Commit graph

10719 commits

Author SHA1 Message Date
Jonathan Winzig
315c3ca9e5
Add required dependency to the testcase
Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com>
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-09 18:31:11 +01:00
Jonathan Winzig
6c9779fabb Remove unneeded testcase
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-09 17:47:10 +01:00
Jonathan Winzig
a72454bc16
Update test-data to use SIZE_MAX
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-09 17:39:42 +01:00
Jonathan Winzig
c5e77bf4e4
Add missing newline at the end of test_suite_x509write.data
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-09 16:47:12 +01:00
Tom Cosgrove
3a6059beca
Merge pull request #7455 from KloolK/record-size-limit/comply-with-limit
Comply with the received Record Size Limit extension
2024-01-09 15:22:17 +00:00
Jonathan Winzig
2bd2b788cf Add tests for Issue #8687
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-09 15:19:42 +01:00
Valerio Setti
db6e02902d test_suite_psa_crypto: test also MBEDTLS_ECP_DP_MAX in ecc_conversion_functions_fail()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Valerio Setti
ac73952474 test_suite_psa_crypto: improve failing tests for EC conversion functions
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Valerio Setti
4ba0c61eda test_suite_psa_crypto: add test case for ECP conversion with null values
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Valerio Setti
ad819679a5 test_suite_psa_crypto: explicitly check return values of conversion functions
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Valerio Setti
bf999cb22e test_suite_psa_crypto: add test functions and cases for ECC conversion functions
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Valerio Setti
673868be5d psa_crypto_ecp: add helper for checking EC parameters
This commit also updates "test_suite_psa_crypto.data" replacing
PSA_ERROR_NOT_SUPPORTED with PSA_ERROR_INVALID_ARGUMENT when
a wrong bit size is provided while importing key.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Valerio Setti
9b2d738ccd Revert "test_suite_md: improve md_to_from_psa() test function and related data"
This reverts commit 2c1070b397.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 08:41:21 +01:00
Manuel Pégourié-Gonnard
88bae8bc52 Rename tests components for clarity
All no_cipher components have crypto (as in libmbedcrypto.a), but the
difference is one doesn't have PSA crypto while the other two do.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-01-08 11:35:01 +01:00
Manuel Pégourié-Gonnard
7f48d5e203 Rename test components to better reflect content
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-01-08 11:35:01 +01:00
Manuel Pégourié-Gonnard
4aad0ff510
Merge pull request #8632 from valeriosetti/issue8598
[G5] Make block_cipher work with PSA
2024-01-08 08:07:53 +00:00
Paul Elliott
3dce2327ab Use new thread abstraction for ctr_drbg tests
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-01-05 21:04:52 +00:00
Paul Elliott
3a4d2f14a8 Add test thread create/join abstraction
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-01-05 21:04:52 +00:00
Paul Elliott
17c119a5e3 Migrate to threading_helpers.h
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-01-05 21:04:52 +00:00
Paul Elliott
5c498f355d Use mbedtls_test_info accessors internally as well
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-01-05 19:13:43 +00:00
Paul Elliott
4580d4d829 Add accessor helpers for mbedtls_test_info
Step one of being able to control access to mbedtls_test_info with
a mutex.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-01-05 19:13:43 +00:00
Waleed Elmelegy
60f0f727c3 Add config dependencies to record size tests
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-01-04 14:57:31 +00:00
Dave Rodgman
a021d63bf7
Merge pull request #8642 from daverodgman/default-compiler-all
CI perf: Use clang by default in all.sh
2024-01-04 12:58:54 +00:00
Manuel Pégourié-Gonnard
5bad043c06
Merge pull request #8641 from valeriosetti/issue8358
G3-G4 wrap-up
2024-01-04 10:48:00 +00:00
Manuel Pégourié-Gonnard
66b1ded73a
Merge pull request #8623 from daverodgman/verbatim-tfm
Use TF-M config verbatim
2024-01-04 08:08:06 +00:00
Gilles Peskine
a10d112e45 Remove useless guards on MBEDTLS_BIGNUM_C
All of ECP requires the bignum module and there is no plan to change that,
so guarding a few bits of code is just noise.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-03 14:08:10 +01:00
Dave Rodgman
1c91057fab Update check_files.py to accomodate non-standard license headers in TF-M config files
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-03 11:10:18 +00:00
Gilles Peskine
0ae58dd985 Unify MBEDTLS_TEST_OBJS
`$(MBEDTLS_TEST_OBJS)` included TLS-specific test support modules in
`tests/Makefile` but not in `programs/Makefile`. This difference is not
actually necessary. What is necessary is that all programs that use
functions from TLS-specific test support modules are linked with those
modules in addition to `-lmbedtls`, and programs that are not linked with
`-lmbedtls` are not linked with TLS-specific test support modules. Since we
always pass `-lmbedtls` when linking programs in `programs/Makefile`, we can
link with the TLS-specific test support modules as well. This keeps things
simpler.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 23:11:24 +01:00
Gilles Peskine
570e54822c Finish unifying LOCAL_CFLAGS
fixup "Create common.make with LOCAL_CFLAGS and friends"

The code wasn't what I had intended, although it was functionally
equivalent. Make it more readable and more robust.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 18:11:10 +01:00
Gilles Peskine
5d867872dd Improve readability of null-argument tests
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 17:57:51 +01:00
Valerio Setti
2c1070b397 test_suite_md: improve md_to_from_psa() test function and related data
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-02 14:58:22 +01:00
Valerio Setti
384fbde49a library/tests: replace md_psa.h with psa_util.h as include file for MD conversion
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-02 13:27:32 +01:00
Dave Rodgman
84125a167e Merge remote-tracking branch 'origin/development' into default-compiler-all
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-02 11:42:38 +00:00
Valerio Setti
8c8b4da3a3 all.sh: keep PSA_WANT_ALG_[CCM/GCM] enabled in common_block_cipher_dispatch()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-02 11:44:30 +01:00
Gilles Peskine
ea982e39a1
Merge pull request #8637 from bensze01/fix_supported_components
all.sh: Parse arguments before checking if a test is supported
2024-01-02 09:41:02 +00:00
Waleed Elmelegy
3d46b7f81a Fix Max fragmen length test to use TLS 1.2 maximum output size
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-01-01 20:50:53 +00:00
Waleed Elmelegy
bae705c12b Fix TLS 1.2 test to use TLS 1.2 maximum output size
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-01-01 14:21:21 +00:00
Valerio Setti
84d19e0836 all.sh: keep DES_C and CTR_DRBG_C enabled in test_full_no_cipher_with_crypto()
These were probably leftovers from the development phase of the
associated PR that were not removed in the end.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 16:42:21 +01:00
Waleed Elmelegy
ea03183bd7 Adjust TLS 1.3 tests to new maximum output changes
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-12-29 15:36:51 +00:00
Valerio Setti
e581e140cc oid/pkparse: add missing guards for PKCS[5/12] functions when !CIPHER_C
This commit also updates test_suite_pkparse.data file adding
MBEDTLS_CIPHER_C dependencies whenever PKCS[5/12] is used.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 16:35:58 +01:00
Valerio Setti
562dfe1067 all.sh: keep PKCS[5/12] enabled in full_no_cipher test components
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 16:34:19 +01:00
Valerio Setti
a0c9c6684d analyze_outcomes: ignore only test concerning AES/ARIA/Camellia in CMAC
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 14:14:11 +01:00
Valerio Setti
160b2bde09 test_suite_cmac: add used key type to all test cases
This is useful for grepping and skipping disparities in
analyze_outcomes.py.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 14:07:11 +01:00
Waleed Elmelegy
87a373eea6 Improve Record size limit testing
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-12-28 17:49:36 +00:00
Valerio Setti
0635cca7d1 analyze_outcomes: update skipped tests following latest changes to all.sh
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-28 18:33:17 +01:00
Valerio Setti
cd21d4eb8f all.sh: keep legacy cipher modes enabled in test_full_block_cipher_legacy_dispatch()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-28 18:33:17 +01:00
Valerio Setti
9a4cc122a7 test_suite_block_cipher.psa: remove misleading initial comment
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-28 18:33:17 +01:00
Valerio Setti
ab0494f193 analyze_outcomes: update comments of skipped tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-28 13:56:52 +01:00
Valerio Setti
b9f4bfc33b all.sh: fix messages in test_psa_crypto_config_accel_des
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-28 11:07:48 +01:00
Gilles Peskine
3b17ae78d2 Add ECP-heavy-only test cases to the driver parity analysis ignore list
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-24 19:51:57 +01:00
Gilles Peskine
62e33bcc64 New function mbedtls_ecp_write_public_key
Directly export the public part of a key pair without having to go through
intermediate objects (using mbedtls_ecp_point_write_binary would require a
group object and a point object).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-24 15:23:19 +01:00
Gilles Peskine
6dd87384ae Rename variable that's a C++ keyword
It gave uncrustify trouble
(https://github.com/uncrustify/uncrustify/issues/4044)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-24 15:23:19 +01:00
Gilles Peskine
7ea72026cd New function mbedtls_ecp_keypair_calc_public
For when you calculate or import a private key, and then need to calculate
the public key.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 21:30:03 +01:00
Gilles Peskine
28240323d3 New function mbedtls_ecp_set_public_key
Set the public key in a key pair. This complements mbedtls_ecp_read_key and
the functions can be used in either order.

