Commit graph

4106 commits

Author SHA1 Message Date
Janos Follath
91dc67d31c Allow (NULL, 0) as a representation of 0
- We don't check for NULL pointers this deep in the library
- Accessing a NULL pointer when the limb number is 0 as a mistake is the
  very similar to any other out of bounds access
- We could potentially mandate at least 1 limb representation for 0 but
  we either would need to enforce it or the implementation would be less
  robust.
- Allowing zero limb representation - (NULL, 0) in particular - for zero
  is present in the legacy interface, if we disallow it, the
  compatibility code will need to deal with this (more code size and
  opportunities for mistakes)

In summary, interpreting (NULL, 0) as the number zero in the core
interface is the least of the two evils.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-05 17:08:52 +01:00
Janos Follath
6ff3536de5 Add tests for little endian core I/O
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-05 17:08:49 +01:00
Janos Follath
f1d617deb8 Add tests for big endian core I/O
The test case where there were extra limbs in the MPI failed and this
commit contains the corresponding fix as well. (We used to use the
minimum required limbs instead of the actual limbs present.)

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-05 17:06:31 +01:00
Gilles Peskine
b4983d4556
Merge pull request #6164 from mprse/md_ssl_test
Avoid use of MD in SSL test suite
2022-08-05 11:02:44 +02:00
Gilles Peskine
f860f3742b
Merge pull request #6070 from wernerlewis/bignum_test_radix
Remove radix argument from bignum test functions
2022-08-05 11:01:07 +02:00
Gilles Peskine
57d4c11c44
Merge pull request #6165 from mprse/md_x509_test
Avoid use of MD in X.509 write test suite
2022-08-04 10:11:03 +02:00
Gilles Peskine
07e7fe516b
Merge pull request #6088 from tuvshinzayaArm/validation_remove_change_curve
Validation remove and change in files related to curve in library
2022-08-03 13:05:16 +02:00
Werner Lewis
dc47fe71df Use upper case for bignum string comparison
Test data which is compared as a hex string now uses upper case to
match output of mbedtls_mpi_write_string() output. This removes usage
of strcasecmp().

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:17:45 +01:00
Werner Lewis
3ccc116c35 Apply test data changes for conflicting cases
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:17:45 +01:00
Werner Lewis
a453c14a12 Remove radix arguments from tests added in 3.2
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:07:14 +01:00
Werner Lewis
efda01fb8c Fix formatting in bignum test functions
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:07:14 +01:00
Werner Lewis
f65a327111 Remove remaining bignum radix args
Functions which are not covered by script, changes made to use radix
16.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:07:14 +01:00
Werner Lewis
9802d36168 Remove radix arg from bignum tests
Cases where radix was explictly declared are removed in most cases,
replaced using script. bignum arguments are represented as hexadecimal
strings. This reduces clutter in test data and makes bit patterns
clearer.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:07:14 +01:00
Werner Lewis
19b4cd893c Remove radix arg from mbedtls_test_read_mpi
All uses have radix argument removed, using script.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-08-01 15:05:24 +01:00
Przemek Stekiel
54a544600f test_suite_x509write: use psa_hash_compute() instead mbedtls_md()
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-01 16:03:17 +02:00
Przemek Stekiel
cc59c998d8 test_suite_ssl: make PSA build independent on MD module
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-01 14:29:56 +02:00
Manuel Pégourié-Gonnard
1e48445aa0
Merge pull request #6104 from superna9999/6097-remove-useless-md-in-test
Remove useless use of MD in test functions
2022-07-28 11:35:56 +02:00
Dave Rodgman
aba26d0099
Merge pull request #5963 from tom-daubney-arm/remove_ssl_compression_new
Remove use of SSL session compression
2022-07-28 10:28:23 +01:00
Manuel Pégourié-Gonnard
f6b8c3297a
Merge pull request #6065 from mpg/explore2
Driver-only hashes: RSA 1.5 and PK + strategy doc
2022-07-28 10:43:38 +02:00
Tuvshinzaya Erdenekhuu
fb389dde58 Enable invalid param test for ecp
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
2022-07-27 15:23:02 +01:00
Tuvshinzaya Erdenekhuu
8df9603e73 Enable invalid param test for ecjpake
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
2022-07-27 15:20:22 +01:00
Tuvshinzaya Erdenekhuu
2392419c9d Enable invalid param test in ecdh.c
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
2022-07-27 15:19:46 +01:00
Thomas Daubney
20f89a9605 Remove uses of SSL compression
Remove or modify current uses of session compression.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-07-26 16:13:03 +01:00
Jerry Yu
6ac7c0349a TLS 1.3: Add session test checks
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:09:40 +08:00
Jerry Yu
bc7c1a4260 fix typo/format/name issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:09:40 +08:00
Jerry Yu
f092629997 Add save load test for tls13
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
a180f99a55 Add load-save tests for tls13
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
1ac476cc1e Add save buf size test for tls13
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
6e8fec2908 add session serialization load buf
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
534ff400d4 Add serialize_version_check for tls13
Add population session also

