't need to list MD_C as a
dependency here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:30:52 +01:00
Manuel Pégourié-Gonnard
af302b9e5d Rm unjustified PK_C dependencies in PSA tests
Some are about raw or AES keys where PK seems really unrelated.

The others are about RSA where PK may be relevant, but the necessary
bits of PK are auto-enabled when RSA key types are requested, so we
shouldn't need to list them as dependencies in tests.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:30:52 +01:00
Manuel Pégourié-Gonnard
433150e8f2 Rm redundant ECC dependencies in psa_crypto tests
Since _DERIVE can't be accelerated now, in
config_adjust_legacy_from_psa.h we will notice and auto-enable ECP_LIGHT
as well as the built-in version of each curve that's supported in this
build. So, we don't need to list those as dependencies here - and they
would cause issues when we add support for _DERIVE drivers.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:30:51 +01:00
Manuel Pégourié-Gonnard
59a8b41ca3 Fix incorrect RSA dependencies in psa_crypto tests
There's no reason the tests would depend specifically on our built-in
implementation and not work with drivers, so replace the RSA_C
dependency with the correct PSA_WANT dependencies.

Those 6 cases use two different test functions, but both of those
functions only do `psa_import()`, so all that's needed is PUBLIC_KEY or
KEYPAIR_IMPORT (which implies KEYPAIR_BASIC) depending on the kind of
key being tested.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:30:51 +01:00
Manuel Pégourié-Gonnard
0d9a3618bd Rm unneeded dep on PK_PARSE_C in psa crypto tests
Most of them were removed in 7162, not sure how these ones slipped in.

There's no reason deterministic ECDSA verification would need PK parse
more than the other tests. The following finds no match:

    grep -i pk_parse library/ecdsa.c library/psa_crypto_ecp.c

Even if PK parse was actually needed for this, the right way would be to
auto-enable it based on PSA_WANT symbols, and then only depend on
PSA_WANT symbols here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:30:51 +01:00
Ronald Cron
c27a4ce3dd
Merge pull request #8429 from gilles-peskine-arm/fix-test_suite_constant_time_hmac-not-executed
Fix test suite never executed due to an undefined symbol
2023-11-08 09:05:12 +00:00
Pengyu Lv
2bd56de3f4 ssl: replace MBEDTLS_SSL_HAVE_*_CBC with two seperate macros
MBEDTLS_SSL_HAVE_<block_cipher>_CBC equals
MBEDTLS_SSL_HAVE_<block_cipher> and MBEDTLS_SSL_HAVE_CBC.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 14:21:19 +08:00
Pengyu Lv
ba6825e37b ssl: use MBEDTLS_SSL_HAVE_* in tests
Done by commands:

```
sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 14:09:16 +08:00
Yanray Wang
7b320fa7c9 ssl-opt.sh: fix typo
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-08 10:33:32 +08:00
Pengyu Lv
fe03a4071b ssl_helper: fix missin initialization of cli_log_obj
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 10:30:48 +08:00
Yanray Wang
30769696e7 Merge remote-tracking branch 'origin/development' into adjust_tfm_configs 2023-11-08 10:00:24 +08:00
Matthias Schulz
e92f6dcf5c New test cases requested in https://github.com/Mbed-TLS/mbedtls/pull/8378#discussion_r1383779861
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-07 15:16:35 +01:00
Tom Cosgrove
53199b1c0a
Merge pull request #6720 from yuhaoth/pr/tls13-early-data-receive-0_rtt-and-eoed
TLS 1.3: EarlyData SRV: Write early data extension  in EncryptedExtension
2023-11-07 13:59:13 +00:00
Yanray Wang
4995e0c31b cipher.c: return error for ECB-decrypt under BLOCK_CIPHER_NO_DECRYPT
- fix remaining dependency in test_suite_psa_crypto.data

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-07 17:51:32 +08:00
Tom Cosgrove
4122c16abd
Merge pull request #6945 from lpy4105/issue/6935/ticket_flags-kex-mode-determination
TLS 1.3: SRV: Check ticket_flags on kex mode determination when resumption
2023-11-07 09:26:21 +00:00
Jerry Yu
7ef9fd8989 fix various issues
- Debug message
- Improve comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-07 14:31:37 +08:00
Pengyu Lv
4ebf86e780 tls13-misc: Do not check kex mode for some cases
Ephemeral is preferred over pure PSK, the change is
to make CI happy.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-07 10:14:32 +08:00
Pengyu Lv
1f00926142 Change base config to full
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-07 09:55:11 +08:00
Gilles Peskine
102aea2ba8 Add metatests for mutex usage
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:19 +01:00
Gilles Peskine
6848d1709b Run metatests in selected components
Run metatests in some components, covering both GCC and Clang, with ASan,
MSan or neither.