Document the need to call check functions separately.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 21:30:03 +01:00
Gilles Peskine
091a85a762 Promise mbedtls_ecp_read_key doesn't overwrite the public key
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 21:30:03 +01:00
Gilles Peskine
ba5b5d67aa Support partial export from mbedtls_ecp_keypair
Sometimes you don't need to have all the parts of a key pair object. Relax
the behavior of mbedtls_ecp_keypair so that you can extract just the parts
that you need.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 21:30:03 +01:00
Gilles Peskine
e6886102ef New function mbedtls_ecp_keypair_get_group_id
Add a simple function to get the group id from a key object.

This information is available via mbedtls_ecp_export, but that function
consumes a lot of memory, which is a waste if all you need is to identify
the curve.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 21:30:03 +01:00
Gilles Peskine
7602298a16 Allow *.make to contain tabs
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 15:28:07 +01:00
Gilles Peskine
259df98972 Revert "Add option to pass make variables to depends.py"
This reverts commit be978a8c4f.

The feature is no longer needed, and the script is broken if you don't pass
--make-vars.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 13:17:33 +01:00
Gilles Peskine
811daaa48c Revert "Add ability to pass make variables to psa_collect_statuses.py"
This reverts commit 6587959a32.

The feature is no longer needed, and the script is broken if you don't pass
--make-vars.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 13:16:59 +01:00
Gilles Peskine
21570cf232 Auto-detect the need to link with pthread on Unix-like platforms
When building with Make on a Unix-like platform (shell and compiler),
auto-detect configurations that may require linking with pthread.

This removes the need for MAKE_THREADING_FLAGS in all.sh.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 11:53:42 +01:00
Gilles Peskine
4392fc101f Unify some common rules of programs/Makefile and tests/Makefile
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 11:49:35 +01:00
Gilles Peskine
076fd25480 Unify common variables of programs/Makefile and tests/Makefile
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 11:48:56 +01:00
Gilles Peskine
f3d1ae1f05 Create common.make with LOCAL_CFLAGS and friends
Create a common.make for definitions that are shared between tests/Makefile
and programs/Makefile, to facilitate maintenance. Start populating it with
CFLAGS/LDFLAGS variables. More to follow in subsequent commits.

Keep library/Makefile independent, at least for the time being.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 11:48:56 +01:00
Gilles Peskine
f5c5ce7789 Partly unify LOCAL_CFLAGS
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 11:48:56 +01:00
Gilles Peskine
4ad5733836 Unify treatment of MBEDTLS_TEST_OBJS
Unify the treatment of MBEDTLS_TEST_OBJS between programs/Makefile and
tests/Makefile: include it via LOCAL_LD_FLAGS in both cases. Document why
the definition of MBEDTLS_TEST_OBJS is different.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 11:48:56 +01:00
Gilles Peskine
afccc1a6d5 Indent nested conditionals
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 11:48:52 +01:00
Dave Rodgman
5c7e94487e fix line length
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-21 15:42:22 +00:00
Valerio Setti
a72a797ffd all.sh: keep PKCS[5/12] enabled in accel_cipher_aead tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-21 16:40:40 +01:00
Valerio Setti
a69e872001 pkcs[5/12]: add CIPHER_C for [en/de]crypting functions
This commit also updates corresponding test suites.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-21 16:39:04 +01:00
Dave Rodgman
3bc249959c
Merge branch 'development' into default-compiler-all
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-21 14:35:14 +00:00
Gilles Peskine
907cb020ef
Merge pull request #8618 from Ryan-Everett-arm/new-state-transition-documentation
Update thread safety state transition documentation
2023-12-21 12:09:58 +00:00
Gilles Peskine
0e6fdc4f1d
Merge pull request #8342 from yanesca/threading_test_pc
Threading test proof of concept and plan
2023-12-21 12:08:41 +00:00
Waleed Elmelegy
049cd302ed Refactor record size limit extension handling
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-12-20 17:28:31 +00:00
Tomi Fontanilles
9c69348c24 pk test suite: rename the parameter named parameter
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
2023-12-20 12:59:57 +02:00
Tomi Fontanilles
8174662b64 pk: implement non-PSA mbedtls_pk_sign_ext()
This makes the function always available with its
its implementation depending on MBEDTLS_USE_PSA_CRYPTO.

Related dependencies and tests are updated as well.

Fixes #7583.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
2023-12-20 12:59:57 +02:00
Valerio Setti
5f665c3a0d analyze_outcomes: add exceptions to disparities for block_cipher dispatch
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-20 09:56:05 +01:00
Valerio Setti
9afa329b80 analyze_outcomes: allow ignored test suites to have a dot in the name
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-20 09:55:28 +01:00
Valerio Setti
45c84feacc test_suite_ccm: add missing BLOCK_CIPHER_PSA_[INIT/DONE]()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-20 09:54:39 +01:00
Valerio Setti
689c0f71cb tests: use new CCM/GCM capability macros in tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-20 09:54:18 +01:00
Valerio Setti
4a8ef7cd9b all.sh: disable legacy AES/ARIA/CAMELLIA in test_full_block_cipher_psa_dispatch
This commit also:
- rename the reference component as component_test_full_block_cipher_legacy_dispatch()
- add a common configuration function, named common_block_cipher_dispatch() that
  is used from both accelerated and reference components