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Manuel Pégourié-Gonnard
0aabb6d8b9 Fix dependency in test_suite_pk
When USE_PSA is disabled and ECDSA_DETERMINISTIC is enabled, generating
ECDSA signatures via PK requires use of the hash via the MD layer (in
HMAC-DRBG, used by deterministic ECDSA).

When USE_PSA is enabled, ECDSA signatures via PK go through PSA which
always uses non-deterministic ECDSA, so does not rely on HMAC-DRBG/MD.

The condition used here is slightly too strong, but expressing exactly
the optimal condition seems more effort than it's worth for just 3 test
cases.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-22 10:55:06 +02:00
Dave Rodgman
87276a326f
Merge pull request #5952 from tuvshinzayaArm/add-missing-break
Add missing break
2022-07-21 15:25:40 +01:00
Manuel Pégourié-Gonnard
db2c80402a Fix dependencies in test_suite_pk
Using VIA_MD_OR_PSA_BASED_ON_USE_PSA was justified by the fact that
until a few commits ago, the test functions here computed hashes using
either MD or PSA, depending on whether USE_PSA was defined (which itself
was justified by the loose reasoning that "PK is USE_PSA territory").

A few commits ago, test code stopped computing hashes because the hash
values became part of the test data. PK itself does not compute hashes.
As a result, VIA_MD_OR_PSA_BASED_ON_USE_PSA is no longer justified.

There are now two kinds of tests:
- those that only rely on hash data (ECDSA, RSA PKCS#1 v1.5) should
depend on VIA_LOWLEVEL_OR_PSA as that is the minimal dependency, hence
the one used for data
- those that were the layer below PK will internally compute a hash (RSA
PKCS#1 v2.1): currently this hash is always computed using MD (on which
MBEDTLS_PKCS1_V21 depends), so legacy dependencies like MBEDTLS_SHA256_C
should be used for now. The previous dependency was morally wrong, it
didn't show in the driver-only tests only because PKCS#1 v2.1 is
disabled in this test for now.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-21 13:34:46 +02:00
Manuel Pégourié-Gonnard
73692b7537 Rework macros expressing dependencies
Fix usage with sed:

s/MBEDTLS_OR_PSA_WANT_\([A-Z_0-9]*\)/MBEDTLS_HAS_\1_VIA_LOWLEVEL_OR_PSA/
s/MBEDTLS_USE_PSA_WANT_\([A-Z_0-9]*\)/MBEDTLS_HAS_\1_VIA_MD_OR_PSA_BASED_ON_USE_PSA/

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-21 12:11:53 +02:00
Dave Rodgman
7085aa42ee
Merge pull request #5896 from wernerlewis/aes_shallow_copy
Refactor AES context to be shallow-copyable
2022-07-20 15:16:37 +01:00
Neil Armstrong
0270b9f5a4 Rm useless use of MD in PKCS#1v2.1 test functions
We had a message in the data file, and were computing its hash in the
test function. It is more efficient (and simpler when it comes to
dependencies) to directly have the message hash in the data file.