Note that this commit does not cover constant-flow testing builds or Valgrind.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:19 +01:00
Gilles Peskine
f109664448 Script to run all the metatests (with platform filtering)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:18 +01:00
Dave Rodgman
b578514b03
Merge pull request #8470 from gilles-peskine-arm/check-files-license
Check copyright statements and SPDX license statements
2023-11-06 17:07:54 +00:00
Paul Elliott
e03270f2e0
Merge pull request #8391 from paul-elliott-arm/full_no_platform
Add full_no_platform config preset
2023-11-06 11:35:28 +00:00
Manuel Pégourié-Gonnard
964dee6b3f
Merge pull request #8442 from lpy4105/issue/8355/driver-only-cipher_aead-x509
X.509: Support driver-only cipher+aead
2023-11-06 09:10:57 +00:00
Yanray Wang
bc29aefdea all.sh: test BLOCK_CIPHER_NO_DECRYPT in build_aes_variations
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-06 11:14:38 +08:00
Jerry Yu
9e47b268c4 Revert "ssl-opt.sh: Make record_outcome record the ssl-opt.sh file only"
This reverts commit cfe68a0cb6.

As commit 5eb2b02862, this line is used to report test suite name.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-06 10:53:43 +08:00
Jerry Yu
50d07bdeec Add test-suite parameter to filter tests
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-06 10:49:01 +08:00
Yanray Wang
f149640021 all.sh: add components to test BLOCK_CIPHER_NO_DECRYPT with PSA
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-06 10:02:10 +08:00
Gilles Peskine
ce78200fb5 Pacify mypy
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-04 16:07:26 +01:00
Gilles Peskine
3b9facd8ac Also complain if licenses are mentioned
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-04 16:07:26 +01:00
Gilles Peskine
f2fb9f667c Check copyright statements and SPDX license identifier
Enforce a specific copyright statement and a specific SPDX license
identifier where they are present.

Binary files, third-party modules and a few other exceptions are not
checked.

There is currently no check that copyright statements and license
identifiers are present.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-04 16:07:26 +01:00
Gilles Peskine
990030bce0 Sort imports
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-04 16:07:26 +01:00
Gilles Peskine
8b6b41f6cd
Merge pull request #8434 from valeriosetti/issue8407
[G2] Make TLS work without Cipher
2023-11-04 15:05:00 +00:00
Gilles Peskine
c5ce9fcf03
Merge pull request #8435 from valeriosetti/issue8415
Remove cipher/aead legacy dependencies from PSA test suites
2023-11-04 15:04:51 +00:00
Gilles Peskine
e9f50bf161
Merge pull request #8443 from valeriosetti/issue8274
Clean up curves handling in libtestdriver1 config
2023-11-04 15:04:42 +00:00
Gilles Peskine
0c29963265
Merge pull request #8462 from daverodgman/license-change
License change
2023-11-04 15:47:07 +01:00
Dave Rodgman
4eb44e4780 Standardise some more headers
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 12:15:12 +00:00
Yanray Wang
6b190d4f27 psa_information.py: generate dep for AES/ARIA/CAMELLIA ECB test case
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-03 17:37:22 +08:00
Dave Rodgman
16799db69a update headers
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
Dave Rodgman
4472ce14b9
Merge pull request #8088 from tgonzalezorlandoarm/tg/check_test_cases-new
Make check_test_cases.py recognize test case name templates in ssl-opt.sh
2023-11-02 12:22:52 +00:00
Yanray Wang
eefd2695d2 test_suite_psa_crypto: add dependency for decrypt test cases
If MBEDTLS_BLOCK_CIPHER_NO_DECRYPT, we can't test decrypt for
AES-ECB, so adding this dependency for some test cases

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-02 12:38:01 +08:00
Yanray Wang
66111393e4 all.sh: modify components to test BLOCK_CIPHER_NO_DECRYPT
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-02 12:38:01 +08:00
Pengyu Lv
59afe498d4 test: tls13: change server output check
tls13 server now does not parse pre-shared key extension unless
there are some psk key exchange modes really available.