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-20 07:35:41 +01:00
Dave Rodgman
c393222643 Work around clang 3.8 bug
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-19 18:52:35 +00:00
Dave Rodgman
fc5b9553b2 Don't use full path for setting CC
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-19 16:08:19 +00:00
Dave Rodgman
bc8e61d962 Use gcc in test_full_deprecated_warning
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-19 14:07:15 +00:00
Dave Rodgman
d8d6451a6e Add -O2 to some CFLAGS which were not setting it
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-19 12:20:21 +00:00
Dave Rodgman
ea03ef9a77 Don't specify gcc unless the test requires it
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-19 12:19:59 +00:00
Dave Rodgman
dfe5ce81ee Use clang -O2 in common_block_cipher_no_decrypt
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-19 11:47:18 +00:00
Dave Rodgman
590519f535 Enable -O2 in depends.py
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-19 11:33:55 +00:00
Valerio Setti
9da01a7f53 all.sh: rename test_psa_crypto_config_accel_cipher to accel_des
Renaming this test component in order to better explain what it
really does.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-19 08:05:40 +01:00
Dave Rodgman
d0a594d444 Use gcc in test_psa_compliance
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-18 22:29:56 +00:00
Dave Rodgman
932ce859d5 Ensure test_psa_compliance uses gcc
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-18 20:35:54 +00:00
Dave Rodgman
0c5bfe816f Ensure clang is present
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-18 19:53:25 +00:00
Dave Rodgman
66cbc83844 Use clang by default
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-18 18:34:50 +00:00
Paul Elliott
22dbaf05b6 Add AES_PSA_INIT() to thread test case
Tests were failing when PSA was being used in ctr_drbg_seed() as PSA was
not initialised.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 18:18:04 +00:00
Paul Elliott
445af3c25a Move test dependancies to function file
Dependancies are determined by code in this case.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
79dc6dad81 Improve make pthread linking mechanism
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
40f0ec246e Remove requirement for SHA512 from ctr_drbg test
Set the entropy len prior to doing the test to ensure the outcome is the
same regardless of whether SHA512 or SHA256 is used.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
20a95bc09a Remove explicit linking of PThread in make
This would break platforms that do not have pthread. Put the linking
instead behind a define and add this define where required to all.sh.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
6587959a32 Add ability to pass make variables to psa_collect_statuses.py
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
be978a8c4f Add option to pass make variables to depends.py
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
356597f077 Make TSan test run operate on full config
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
bb0e48f94f Make number of threads a test argument
Remove hard coded number of threads.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
fed410f58e Increase entropy buffer sizes
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
811c600d88 Guard tests correctly
All guarded options change output, thus failing the test.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
6a997c9994 Fix code style
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
2667eda785 Explicitly link tests with pthreads
Required to use pthreads within tests.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
bda25dd29c Add re-seeding option to test
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
20b2efa293 Fix missing include
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:33 +00:00
Janos Follath
178bf3ee8a Fix failing multi-threaded unit test
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-12-18 14:49:33 +00:00
Janos Follath
a16ee6b7d4 Add multi-threaded unit test
The unit test we add is designed to fail. The goal is to test the tests
and show that they catch the problem. A later commit will fix the unit
test and will make it pass.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-12-18 14:49:33 +00:00
Janos Follath
9338cac050 Add tsan to all.sh
component_test_tsan now builds and tests the library with
clang ThreadSanitizer enabled.

There are no multi-threaded unit tests so far, the goal is that they are
automatically tested with TSan when they are added.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-12-18 14:49:33 +00:00
Bence Szépkúti
bbb5af9eae Set OpenSSL/GnuTLS variables in release components
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-12-15 21:06:01 +01:00
Bence Szépkúti
71c71eb91c all.sh: Parse arguments before checking if a test is supported
Support for each test was checked before the command line had been
parsed, causing the support_ functions to ignore arguments that set a
tool's location.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-12-15 20:27:50 +01:00
Bence Szépkúti
89dd5c0654 Document release components in all.sh
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-12-15 17:05:47 +01:00
Dave Rodgman
543d275c68
Merge pull request #8635 from daverodgman/asan-opt
CI perf - prefer clang for Asan
2023-12-15 13:25:02 +00:00
Ryan Everett
abd8977cc1 Make check_files ignore png files in docs
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-15 12:33:38 +00:00
Dave Rodgman
d5635e95e2 Undo accidental change
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-15 11:04:34 +00:00
Dave Rodgman
a2cf240fff Add explanatory comment
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-15 11:04:13 +00:00
Dave Rodgman
c1f0f5b8af Fix a typo
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-14 23:34:48 +00:00
Dave Rodgman
b90f87b9a8 Use gcc for -m32 Asan builds
There seem to be known issues with clang for this target.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-14 23:27:39 +00:00
Dave Rodgman
815b240d72 Fix unused function/variable warnings from clang
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-14 23:20:48 +00:00
Dave Rodgman
17127e9f39 Use clang as default compiler for Asan
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-14 19:34:52 +00:00
Valerio Setti
52ab8fa565 analyze_outcomes/all.sh: add reference component and entry for coverage comparison
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:09:26 +01:00
Valerio Setti
efdb8261b9 all.sh: keep CIPHER_C enabled in test_full_block_cipher_psa_dispatch()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
ac7df142e8 test_suite_block_cipher: fix unused variable when !MBEDTLS_BLOCK_CIPHER_SOME_PSA
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
c4831224d5 all.sh: keep PSA_WANT_ALG_[GCM/CCM] enabled in test_full_block_cipher_psa_dispatch()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
1cf81c3c80 test_suite_block_cipher: add new data file for PSA/legacy dispatch test
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
10e9aa26c5 tests: add PSA_INIT/PSA_DONE to CCM and GCM test suites
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
f8e6cbacc0 all.sh: add new component for block_cipher dispatch to PSA
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Dave Rodgman
852de3c3f5 Build with -O2, but without assembly
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-14 16:44:11 +00:00
Waleed Elmelegy
26e3698357 Revert back checking on handshake messages length
Revert back checking on handshake messages length due to
limitation on our fragmentation support of handshake
messages.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-12-14 16:23:25 +00:00
Dave Rodgman
a19c75381c Remove redundant use of -O2 with ASAN_FLAGS
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-14 14:52:58 +00:00
Manuel Pégourié-Gonnard
1f67363d6a
Merge pull request #8616 from lpy4105/issue/8553/test-driver-only-rsa
Add test for driver-only RSA (crypto only)
2023-12-14 11:05:55 +00:00
Dave Rodgman
bdba26c8d7
Merge pull request #8626 from davidhorstmann-arm/fix-uninit-mpi-test
Fix possible free of uninitialized MPI
2023-12-13 11:19:00 +00:00
Manuel Pégourié-Gonnard
7404af6ec3
Merge pull request #8599 from valeriosetti/issue8357
G2 wrap-up
2023-12-13 08:17:27 +00:00
Gilles Peskine
b4362d2cc7
Merge pull request #8523 from tom-daubney-arm/modify_check_generated_files_script
Modify check generated files script to work with TF PSA Crypto too
2023-12-11 21:15:00 +00:00
Gilles Peskine
a211bb7f01
Merge pull request #8596 from xkqian/tls13_early_data_input_file
Change early data flag to input file
2023-12-11 21:14:57 +00:00
David Horstmann
e04a97a1eb Move MPI initialization to start of function
This prevents a call to mbedtls_mpi_free() on uninitialized data when
USE_PSA_INIT() fails.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-12-08 18:34:15 +00:00
Xiaokang Qian
aedfc0932b Revert to ae952174a7 and addressing some comments
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-08 10:43:24 +00:00
Pengyu Lv
d90fbf7769 Adjuest checks in generate_key_rsa suite
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 17:30:33 +08:00
Yanray Wang
177e49ad7a tls13: srv: improve DEBUG_MSG in case of TLS 1.2 disabled
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-12-08 11:00:33 +08:00
Ronald Cron
90d07118ad
Merge pull request #6721 from yuhaoth/pr/tls13-early-data-extension-of-nst
TLS 1.3: EarlyData SRV: Write `early_data` extension of NewSessionTicket
2023-12-07 09:25:35 +00:00
Pengyu Lv
abeca020d8 Remove test_psa_crypto_config_accel_rsa_signature
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 17:25:15 +08:00
Pengyu Lv
98a90c6542 Fix various issue
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 17:23:25 +08:00
Xiaokang Qian
dce183f2e2 Remove the duplicate cases and add early_data_file option
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 09:22:38 +00:00
Xiaokang Qian
864c62a906 Add one test case with early_data_file
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 06:11:38 +00:00
Xiaokang Qian
dd8a7f8acf Revert the early data test case
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 03:58:05 +00:00
Pengyu Lv
3cd16c47bd Add analyze_driver_vs_reference_rsa for analyze_outcomes
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 10:24:29 +08:00
Pengyu Lv
9e976f3649 Conditionally check the attribute of generated RSA key
`psa_get_key_attributes` depends on some built-in
implementation of RSA. Guard the check with coresponding
macros.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 10:22:35 +08:00
Pengyu Lv
f1cacad870 Correctly use asymmetric encrypt/decrypt driver
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 10:22:35 +08:00
Pengyu Lv
e705f572f9 Add components to test crypto_full w/wo accelerated RSA
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 10:22:03 +08:00
Dave Rodgman
779819a4dd
Merge pull request #8613 from bensze01/valgrind-only-in-nightlies
Do not run Valgrind tests in PR jobs
2023-12-06 19:18:24 +00:00
Gilles Peskine
57e401b39f
Merge pull request #8521 from valeriosetti/issue8441
[G4] Make CTR-DRBG fall back on PSA when AES not built in
2023-12-06 18:25:44 +00:00
Waleed Elmelegy
9aec1c71f2 Add record size checking during handshake
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-12-06 15:18:15 +00:00
Jan Bruckner
f482dcc6c7 Comply with the received Record Size Limit extension
Fixes #7010

Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2023-12-06 15:18:08 +00:00
Bence Szépkúti
0354d04d3c Do not run Valgrind tests in PR jobs
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-12-06 16:14:37 +01:00
Jerry Yu
750e06743f remove misbehavior tests and code
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:22:15 +08:00
Jerry Yu
ea96ac3da9 fix various issues
- get ticket_flags with function.
- improve output message and check it.
- improve `ssl_server2` help message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:17:37 +08:00
Jerry Yu
391c943340 Add tests for ticket early data permission bit
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:16:48 +08:00
Ronald Cron
40f3f1c36f
Merge pull request #7058 from yuhaoth/pr/tls13-early-data-parsing-0-rtt-data
TLS 1.3 EarlyData SRV: Parsing 0-RTT data
2023-12-06 06:47:32 +00:00
Xiaokang Qian
70fbdcf904 Change early data flag to input file
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-05 05:50:08 +00:00
Valerio Setti
5e18b90c95 config-tfm: disable CIPHER_C
We also add a check in "all.sh" components:
- component_test_tfm_config_p256m_driver_accel_ec
- component_test_tfm_config
to ensure that CIPHER_C was not re-enabled accidentally.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 15:24:25 +01:00
Valerio Setti
58d0206f39 test_suite_block_cipher: fix depends_on for Camellia tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 15:24:25 +01:00
Valerio Setti
302a487499 test_driver_key_management: rename counter for export_public_key() hits
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
829ce0facf test_driver_cipher: add forced return status for encrypt and set_iv
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
7ef35a9b3c test_suite_psa_crypto_driver_wrappers: add counter for failing psa_cipher_update()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
83e0de8481 crypto_extra: revert changes to mbedtls_psa_random_free()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
0ca1868fcd test_suite_psa_crypto_driver_wrappers: fix missing hit counter reset before test
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
7448367f68 test_suite_psa_crypto_slot_management: modify check on open key slots
This commit
- Reverts changes previously done to psa_crypto_helpers.[c,h]
- Implements a new check for open key slots in
  mbedtls_test_helper_is_psa_leaking():
   - when CTR_DRBG does not use AES_C or PSA does not have an external
     RNG, then we allow 1 key slot (it's the one holding the AES key)
   - when the above conditions are not met, then we fallback to the
     usual check for "no open key slots remaining"

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
45337a8895 test_suite_psa_crypto_driver_wrappers: add counter for cipher_update()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
6ef82ae39d test_suite_psa_crypto_driver_wrappers: improving driver access counters
When AES_C is not defined CTR_DRBG relies on PSA to get AES-ECB. This
means that, when AES-ECB is accelerated, each random operation goes through
driver access as well. This might result in unexpectedly increased
counters for driver's access.
We add extra counters in test_driver_[cipher/key_management].c to be
more specific on which driver functions are accessed and ignore
extra accesses due to CTR_DRBG.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
0a903db804 test_suite_psa_crypto_slot_management: some fix for available key slots
When AES_C is not defined, CTR_DRBG relies on PSA to get AES-ECB. This means
that PSA holds an open AES key since psa_crypto_init() is called, which
- reduces the maximum number of available key slots
- shifts the 1st available index

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:41 +01:00
Valerio Setti
dc32ac20fd test_suite_[ctr_drbg/random]: initialize/close PSA in tests
This commit also adds AES_PSA_[INIT/DONE] in "psa_crypto_helpers.h". Its
scope is to call PSA_[INIT/DONE] only when AES_C is not defined (which is
when PSA is effectively required for CTR_DRBG).