It was probably this way because some test vectors provide the message
for the sake of all-in-one implementation that hash-and-sign at once.
But our API gets a hash as the input and signs it. In unit tests, this
should be reflected in the signature of the test function, which should
take a hash as input.

The changes to the .data file were done using the following python
script:

import hashlib

suite = 'pkcs1_v21'

functions = {
        'pkcs1_rsassa_pss_sign': (6, 8),
        'pkcs1_rsassa_pss_verify': (4, 6),
        'pkcs1_rsassa_pss_verify_ext': (4, 8),
}

def hash_ctx(s):
    if s == 'MBEDTLS_MD_MD5':
        return hashlib.md5()
    if s == 'MBEDTLS_MD_SHA1':
        return hashlib.sha1()
    if s == 'MBEDTLS_MD_SHA224':
        return hashlib.sha224()
    if s == 'MBEDTLS_MD_SHA256':
        return hashlib.sha256()
    if s == 'MBEDTLS_MD_SHA384':
        return hashlib.sha384()
    if s == 'MBEDTLS_MD_SHA512':
        return hashlib.sha512()

def fix(l):
    parts = l.rstrip().split(":")

    fun = parts[0]
    if fun not in functions:
        return l

    (digest_idx, msg_idx) = functions[fun]

    alg_str = parts[digest_idx]
    if alg_str == "MBEDTLS_MD_NONE":
        return l
    h = hash_ctx(alg_str)

    msg_str = parts[msg_idx]
    msg_hex = msg_str[1:-1]
    msg = bytes.fromhex(msg_hex)
    h.update(msg)
    msg_hash = h.hexdigest()
    msg_hash_str = '"' + msg_hash + '"'

    parts[msg_idx] = msg_hash_str
    return ":".join(parts) + '\n'

filename = 'tests/suites/test_suite_' + suite + '.data'
with open(filename) as f:
    lines = f.readlines()

lines = [fix(l) for l in lines]

with open(filename, 'w') as f:
    f.writelines(lines)

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-07-20 09:34:20 +02:00
Jerry Yu
a357cf4d4c Rename new_session_ticket state
Both client and server side use
`MBEDTLS_SSL_NEW_SESSION_TICKET` now

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 11:07:29 +08:00
Neil Armstrong
5ea65173fb Rm useless use of MD in ECDSA test functions
We had a message in the data file, and were computing its hash in the
test function. It is more efficient (and simpler when it comes to
dependencies) to directly have the message hash in the data file.

It was probably this way because some test vectors provide the message
for the sake of all-in-one implementation that hash-and-sign at once.
But our API gets a hash as the input and signs it. In unit tests, this
should be reflected in the signature of the test function, which should
take a hash as input.

The changes to the .data file were done using the following python
script:

import hashlib

suite = 'ecdsa'

functions = {
        'ecdsa_det_test_vectors': (3, 4),
        'ecdsa_write_restart': (3, 4),
}

def hash_ctx(s):
    if s == 'MBEDTLS_MD_MD5':
        return hashlib.md5()
    if s == 'MBEDTLS_MD_SHA1':
        return hashlib.sha1()
    if s == 'MBEDTLS_MD_SHA224':
        return hashlib.sha224()
    if s == 'MBEDTLS_MD_SHA256':
        return hashlib.sha256()
    if s == 'MBEDTLS_MD_SHA384':
        return hashlib.sha384()
    if s == 'MBEDTLS_MD_SHA512':
        return hashlib.sha512()

def fix(l):
    parts = l.rstrip().split(":")

    fun = parts[0]
    if fun not in functions:
        return l

    (alg_idx, msg_idx) = functions[fun]

    alg_str = parts[alg_idx]
    if alg_str == "MBEDTLS_MD_NONE":
        return l
    h = hash_ctx(alg_str)

    msg_str = parts[msg_idx][1:-1]
    h.update(msg_str.encode('ascii'))
    msg_hash = h.hexdigest()
    msg_hash_str = '"' + msg_hash.upper() + '"'

    parts[msg_idx] = msg_hash_str
    return ":".join(parts) + '\n'

filename = 'tests/suites/test_suite_' + suite + '.data'
with open(filename) as f:
    lines = f.readlines()

lines = [fix(l) for l in lines]

with open(filename, 'w') as f:
    f.writelines(lines)