For `ephemeral_all/psk_or_ephemeral` configuration pairs, there
wouldn't be any psk key exchange mode available, so the check
of "Pre shared key found" should be inverse.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-01 14:50:44 +08:00
Jerry Yu
454dda3e25 fix various issues
- improve output message
- Remove unnecessary checks
- Simplify test command

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-01 10:28:43 +08:00
Valerio Setti
ac7a809ac3 all.sh: remove leftover loc_curve_list usage
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-31 12:23:44 +01:00
Pengyu Lv
2151ba55f6 test_suite_x509write: use plaintext key file
Some test cases are using encrypted key file, thus have
dependency on low-level block cipher modules (e.g. AES).
This commit adds unencrypted key file so that we could
get rid of those dependencies.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-31 18:12:04 +08:00
Yanray Wang
b67b47425e Rename MBEDTLS_CIPHER_ENCRYPT_ONLY as MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-10-31 17:22:06 +08:00
Yanray Wang
5779096753 Merge remote-tracking branch 'origin/development' into adjust_tfm_configs 2023-10-31 13:39:07 +08:00
Pengyu Lv
78657d0c1d Change base config to full minus SSL
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-31 10:29:41 +08:00
Pengyu Lv
f2814ff97b Move common config to common function
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-31 10:29:41 +08:00
Paul Elliott
afc6a992c5
Merge pull request #8381 from gilles-peskine-arm/20231017-misc-cleanup
Cleanups in test code
2023-10-30 18:08:01 +00:00
Paul Elliott
835edd627d
Merge pull request #8404 from paul-elliott-arm/fix_coverity_issues
Fix two coverity issues
2023-10-30 18:00:14 +00:00
Dave Rodgman
b06d701f56
Merge pull request #8406 from beni-sandu/aesni
AES-NI: use target attributes for x86 32-bit intrinsics
2023-10-30 17:01:06 +00:00
Manuel Pégourié-Gonnard
1c6100240d
Merge pull request #8398 from mpg/analyze-outcome-ignore-re
In analyze_outcomes.py, add pattern-ignore
2023-10-30 12:46:35 +00:00
Valerio Setti
3d59ebef2c ssl_helpers: remove CIPHER_C guards in mbedtls_test_ssl_build_transforms()
Use !USE_PSA_CRYPTO instead.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:59:37 +01:00
Valerio Setti
847213120c test_suite_psa_crypto_metadata: remove unnecessary CIPHER_C dependencies
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:37:09 +01:00
Valerio Setti
74d5f23c3f test_suite_ssl: use new internal symbols in tests using CBC
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:36:32 +01:00
Valerio Setti
31ad3a14cc ssl_helpers: allow mbedtls_test_ssl_build_transforms to work without CIPHER_C
A new internal function is added to get cipher's info (mode, key bits and
iv len) without relying on CIPHER_C. This function is basically a lookup
table used only for test purposes.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:36:32 +01:00
Valerio Setti
852d26c70d all.sh: enable SSL_TLS and SSL_TICKET in full_no_cipher with PSA_CRYPTO
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:36:32 +01:00
Valerio Setti
3fe105b042 all.sh: fix test components using accelerated curves
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:08:12 +01:00
Valerio Setti
05c25cbaf9 test_driver_extension: manage curves' acceleration the same as other PSA_WANT symbols
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:07:18 +01:00
Manuel Pégourié-Gonnard
c51c411cc1 analyze_outcome: only warn on ignored tests that pass
The previous check also warned when on tests that were already skipped
in the reference config, which are not really a problem. The purpose of
this "uselessly ignored" check is to make sure that the ignore list
(together with the config common to driver and reference in all.sh)
always correct reflects what works or doesn't in driver-only builds. For
this it's enough to warn when a test is ignored but passing.

The previous, stricter check, was causing issues like:

Error: uselessly ignored: test_suite_pkcs12;PBE Encrypt, pad = 8 (PKCS7 padding disabled)
Error: uselessly ignored: test_suite_pkcs12;PBE Decrypt, (Invalid padding & PKCS7 padding disabled)
Error: uselessly ignored: test_suite_pkcs5;PBES2 Decrypt (Invalid padding & PKCS7 padding disabled)

These are skipped in the reference config because is has PKCS7 padding
enabled, and that's OK.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-30 10:21:22 +01:00
Manuel Pégourié-Gonnard
cd84a290a9 analyze_outcomes: use regexes for cipher/aead
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-30 10:21:15 +01:00
Jerry Yu
9dd0cc06e5 disable stdout in require_*_configs_* functions
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-30 17:05:42 +08:00
Beniamin Sandu
3bca7817e5 tests/scripts/all.sh: add test for 32-bit AES-NI intrinsics with clang
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
2023-10-27 17:02:22 +01:00
Tomás González
7f2cddb1ae check_test_cases: Minor documentation change
* Make an iteration comment generic to every file it may affect
   instead of making it specific a particular file.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:46:23 +01:00
Tomás González
4fc582461b compat.sh: Rename list_test_case to list_test_cases
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
cfe68a0cb6 ssl-opt.sh: Make record_outcome record the ssl-opt.sh file only
Ignore the test suite name as file from opt-testcases cannot
actually be called separately.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
51cb704342 Avoid using print_name when --list-test-cases is used
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
378e364c3c ssl-opt.sh: Correct print format for test cases' names
Avoid printing an extra space when using the --list-test-cases
option.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
12787c9ba5 Remove invalid -l option from test scripts
The -l option mentioned in previous commits for both ssl-opt.sh and
compat.sh scripts should only be a --list-test-cases option.