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:41 +01:00
Valerio Setti
402cfba4dc psa: free RNG implementation before checking for remaining open key slots
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:41 +01:00
Valerio Setti
40a93dff32 all.sh: keep CTR_DRBG enabled in test_psa_crypto_config_accel_cipher_aead()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:41 +01:00
Yanray Wang
3d82ffce5b ssl-opt: test handshake for TLS 1.2 only cli with TLS 1.3 only srv
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-12-04 17:50:43 +08:00
Thomas Daubney
10769bca9e Fix bad whitespace in keyword argument assignment
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-12-01 23:47:59 +00:00
Thomas Daubney
3a0690647e Use guess_mbedtls_root in Mbed-TLS-only script
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-12-01 18:27:25 +00:00
Thomas Daubney
04c446cc21 Modify crypto_core_directory to also return a relative path
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-12-01 17:18:38 +00:00
Ronald Cron
857d29f29a
Merge pull request #8528 from yanrayw/issue/6933/parse-max_early_data_size
TLS1.3 EarlyData: client: parse max_early_data_size
2023-12-01 08:27:26 +00:00
Thomas Daubney
08c6dc4942 Rename project_crypto_name
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-30 13:56:09 +00:00
Dave Rodgman
f5e46fd45c
Merge pull request #8535 from daverodgman/update-tfm
Adjust to match current TF-M config
2023-11-29 16:14:06 +00:00
Gilles Peskine
18eab984c7
Merge pull request #8560 from lpy4105/issue/8423/optimize-analyze_outcomes_py
Optimize analyze_outcomes.py
2023-11-29 14:51:41 +00:00
Janos Follath
c6f1637f8c
Merge pull request #8534 from paul-elliott-arm/fix_mutex_abstraction
Make mutex abstraction and tests thread safe
2023-11-29 13:26:23 +00:00
Gilles Peskine
172c0b930f
Merge pull request #8561 from ronald-cron-arm/fix-ciphersuites-list-in-ssl-opt
ssl-opt.sh: Fix getting the list of supported ciphersuites.
2023-11-29 11:31:33 +00:00
Pengyu Lv
5dcfd0c613 Some improvements
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-29 18:03:28 +08:00
Dave Rodgman
51e72456f9 Automatically set MBEDTLS_NO_PLATFORM_ENTROPY in TF-M config
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-29 09:44:44 +00:00
Manuel Pégourié-Gonnard
6b5cedf51f
Merge pull request #8547 from valeriosetti/issue8483
[G2] Make PSA-AEAD work with cipher-light
2023-11-29 08:53:42 +00:00
Pengyu Lv
550cd6f9b2 Use boolean hit instead of int hits
Also fix a typo in the comments.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-29 09:17:59 +08:00
Ronald Cron
60f76663c0 Align forced ciphersuite with test description
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-11-28 17:52:42 +01:00
Dave Rodgman
c3cd410acf
Merge pull request #8286 from gilles-peskine-arm/check_mbedtls_calloc_overallocation-disable_with_asan
Fix test_suite_platform failure with Asan on modern Clang
2023-11-28 16:48:31 +00:00
Ronald Cron
29ad2d7609 ssl-opt.sh: Remove unnecessary symmetric crypto dependencies
Same test cases as in the previous commit.
Remove the redundant symmetric crypto dependency.
The dependency is ensured by the fact that:
1) the test case forces a cipher suite
2) ssl-opt.sh enforces automatically that the
   forced ciphersuite is available.
3) The fact that the forced ciphersuite is
   available implies that the symmetric
   cipher algorithm it uses is available as
   well.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-11-28 17:44:39 +01:00
Dave Rodgman
82d7a875ff Update tests to refer to our tf-m config wrapper
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-28 16:10:37 +00:00
Ronald Cron
41bc42ac1b ssl-opt.sh: Fix some symmetric crypto dependencies
Fix some dependencies on symmetric crypto that
were not correct in case of driver but not
builtin support. Revealed by "Analyze driver
test_psa_crypto_config_accel_cipher_aead vs reference
test_psa_crypto_config_reference_cipher_aead" in
analyze_outcomes.py.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-11-28 15:59:40 +01:00
Ronald Cron
5b73de8ddb ssl-opt.sh: Add a check of the list of supported ciphersuites
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-11-28 15:59:03 +01:00
Tom Cosgrove
9e1d2e5727
Merge pull request #8029 from gilles-peskine-arm/fix-MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA
Update old dependency to MBEDTLS_MD_CAN
2023-11-28 13:12:10 +00:00
Valerio Setti
6632a12fa3 all.sh: re-enable CCM/GCM in test_full_no_cipher_with_crypto[_config]()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 11:45:38 +01:00
Dave Rodgman
be5489ae98 Simplify test for building P256-M
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-28 10:15:37 +00:00
Dave Rodgman
897bb77c0c Update tf-m tests in all.sh for P256-M
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-28 10:15:11 +00:00
Pengyu Lv
451ec8a4bc Add comment to read_outcome_file in analyze_outcomes.py
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 17:59:05 +08:00
Pengyu Lv
c2e8f3a080 Add type annotations to analyze_outcomes.py
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 17:22:04 +08:00
Manuel Pégourié-Gonnard
294f5d7ea9
Merge pull request #8540 from valeriosetti/issue8060
[G2] Make CCM and GCM work with the new block_cipher module
2023-11-28 08:18:45 +00:00
Pengyu Lv
20e3ca391e Run tests for ref_vs_driver outside task function
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 15:30:03 +08:00
Pengyu Lv
18908ec276 Define named tuple for component outcomes
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 13:04:11 +08:00
Pengyu Lv
28ae4648a6 Use mutable set all the time
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 11:35:19 +08:00
Pengyu Lv
59b9efc6dd Check if driver_component is missing
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 11:15:00 +08:00
Pengyu Lv
f28cf594b1 Break the loop when case hits
We don't care about the number of hits of the test cases,
so break the iteration when the case hits.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 10:56:29 +08:00
Pengyu Lv
dd1d6a7cca Improve readability of the script
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 10:52:25 +08:00
Pengyu Lv
a1ddcfaef8 Extend the pattern of pkparse test on encrypted keys
These test cases are ignored when analyzing outcomes on
analyze_driver_vs_reference_cipher_aead task.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 09:46:01 +08:00
Pengyu Lv
6c927c0795 Merge branch 'development' into review/gilles/update-old-dep-MD_CAN 2023-11-28 09:31:44 +08:00
Gilles Peskine
150002c9f9 Skip calloc overallocation test case
This test case is incompatible with sanitizers (e.g. ASan), and thus
skipped. If the driver component uses a sanitizer but the reference
component doesn't, we have a PASS vs SKIP mismatch. Since this test case is
unrelated to drivers, we don't mind ignoring it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-27 18:24:45 +01:00
Dave Rodgman
9fbac381e6
Merge pull request #8326 from daverodgman/aesce-thumb2
Support hw-accelerated AES on Thumb and Arm
2023-11-27 09:58:58 +00:00
Paul Elliott
392ed3fe7f Add better documentation for mbedtls_test_mutex_mutex
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-11-24 15:48:28 +00:00
Thomas Daubney
e8f3789312 Revert change that removed in_tf_psa_crypto_repo variable
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-24 11:41:23 +00:00
Thomas Daubney
6130a619f8 Remove unused variable
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-24 10:58:07 +00:00
Thomas Daubney
fc60e9b7bf Make function calls consistent
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-24 10:56:04 +00:00
Paul Elliott
f25d831123 Ensure mutex test mutex gets free'd
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-11-23 18:49:43 +00:00
Dave Rodgman
8cd4bc4ac2
Merge pull request #8124 from yanrayw/support_cipher_encrypt_only
Support the negative option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
2023-11-23 17:43:00 +00:00
Dave Rodgman
c44042ddbc
Merge pull request #7905 from lpy4105/issue/misc-improvement
misc improvements
2023-11-23 16:20:58 +00:00
Ronald Cron
34915fac3a ssl-opt.sh: Fix getting the list of supported ciphersuites.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-11-23 17:20:19 +01:00
Yanray Wang
18040ede3f all.sh: export LC_COLLATE=C for sorting in ASCII order
By default, 'sort' sorts characters with system default locale,
which causes unexpected sorting order. To sort characters in ASCII
from computer perspective, export LC_COLLATE=C to specify character
collation for regular expressions and sorting with C locale.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-23 21:30:00 +08:00
Thomas Daubney
8932404c45 Introduce project_crypto_name in build_tree.py
Add new function to build_tree.py to return the crypto
name for the project; either tfpsacrypto or mbedcrypto.
Deploy this function where needed.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-23 10:14:12 +00:00
Thomas Daubney
d0c3076dba Make use of crypto_core_directory function in script
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-23 09:59:57 +00:00
Yanray Wang
42be1bab30 block_cipher_no_decrypt: improve comment
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-23 14:34:41 +08:00
Yanray Wang
70642ecb24 all.sh: check_test_dependencies: add one more option
- add !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT in whitelist