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-07-19 21:03:29 +02:00
Manuel Pégourié-Gonnard
abac037a7b Migrate from old inline to new actual function.
This is mostly:

    sed -i 's/mbedtls_psa_translate_md/mbedtls_hash_info_psa_from_md/' \
    library/*.c tests/suites/*.function

This should be good for code size as the old inline function was used
from 10 translation units inside the library, so we have 10 copies at
least.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-18 21:28:38 +02:00
Manuel Pégourié-Gonnard
4772884133 New internal module for managing hash information
Using static inline functions is bad for code size; the function from
md_internal.h was already used from 3 different C files, so already was
copied at least 3 times in the library, and this would only get worse
over time.

Use actual functions, and also share the actual data between them.

Provide a consistent set of operations. Conversion to/from
human-readable string was omitted for now but could be added later if
needed.

In the future, this can be used to replace other similar (inline)
functions that are currently scattered, including (but perhaps not
limited to):
- mbedtls_psa_translate_md() from psa_util.h
- mbedtls_md_info_from_psa() (indirectly) from psa_crypto_hash.h
- get_md_alg_from_psa() from psa_crypto_rsa.c

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-18 21:28:38 +02:00
Manuel Pégourié-Gonnard
4608c48b0c Rm useless use of MD in PK test functions
Same rationale as previous "Rm useless use of MD" commits.

Here the first two test functions were already not depending on MD_C,
but the new version is much simpler, as it avoids having two versions of
the code depending on the value of USE_PSA.

Changes to the data file generated with the following Python script:

import hashlib

suite = 'pk'
functions = {
        'pk_rsa_verify_test_vec': (2, 1, True),
        'pk_rsa_verify_ext_test_vec': (2, 1, True),
        'pk_sign_verify_restart': (6, 7, False),
}

def hash_ctx(s):
    if s == 'MBEDTLS_MD_MD5':
        return hashlib.md5()
    if s == 'MBEDTLS_MD_SHA1':
        return hashlib.sha1()
    if s == 'MBEDTLS_MD_SHA224':
        return hashlib.sha224()
    if s == 'MBEDTLS_MD_SHA256':
        return hashlib.sha256()
    if s == 'MBEDTLS_MD_SHA384':
        return hashlib.sha384()
    if s == 'MBEDTLS_MD_SHA512':
        return hashlib.sha512()
    if s == 'MBEDTLS_MD_RIPEMD160':
        return hashlib.new("ripemd160")

def fix(l):
    parts = l.rstrip().split(":")

    fun = parts[0]
    if fun not in functions:
        return l

    (alg_idx, msg_idx, is_hex) = functions[fun]

    alg_str = parts[alg_idx]
    if alg_str == "MBEDTLS_MD_NONE" or alg_str == "255":
        return l
    h = hash_ctx(alg_str)

    msg_str = parts[msg_idx][1:-1]
    msg = bytes.fromhex(msg_str) if is_hex else bytes(msg_str, 'ascii')
    h.update(msg)
    msg_hash = h.hexdigest()
    msg_hash_str = '"' + msg_hash + '"'

    parts[msg_idx] = msg_hash_str
    return ":".join(parts) + '\n'

filename = 'tests/suites/test_suite_' + suite + '.data'
with open(filename) as f:
    lines = f.readlines()

lines = [fix(l) for l in lines]

with open(filename, 'w') as f:
    f.writelines(lines)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-18 10:55:56 +02:00
Manuel Pégourié-Gonnard
5ef4e8d9b9 Don't depend on strong entropy for RSA tests
Tests are not here to demonstrate best practice, but to test a specific
part of the code. Using an RNG provided by the test framework also makes
the test code more focused on what we actually mean to test.