Remove -l option from the help list.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
38ecf9fa1e check_test_cases: Avoid removing duplicated test cases
One of the jobs of check_test_cases is to check for duplicate test
descriptions and to have them ordered:

 * Stop using a set to collect the different test cases from the
   test scripts.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
4a86da2460 check_test_cases: Unify walk_compat_sh and walk_opt_sh into one
walk_compat_sh and walk_opt_sh are basically the same now, so:

 * Merge them into one function.
 * Use the --list-test-cases option for both of them.
 * Rename this merged function as collect_from_script which seems
   more appropriate as since it isn't iterating the script but
   calling it.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
37a8739e4d ssl-opt.sh: Don't affect the order at which functions are printed
When adding the LIST_TESTS option, print_name can be called
before checking if the test case should be excluded or not.
Change this back to its previous state while still taking into
account the LIST_TESTS option.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
be2c66e548 ssl-opt.sh: Simplify the implementation of the -l option
Instead of verifying if the LIST_TESTS variable has been set in
every function to avoid using the P_QUERY variable and avoid
calling a program that has not necessarily been compiled yet:

 * Define P_QUERY=":" when LIST_TESTS has been set.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
06956a12aa Skip unnecessary logic when -l option is used
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:14 +01:00
Tomás González
f162b4f497 Only use CONFIGS_ENABLED when not listing tests
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
0e8a08a1f7 Get options at beginning of program
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
787428a08c Avoid skipping test when printing
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
3a65d6368a Remove formatted string to make pylint happy
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
970b39fb38 tests/check_test_cases: Use subprocess.check_output instead of run
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
079eaee8ca Use file_name parameter in walk_ssl_opt_sh()
Remove hardcoded file_name and use the parameter provided in the
function.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
546fc9ce9e Revert "Add opt-testcases into check list"
ssl-opt.sh now takes care of looking at the files in the
opt-testcases subdirectory, so use ssl-opt.sh directly
in walk_ssl_opt_sh().

 * Revert commit f17a60f147.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
754f8cd959 tests/check_test_cases: Use ssl-opt.sh -l option instead of parsing
* Use the newly added ssl-opt.sh -l option to list all the tests
   cases and their used parameters instead of having to parse the
   file to discover them. This avoids having to add further parsing
   complexity in the future as discussed in
   https://github.com/Mbed-TLS/mbedtls/pull/8080#issuecomment-1681064743

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
24552ff84e ssl-opt/run_test: Introduce -l option to list test case names
* Add an option in ssl-opt test case to list all the run_test calls
   and their names. This allows to show the parameters used and can
   make us avoid having to parse ssl-opt to look for extra
   parameters in the future.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Manuel Pégourié-Gonnard
d36a37f0de analyze_outcomes: ignore patterns apply to whole suite
This may come in handy when ignoring patterns in test_suite_cipher for
example which is split in several .data files where we'll want to ignore
the same patterns.

Currently none of the entries had a '.' in the test suite name, so this
doesn't change anything for existing entries.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:19:36 +02:00
Manuel Pégourié-Gonnard
9d9c2344ea analyze_outcome: Simplify some code
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:19:00 +02:00
Manuel Pégourié-Gonnard
b26954375f analyze_outcome: work around old Python in CI
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:18:52 +02:00
Manuel Pégourié-Gonnard
62d6131e5e analyze_outcomes: minor output fix
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:18:52 +02:00
Manuel Pégourié-Gonnard
4fd5a6ac9e analyze_outcomes: use regexes with ECC components
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:18:51 +02:00
Manuel Pégourié-Gonnard
b4558bd6e4 analyze_outcomes: remove useless ignore entries
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:17:35 +02:00
Manuel Pégourié-Gonnard
371165aec0 analyze_outcomes: useless ignores are now errors
Change from iterating on all available tests to iterating on tests with
an outcome: initially we were iterating on available tests but
immediately ignoring those that were always skipped. That last part
played poorly with the new error (we want to know if the test ignored
due to a pattern was skipped in the reference component), but when
removing it, we were left with iterating on all available tests then
skipping those that don't have outcomes entries: this is equivalent to
iterating on tests with an outcome entry, which is more readable.