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-23 14:34:15 +08:00
Pengyu Lv
31a9b7891a Improve comments and variable naming
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-23 14:15:37 +08:00
Pengyu Lv
a442858878 Restruct the structure of outcome file presentation
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-23 10:52:42 +08:00
Yanray Wang
690ee81533 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-11-23 10:31:26 +08:00
Pengyu Lv
a6cf5d67c5 Share parsed outcomes among tasks when ananlyzing
This extremely improves the performance.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-23 09:51:58 +08:00
Thomas Daubney
755d32117b Rename guess_mbedtls_root to guess_project_root
Rename for consistency. Also, replace all calls to
this function with correct name.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-22 17:18:22 +00:00
Gilles Peskine
3b2b7f8acf MSan and TSan complain as well, not just ASan
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-22 18:08:17 +01:00
Gilles Peskine
05ebe967be Disable check_mbedtls_calloc overallocation under ASan
This test case exercises an integer overflow in calloc. Under Asan, with
a modern Clang, this triggers an Asan complaint. The complaint can be
avoided with ASAN_OPTIONS=allocator_may_return_null=1, but this has to
be set in the environment before the program starts, and could hide
other errors.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-22 17:56:26 +01:00
Gilles Peskine
fa8ec2611e Detect enabled GCC/Clang sanitizers
Occasionally we want tests to take advantage of sanitizers, or work around
them.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-22 17:56:26 +01:00
Jerry Yu
0e9eafff13 Update tests to the code status
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-22 16:48:39 +08:00
Yanray Wang
951b3cb400 tls13-misc: cli: check parser of max_early_data_size ext
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-22 10:33:11 +08:00
Jerry Yu
aa5dc24df9 Change if to switch case
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:25 +08:00
Jerry Yu
60e997205d replace check string
The output has been changed

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:25 +08:00
Jerry Yu
713ce1f889 various improvement
- improve change log entry
- improve comments
- remove unnecessary statement
- change type of client_age

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:25 +08:00
Jerry Yu
4ac648ef20 improve readability
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:24 +08:00
Jerry Yu
d84c14f80c improve code style
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:24 +08:00
Jerry Yu
b2455d2472 Guards ticket_creation_time
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:24 +08:00
Jerry Yu
472a69260b fix build failure
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:20 +08:00
Jerry Yu
342a555eef rename ticket received
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:19 +08:00
Jerry Yu
25ba4d40ef rename ticket_creation to ticket_creation_time
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:19 +08:00
Jerry Yu
28547c49ed update tests
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Gilles Peskine
8b1a124126
Merge pull request #8438 from yuhaoth/pr/disable-stdout-for-config-query-call
Disable stdout in require_*_configs_* functions
2023-11-20 18:27:03 +00:00
Gilles Peskine
885bcfc9d0
Merge pull request #7649 from yuhaoth/pr/add-command-for-server9-bad-saltlen
Add command for server9-bad-saltlen
2023-11-20 14:07:19 +00:00
Gilles Peskine
473ff34d59
Merge pull request #8489 from valeriosetti/issue8482
Make CCM* and CCM independent
2023-11-20 14:07:14 +00:00
Gilles Peskine
6267dd59c8
Merge pull request #8463 from gilles-peskine-arm/metatest-create
Create a metatest program
2023-11-20 14:07:08 +00:00
Manuel Pégourié-Gonnard
a4e7953f59
Merge pull request #8527 from lpy4105/issue/6324/driver-only-cipher+aead-tls-compat
[G3] Driver-only cipher+aead: TLS: compat.sh
2023-11-20 09:37:06 +00:00
Ronald Cron
97137f91b6
Merge pull request #7071 from yuhaoth/pr/tls13-ticket-add-max_early_data_size-field
TLS 1.3 EarlyData: add `max_early_data_size` field for ticket
2023-11-20 08:04:57 +00:00
Paul Elliott
9e25936241 Rename mutex->is_valid to mutex->state
Rename struct member to make it more representative of its current use.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-11-16 15:14:16 +00:00
Paul Elliott
3774637518 Make threading helpers tests thread safe
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-11-16 15:13:49 +00:00
Paul Elliott
5fa986c8cb Move handling of mutex->is_valid into threading_helpers.c
This is now a field only used for testing.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-11-16 15:13:05 +00:00
Pengyu Lv
7afd9a4663 Change the test messages
We are now testing driver-only cipher+aead with full config.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-16 17:55:25 +08:00
Valerio Setti
59de2ae6de all.sh: re-enable CCM/GCM in test_full_no_cipher()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-16 08:20:27 +01:00
Pengyu Lv
c5d4c46983 Add missing PSA init
EC might be supported through PSA, so use `MD_OR_USE_PSA_INIT`
in pk_parse_{public_}keyfile_ec.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-16 09:07:28 +08:00
Gilles Peskine
e7fc8a232f Readability improvement
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-15 16:56:26 +01:00
Manuel Pégourié-Gonnard
dc848955d6
Merge pull request #8519 from mpg/block-cipher
[G2] Add internal module block_cipher
2023-11-15 11:53:22 +00:00
Gilles Peskine
4ebccc0396 Update PSA init for md-ligt
Also initialize PSA in builds where hashes are PSA-only, for the sake of
encrypted keys (otherwise PBKDF fails).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-15 11:04:30 +01:00
Gilles Peskine
799befd58e Update to TEST_EQUAL macros for easier debuggability
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-15 11:04:23 +01:00
Pengyu Lv
f561ed8b3a all.sh: enable compat.sh testing in psa_crypto_config_[accel/reference]_cipher_aead
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-15 17:42:55 +08:00
Manuel Pégourié-Gonnard
9e80a91f27
Merge pull request #8164 from yanrayw/adjust_tfm_configs
Adjust how we handle TF-M config files
2023-11-15 08:21:27 +00:00
Valerio Setti
776981ba42 psa_exercise_key: add missing #else for KNOWN_SUPPORTED_BLOCK_CIPHER
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:18:14 +01:00
Valerio Setti
a50b89ebab all.sh: disable CCM_STAR_NO_TAG in test_psa_crypto_config_accel_aead()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:18:14 +01:00
Valerio Setti
a4b60593c1 psa_exercise_key: replace legacy symbols with PSA_WANT ones
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:18:14 +01:00
Valerio Setti
ff2b06a235 all.sh: improve components for without CCM/CCM*
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:18:14 +01:00
Valerio Setti
a765eaa33e test_driver_extension: fix acceleration support for CCM and CCM*
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:18:14 +01:00
Valerio Setti
51d5b196a1 all.sh: accelerate also CCM* in test_psa_crypto_config_accel_cipher_aead
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:16:46 +01:00
Valerio Setti
bdfecb6a83 all.sh: add test components for no-CCM and no-CCM*
The idea is to show that there is no more any dependency between
the two symbols:

- component_test_full_no_ccm() keeps ALG_CCM_STAR_NO_TAG enabled,
  disables ALG_CCM and ensures that the latter does not get
  re-enabled accidentally

- test_full_no_ccm_star_no_tag() keeps ALG_CCM enabled and disables
  ALG_CCM_STAR_NO_TAG and ensures that the latter does not get
  re-enabled accidentally

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:16:37 +01:00
Manuel Pégourié-Gonnard
bce640b7e3
Merge pull request #8499 from valeriosetti/issue8488
Clean up libtestdriver1 config: unconditonal removals
2023-11-15 04:25:14 +00:00
Thomas Daubney
4291bc27b9 Remove trailing whitespace
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-14 18:05:19 +00:00
Thomas Daubney
0eb2dc11c4 Call the right function
Correct erroneous function call