This brings the number of tests skipped in test_suite_rsa in
test_psa_crypto_config_accel_hash_use_psa down to 0 (from 50).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-16 08:57:19 +02:00
Manuel Pégourié-Gonnard
1d1174a5c3 Rm spurious declared dependency in test_suite_rsa
Probably the result of copy-pasting: the test functions actually don't
use those modules at all.

This brings the number of tests skipped in test_suite_rsa in
test_psa_crypto_config_accel_hash_use_psa down to 50 (from 61).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-16 08:41:34 +02:00
Manuel Pégourié-Gonnard
236c4e22f7 Adjust test dependencies after last commit
This brings the number of tests skipped in test_suite_rsa in
test_psa_crypto_config_accel_hash_use_psa down to 61 (from 117).

The changes to the test data file were generated with:

    sed -i -f or_psa_hash.sed tests/suites/test_suite_rsa.data

with or_psa_hash.sed containing:

    s/MBEDTLS_MD5_C/MBEDTLS_OR_PSA_WANT_ALG_MD5/g
    s/MBEDTLS_RIPEMD160_C/MBEDTLS_OR_PSA_WANT_ALG_RIPEMD160/g
    s/MBEDTLS_SHA1_C/MBEDTLS_OR_PSA_WANT_ALG_SHA_1/g
    s/MBEDTLS_SHA224_C/MBEDTLS_OR_PSA_WANT_ALG_SHA_224/g
    s/MBEDTLS_SHA256_C/MBEDTLS_OR_PSA_WANT_ALG_SHA_256/g
    s/MBEDTLS_SHA384_C/MBEDTLS_OR_PSA_WANT_ALG_SHA_384/g
    s/MBEDTLS_SHA512_C/MBEDTLS_OR_PSA_WANT_ALG_SHA_512/g

Here the MBEDTLS_OR_PSA_xxx macros are the right choice as we just need
data about the hashes to be available.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-16 08:38:35 +02:00
Manuel Pégourié-Gonnard
a4aa12f0a1 Rm useless use of MD in RSA test functions
Same rationale as two commits ago.

Changes to the data file generated with the following script:

import hashlib

suite = 'rsa'
functions = {
        'mbedtls_rsa_pkcs1_sign': (3, 1),
        'mbedtls_rsa_pkcs1_verify': (3, 1),
}

def hash_ctx(s):
    if s == 'MBEDTLS_MD_MD5':
        return hashlib.md5()
    if s == 'MBEDTLS_MD_SHA1':
        return hashlib.sha1()
    if s == 'MBEDTLS_MD_SHA224':
        return hashlib.sha224()
    if s == 'MBEDTLS_MD_SHA256':
        return hashlib.sha256()
    if s == 'MBEDTLS_MD_SHA384':
        return hashlib.sha384()
    if s == 'MBEDTLS_MD_SHA512':
        return hashlib.sha512()
    if s == 'MBEDTLS_MD_RIPEMD160':
        return hashlib.new("ripemd160")

def fix(l):
    parts = l.rstrip().split(":")

    fun = parts[0]
    if fun not in functions:
        return l

    (alg_idx, msg_idx) = functions[fun]

    alg_str = parts[alg_idx]
    if alg_str == "MBEDTLS_MD_NONE" or alg_str == "255":
        return l
    h = hash_ctx(alg_str)

    msg_str = parts[msg_idx]
    msg_hex = msg_str[1:-1]
    msg = bytes.fromhex(msg_hex)
    h.update(msg)
    msg_hash = h.hexdigest()
    msg_hash_str = '"' + msg_hash + '"'