Also, give an error if the outcome file contains no passing test from
the reference component: probably means we're using the wrong outcome
file.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:17:35 +02:00
Manuel Pégourié-Gonnard
881ce01db3 analyze_outcomes: add regex match for ignored tests
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:17:35 +02:00
Manuel Pégourié-Gonnard
4da369f741 analyze_outcomes: minor code cleanup
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:17:35 +02:00
Valerio Setti
287f6d1f5c all.sh: unset MBEDTLS symbols for modes/keys only when !PSA_CRYPTO_CONFIG
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
862021a118 all.sh: improve comments in common_test_full_no_cipher_with_psa_crypto
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
5b4039f36d all.sh: rename common config/test function
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
4529d65e30 all.sh: improve test_full_no_cipher()
- remove unnecessary disabled items (most of them were already
  disabled automatically once MBEDTLS_SSL_TLS_C was disabled)
- improve dependencies' comments, especially the last one which
  list items depending on PSA_CRYPTO_C

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
fb0b0ffaa4 all.sh: keep symbols that don't depend on CIPHER_C (directly or indirectly)
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
c84d940704 all.sh: fix comments in common_test_full_no_cipher_with_crypto()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
df17a102e5 all.sh: replace minus sign in text messages with "no"
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
7e710e8272 all.sh: add components as full_no_cipher with CRYPTO_C and CRYPTO_CONFIG
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00
Jerry Yu
2db16b7b16 disable tests when ecp is not available
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-27 10:59:20 +08:00
Jerry Yu
0edafa9449 Add test case for writing early data in EE
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-27 10:58:06 +08:00
Gilles Peskine
b3d0ed2e6e
Merge pull request #8303 from valeriosetti/issue6316
Add test component with all ciphers and AEADs accelerated only
2023-10-26 15:53:10 +00:00
Gilles Peskine
4f144093ba
Merge pull request #8294 from gilles-peskine-arm/test-datax-chdir
Support running unit tests from another directory
2023-10-26 15:53:10 +00:00
Gilles Peskine
67fb0e2662 Merge remote-tracking branch 'dev' into fix-MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA
Conflicts:
* tests/suites/test_suite_pkparse.data: the dependencies of
  "Parse EC Key #3 (SEC1 PEM encrypted)" were updated on both branches
  (development: ECP curve; this branch: MD5 hash).
2023-10-26 17:44:17 +02:00
Gilles Peskine
d609607f21 Fix test suite never executed due to an undefined symbol
MBEDTLS_SSL_SOME_SUITES_USE_MAC and MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC are
dependencies of defined in an SSL header, so this header needs to be
included here.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-26 16:50:18 +02:00
Ronald Cron
95b735530c
Merge pull request #6719 from yuhaoth/pr/tls13-early-data-add-early-data-of-client-hello
TLS 1.3: EarlyData SRV: Add early data extension parser.
2023-10-26 08:31:53 +00:00
Valerio Setti
507e08f9af analyze_outcomes: update cipher/aead data
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-26 10:05:01 +02:00
Gilles Peskine
cc2bbfe905 Fix invocation with explicit .datax file
Don't chdir when invoking a test suite executable with an explicit .datax
file. The point of the chdir is to automatically find the .datax file (and
the relative location of the data_files directory) in typical cases. This
conflicts with the expectation that passing a relative path to a .datax file
will work.

(This is what I had originally intended, and what is documented in the
comment, but I forgot to add the argc check in the initial commit.)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-25 17:45:50 +02:00
Gilles Peskine
bf3c3fa122 Define try_chdir everywhere
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-25 17:43:10 +02:00
Valerio Setti
ad8b7f0306 all.sh: accelerate ALG_[STREAM_CIPHER/ECB_NO_PADDING] in accel_cipher_aead()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-25 12:39:50 +02:00
Valerio Setti
97454fde54 all.sh: accelerate CMAC in test_psa_crypto_config_accel_cipher_aead()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-25 12:27:12 +02:00
Valerio Setti
3b1559060a test_suite_psa_crypto: replace builtin dependencies with PSA_WANT
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-25 12:03:36 +02:00