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-14 16:59:39 +00:00
Thomas Daubney
d289b8bdca Stylise TF-PSA-Crypto correctly
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-14 15:30:07 +00:00
Thomas Daubney
e58128e2ba Refactor repository detection
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-14 15:25:52 +00:00
Thomas Daubney
d3f844337f Further modify check-generated-files.sh
Add further modifications to repo detection and calling
the checks.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-14 12:02:26 +00:00
Manuel Pégourié-Gonnard
752dd39a69
Merge pull request #8508 from valeriosetti/issue6323
[G3] Driver-only cipher+aead: TLS: ssl-opt.sh
2023-11-14 11:39:06 +00:00
Yanray Wang
c43479103a aesce: fix unused parameter
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-14 11:09:56 +08:00
Thomas Daubney
c9f8386a7c Modify check-generated-files.sh to work in both repos
Make the script work in both Mbed TLS and TF PSA
Crypto.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-13 10:03:56 +00:00
Valerio Setti
04c85e146c ssl-opt: fix wrong CCM dependencies with GCM
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-13 10:54:05 +01:00
Valerio Setti
c747306848 all.sh: remove redundant make in test_psa_crypto_config_accel_cipher_aead()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-13 10:51:52 +01:00
Yanray Wang
19583e44ed psa_information: improve code readability
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-13 17:43:37 +08:00
Yanray Wang
3ae1199788 all.sh: add config_block_cipher_no_decrypt to simplify code
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-13 17:43:21 +08:00
Yanray Wang
07e663de5e all.sh: block_cipher_no_decrypt: clean up cflags
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-13 17:23:40 +08:00
Yanray Wang
b2d6e52758 all.sh: block_cipher_no_decrypt: simplify code
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-13 17:23:19 +08:00
Yanray Wang
85b7465712 all.sh: block_cipher_no_decrypt: fix various issues
- improve test completeness
- renaming
- fix typo

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-13 17:18:34 +08:00
Manuel Pégourié-Gonnard
cf582df426
Merge pull request #8498 from mpg/legacy-deps-psa-tests
Remove legacy dependencies from PSA tests
2023-11-13 08:16:30 +00:00
Tom Cosgrove
08ea9bfa1f
Merge pull request #8487 from yanrayw/issue/6909/rename_tls13_conf_early_data
TLS 1.3: Rename early_data and max_early_data_size configuration function
2023-11-10 19:35:46 +00:00
Gilles Peskine
cce0012463 Add documentation
Explain the goals of metatests, how to write them, and how to read their
output.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-10 15:36:15 +01:00
Manuel Pégourié-Gonnard
76fa16cab3 block_cipher: add encrypt()
Test data copied from existing test suites.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 12:14:53 +01:00
Manuel Pégourié-Gonnard
3e0884fc53 block_cipher: add setkey()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 11:52:10 +01:00
Manuel Pégourié-Gonnard
21718769d1 Start adding internal module block_cipher.c
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 11:21:17 +01:00
Manuel Pégourié-Gonnard
9f164f0103 all.sh: more comments in check_test_cases()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 10:16:06 +01:00
Manuel Pégourié-Gonnard
5c6f787caa all.sh: robustness improvement
The original pattern would catch any extension, which could include
things like editor backup files etc, that we'd rather ignore.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 10:04:22 +01:00
Manuel Pégourié-Gonnard
a742337ef6 all.sh: add diff to can_keep_going_after_failure
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 09:58:31 +01:00
Valerio Setti
73d053123f ssl-opt: set proper cipher dependencies in tests using ticket_aead parameters
Check either legacy or PSA symbols based on USE_PSA_CRYPTO

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:27:45 +01:00
Valerio Setti
dd43d7b3a4 ssl-opt: set proper dependencies on tests with encrypted server5 key
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:12:07 +01:00
Valerio Setti
f941455e3b all.sh: enable ssl-opt testing in psa_crypto_config_[accel/reference]_cipher_aead
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:12:07 +01:00
Valerio Setti
ec9b25877f all.sh: disable CIPHER_C in test_psa_crypto_config_accel_cipher_aead
Extra features that depend on CIPHER_C are disabled also in the
reference component in order to get test parity.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:08:43 +01:00
Yanray Wang
799bd84b0d all.sh: resue support_build_armcc for *_armcc test
For time being, pre_check_tools check armcc and armclang together.
Therefore, we can resue support_build_armcc even if the test only
needs armclang.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-10 15:03:23 +08:00
Yanray Wang
4cd1b1617d all.sh: check additional symbols in asece for block_cipher_no_decrypt
check
 - mbedtls_aesce_inverse_key
 - aesce_decrypt_block

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-10 15:03:23 +08:00
Yanray Wang
49cd4b5f7d all.sh: refine and simplify component for block_cipher_no_decrypt
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-10 15:03:10 +08:00
Manuel Pégourié-Gonnard
7d7ce0e66a
Merge pull request #8495 from lpy4105/issue/6322/driver-only-cipher_aead-tls
[G3] Driver-only cipher+aead: TLS: main test suite
2023-11-09 11:10:34 +00:00
Jerry Yu
de7ead0a64
Update license
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-09 10:10:33 +08:00
Gilles Peskine
4dec9ebdc2
Merge pull request #8378 from mschulz-at-hilscher/fixes/issue-8377
Fixes "CSR parsing with critical fields fails"
2023-11-08 18:07:04 +00:00
Gilles Peskine
c75ee77dbb
Merge pull request #8439 from yuhaoth/pr/add-test-suite-parameter-to-ssl-opt
Add test-suite parameter to filter tests
2023-11-08 18:05:44 +00:00
Dave Rodgman
0d22539de0
Merge pull request #8468 from daverodgman/mbedtls-3.5.1-pr
Mbed TLS 3.5.1
2023-11-08 18:01:32 +00:00
Valerio Setti
b9015385fd test_driver_extension: use same def/undef pattern for all accelerated symbols
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-08 13:11:10 +01:00
Manuel Pégourié-Gonnard
3e1d39b332 Add check about legacy dependencies in PSA tests
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:54:02 +01:00
Dave Rodgman
28d40930ae Restore bump version
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:08 +00:00
Gilles Peskine
1d6de4ceb7 No more limitations accelerated algorithms using a built-in hash
It used to be the case that when an algorithm that uses a hash inside was
accelerated through a PSA driver, it might end up calling a hash algorithm
that is not available from the driver. Since we introduced MBEDTLS_MD_LIGHT,
this no longer happens: PSA accelerated hashes are available to callers of
the MD module, so the test driver can use all available hash algorithms.
Hence the workaround to skip testing certain accelerated cases is no longer
needed.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-08 12:30:52 +01:00
Manuel Pégourié-Gonnard
fcc5f31bb8 Rm unjustified MD_C dependencies in PSA test
RSA will auto-enable MD_LIGHT, we don't need to list MD_C as a
dependency here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:30:52 +01:00
Manuel Pégourié-Gonnard
af302b9e5d Rm unjustified PK_C dependencies in PSA tests
Some are about raw or AES keys where PK seems really unrelated.