    parts[msg_idx] = msg_hash_str
    return ":".join(parts) + '\n'

filename = 'tests/suites/test_suite_' + suite + '.data'
with open(filename) as f:
    lines = f.readlines()

lines = [fix(l) for l in lines]

with open(filename, 'w') as f:
    f.writelines(lines)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-16 08:20:26 +02:00
Manuel Pégourié-Gonnard
5ce9959185 Adjust test dependencies after last commit
This brings the number of tests skipped in test_suite_pkcs1_v15 in
test_psa_crypto_config_accel_hash_use_psa to 0.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-16 08:07:51 +02:00
Manuel Pégourié-Gonnard
a9e1d9953e Rm useless use of MD in PKCS#1v1.5 test functions
We had a message in the data file, and were computing its hash in the
test function. It is more efficient (and simpler when it comes to
dependencies) to directly have the message hash in the data file.

It was probably this way because some test vectors provide the message
for the sake of all-in-one implementation that hash-and-sign at once.
But our API gets a hash as the input and signs it. In unit tests, this
should be reflected in the signature of the test function, which should
take a hash as input.

The changes to the .data file were done using the following python
script:

import hashlib

suite = 'pkcs1_v15'

functions = {
        'pkcs1_rsassa_v15_sign': (10, 12),
        'pkcs1_rsassa_v15_verify': (6, 8),
}

def hash_ctx(s):
    if s == 'MBEDTLS_MD_MD5':
        return hashlib.md5()
    if s == 'MBEDTLS_MD_SHA1':
        return hashlib.sha1()
    if s == 'MBEDTLS_MD_SHA224':
        return hashlib.sha224()
    if s == 'MBEDTLS_MD_SHA256':
        return hashlib.sha256()
    if s == 'MBEDTLS_MD_SHA384':
        return hashlib.sha384()
    if s == 'MBEDTLS_MD_SHA512':
        return hashlib.sha512()

def fix(l):
    parts = l.rstrip().split(":")

    fun = parts[0]
    if fun not in functions:
        return l

    (alg_idx, msg_idx) = functions[fun]

    alg_str = parts[alg_idx]
    if alg_str == "MBEDTLS_MD_NONE":
        return l
    h = hash_ctx(alg_str)

    msg_str = parts[msg_idx]
    msg_hex = msg_str[1:-1]
    msg = bytes.fromhex(msg_hex)
    h.update(msg)
    msg_hash = h.hexdigest()
    msg_hash_str = '"' + msg_hash + '"'

    parts[msg_idx] = msg_hash_str
    return ":".join(parts) + '\n'

filename = 'tests/suites/test_suite_' + suite + '.data'
with open(filename) as f:
    lines = f.readlines()

lines = [fix(l) for l in lines]

with open(filename, 'w') as f:
    f.writelines(lines)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-16 08:07:02 +02:00
Manuel Pégourié-Gonnard
4c1087f474 Use MBEDTLS_OR_PSA_WANT_xxx in test_suite_rsa
The encrypt/decrypt cases don't depend on actually computing a hash,
just on information about it being available, and this information is
guarded by MBEDTLS_OR_PSA_WANT_xxx.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-15 12:08:14 +02:00
Manuel Pégourié-Gonnard
3637c516a4 Refine dependencies in test_suite_pkcs1_v15
Having the whole .function file depend on SHA-1 was wrong: dependencies
in .function files are for compile-time dependencies all functions in
this file build just fine without SHA-1. It's just some tests cases that
do need SHA-1 at runtime, use dependencies on those specific tests in
the .data file then.

This reduces the number of cases skipped in this test suite in
test_psa_crypto_config_accel_hash_use_psa from 28 (all of them) down to
12 (those that actually use SHA-1 as opposed to no hash).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-13 12:41:36 +02:00
Paul Elliott
81c69b547a Revert "Revert "Revert "Add generated files for 3.2.0 release"""
This reverts commit 185d24ba0e.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-07-12 11:29:34 +01:00