The others are about RSA where PK may be relevant, but the necessary
bits of PK are auto-enabled when RSA key types are requested, so we
shouldn't need to list them as dependencies in tests.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:30:52 +01:00
Manuel Pégourié-Gonnard
433150e8f2 Rm redundant ECC dependencies in psa_crypto tests
Since _DERIVE can't be accelerated now, in
config_adjust_legacy_from_psa.h we will notice and auto-enable ECP_LIGHT
as well as the built-in version of each curve that's supported in this
build. So, we don't need to list those as dependencies here - and they
would cause issues when we add support for _DERIVE drivers.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:30:51 +01:00
Manuel Pégourié-Gonnard
59a8b41ca3 Fix incorrect RSA dependencies in psa_crypto tests
There's no reason the tests would depend specifically on our built-in
implementation and not work with drivers, so replace the RSA_C
dependency with the correct PSA_WANT dependencies.

Those 6 cases use two different test functions, but both of those
functions only do `psa_import()`, so all that's needed is PUBLIC_KEY or
KEYPAIR_IMPORT (which implies KEYPAIR_BASIC) depending on the kind of
key being tested.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:30:51 +01:00
Manuel Pégourié-Gonnard
0d9a3618bd Rm unneeded dep on PK_PARSE_C in psa crypto tests
Most of them were removed in 7162, not sure how these ones slipped in.

There's no reason deterministic ECDSA verification would need PK parse
more than the other tests. The following finds no match:

    grep -i pk_parse library/ecdsa.c library/psa_crypto_ecp.c

Even if PK parse was actually needed for this, the right way would be to
auto-enable it based on PSA_WANT symbols, and then only depend on
PSA_WANT symbols here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-08 12:30:51 +01:00
Ronald Cron
c27a4ce3dd
Merge pull request #8429 from gilles-peskine-arm/fix-test_suite_constant_time_hmac-not-executed
Fix test suite never executed due to an undefined symbol
2023-11-08 09:05:12 +00:00
Pengyu Lv
2bd56de3f4 ssl: replace MBEDTLS_SSL_HAVE_*_CBC with two seperate macros
MBEDTLS_SSL_HAVE_<block_cipher>_CBC equals
MBEDTLS_SSL_HAVE_<block_cipher> and MBEDTLS_SSL_HAVE_CBC.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 14:21:19 +08:00
Pengyu Lv
ba6825e37b ssl: use MBEDTLS_SSL_HAVE_* in tests
Done by commands:

```
sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 14:09:16 +08:00
Yanray Wang
7b320fa7c9 ssl-opt.sh: fix typo
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-08 10:33:32 +08:00
Pengyu Lv
fe03a4071b ssl_helper: fix missin initialization of cli_log_obj
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 10:30:48 +08:00
Yanray Wang
30769696e7 Merge remote-tracking branch 'origin/development' into adjust_tfm_configs 2023-11-08 10:00:24 +08:00
Matthias Schulz
e92f6dcf5c New test cases requested in https://github.com/Mbed-TLS/mbedtls/pull/8378#discussion_r1383779861
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-07 15:16:35 +01:00
Tom Cosgrove
53199b1c0a
Merge pull request #6720 from yuhaoth/pr/tls13-early-data-receive-0_rtt-and-eoed
TLS 1.3: EarlyData SRV: Write early data extension  in EncryptedExtension
2023-11-07 13:59:13 +00:00
Yanray Wang
4995e0c31b cipher.c: return error for ECB-decrypt under BLOCK_CIPHER_NO_DECRYPT
- fix remaining dependency in test_suite_psa_crypto.data

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-07 17:51:32 +08:00
Tom Cosgrove
4122c16abd
Merge pull request #6945 from lpy4105/issue/6935/ticket_flags-kex-mode-determination
TLS 1.3: SRV: Check ticket_flags on kex mode determination when resumption
2023-11-07 09:26:21 +00:00
Jerry Yu
7ef9fd8989 fix various issues
- Debug message
- Improve comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-07 14:31:37 +08:00
Pengyu Lv
4ebf86e780 tls13-misc: Do not check kex mode for some cases
Ephemeral is preferred over pure PSK, the change is
to make CI happy.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-07 10:14:32 +08:00
Pengyu Lv
1f00926142 Change base config to full
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-07 09:55:11 +08:00
Gilles Peskine
102aea2ba8 Add metatests for mutex usage
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:19 +01:00
Gilles Peskine
6848d1709b Run metatests in selected components
Run metatests in some components, covering both GCC and Clang, with ASan,
MSan or neither.

Note that this commit does not cover constant-flow testing builds or Valgrind.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:19 +01:00
Gilles Peskine
f109664448 Script to run all the metatests (with platform filtering)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-06 20:33:18 +01:00
Dave Rodgman
b578514b03
Merge pull request #8470 from gilles-peskine-arm/check-files-license
Check copyright statements and SPDX license statements
2023-11-06 17:07:54 +00:00
Paul Elliott
e03270f2e0
Merge pull request #8391 from paul-elliott-arm/full_no_platform
Add full_no_platform config preset
2023-11-06 11:35:28 +00:00
Manuel Pégourié-Gonnard
964dee6b3f
Merge pull request #8442 from lpy4105/issue/8355/driver-only-cipher_aead-x509
X.509: Support driver-only cipher+aead
2023-11-06 09:10:57 +00:00
Yanray Wang
bc29aefdea all.sh: test BLOCK_CIPHER_NO_DECRYPT in build_aes_variations
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-06 11:14:38 +08:00
Jerry Yu
9e47b268c4 Revert "ssl-opt.sh: Make record_outcome record the ssl-opt.sh file only"
This reverts commit cfe68a0cb6.

As commit 5eb2b02862, this line is used to report test suite name.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-06 10:53:43 +08:00
Jerry Yu
50d07bdeec Add test-suite parameter to filter tests
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-06 10:49:01 +08:00
Yanray Wang
f149640021 all.sh: add components to test BLOCK_CIPHER_NO_DECRYPT with PSA
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-06 10:02:10 +08:00
Gilles Peskine
ce78200fb5 Pacify mypy
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-04 16:07:26 +01:00
Gilles Peskine
3b9facd8ac Also complain if licenses are mentioned
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-04 16:07:26 +01:00
Gilles Peskine
f2fb9f667c Check copyright statements and SPDX license identifier
Enforce a specific copyright statement and a specific SPDX license
identifier where they are present.

Binary files, third-party modules and a few other exceptions are not
checked.

There is currently no check that copyright statements and license
identifiers are present.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-04 16:07:26 +01:00
Gilles Peskine
990030bce0 Sort imports
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-04 16:07:26 +01:00
Gilles Peskine
8b6b41f6cd
Merge pull request #8434 from valeriosetti/issue8407
[G2] Make TLS work without Cipher
2023-11-04 15:05:00 +00:00
Gilles Peskine
c5ce9fcf03
Merge pull request #8435 from valeriosetti/issue8415
Remove cipher/aead legacy dependencies from PSA test suites
2023-11-04 15:04:51 +00:00
Gilles Peskine
e9f50bf161
Merge pull request #8443 from valeriosetti/issue8274
Clean up curves handling in libtestdriver1 config
2023-11-04 15:04:42 +00:00
Gilles Peskine
0c29963265
Merge pull request #8462 from daverodgman/license-change
License change
2023-11-04 15:47:07 +01:00
Dave Rodgman
bb5a18344a Bump version
./scripts/bump_version.sh --version 3.5.1 --so-crypto 15 --so-x509 6 --so-tls 20

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 12:31:30 +00:00
Dave Rodgman
a9b6c64a69 Fix some non-standard headers
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 12:24:58 +00:00
Dave Rodgman
e3c05853d6 Header updates
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 12:21:36 +00:00