Commit graph

27906 commits

Author SHA1 Message Date
Dave Rodgman
b06d701f56
Merge pull request #8406 from beni-sandu/aesni
AES-NI: use target attributes for x86 32-bit intrinsics
2023-10-30 17:01:06 +00:00
Tom Cosgrove
3857bad9a2
Merge pull request #8427 from tom-cosgrove-arm/fix-linux-builds-in-conda-forge
Fix builds in conda-forge, which doesn't have CLOCK_BOOTTIME
2023-10-30 15:29:26 +00:00
Manuel Pégourié-Gonnard
1c6100240d
Merge pull request #8398 from mpg/analyze-outcome-ignore-re
In analyze_outcomes.py, add pattern-ignore
2023-10-30 12:46:35 +00:00
Manuel Pégourié-Gonnard
c51c411cc1 analyze_outcome: only warn on ignored tests that pass
The previous check also warned when on tests that were already skipped
in the reference config, which are not really a problem. The purpose of
this "uselessly ignored" check is to make sure that the ignore list
(together with the config common to driver and reference in all.sh)
always correct reflects what works or doesn't in driver-only builds. For
this it's enough to warn when a test is ignored but passing.

The previous, stricter check, was causing issues like:

Error: uselessly ignored: test_suite_pkcs12;PBE Encrypt, pad = 8 (PKCS7 padding disabled)
Error: uselessly ignored: test_suite_pkcs12;PBE Decrypt, (Invalid padding & PKCS7 padding disabled)
Error: uselessly ignored: test_suite_pkcs5;PBES2 Decrypt (Invalid padding & PKCS7 padding disabled)

These are skipped in the reference config because is has PKCS7 padding
enabled, and that's OK.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-30 10:21:22 +01:00
Manuel Pégourié-Gonnard
cd84a290a9 analyze_outcomes: use regexes for cipher/aead
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-30 10:21:15 +01:00
Manuel Pégourié-Gonnard
f1c09a389e
Merge pull request #8119 from valeriosetti/issue8048
PSA crypto should not depend on the cipher module
2023-10-30 08:10:06 +00:00
Beniamin Sandu
3bca7817e5 tests/scripts/all.sh: add test for 32-bit AES-NI intrinsics with clang
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
2023-10-27 17:02:22 +01:00
Beniamin Sandu
800f2b7c02 AES-NI: use target attributes for x86 32-bit intrinsics
This way we build with 32-bit gcc/clang out of the box.
We also fallback to assembly for 64-bit clang-cl if needed cpu
flags are not provided, instead of throwing an error.

Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
2023-10-27 17:02:22 +01:00
Manuel Pégourié-Gonnard
d36a37f0de analyze_outcomes: ignore patterns apply to whole suite
This may come in handy when ignoring patterns in test_suite_cipher for
example which is split in several .data files where we'll want to ignore
the same patterns.

Currently none of the entries had a '.' in the test suite name, so this
doesn't change anything for existing entries.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:19:36 +02:00
Manuel Pégourié-Gonnard
9d9c2344ea analyze_outcome: Simplify some code
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:19:00 +02:00
Manuel Pégourié-Gonnard
b26954375f analyze_outcome: work around old Python in CI
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:18:52 +02:00
Manuel Pégourié-Gonnard
62d6131e5e analyze_outcomes: minor output fix
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:18:52 +02:00
Manuel Pégourié-Gonnard
4fd5a6ac9e analyze_outcomes: use regexes with ECC components
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:18:51 +02:00
Manuel Pégourié-Gonnard
b4558bd6e4 analyze_outcomes: remove useless ignore entries
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:17:35 +02:00
Manuel Pégourié-Gonnard
371165aec0 analyze_outcomes: useless ignores are now errors
Change from iterating on all available tests to iterating on tests with
an outcome: initially we were iterating on available tests but
immediately ignoring those that were always skipped. That last part
played poorly with the new error (we want to know if the test ignored
due to a pattern was skipped in the reference component), but when
removing it, we were left with iterating on all available tests then
skipping those that don't have outcomes entries: this is equivalent to
iterating on tests with an outcome entry, which is more readable.

Also, give an error if the outcome file contains no passing test from
the reference component: probably means we're using the wrong outcome
file.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:17:35 +02:00
Manuel Pégourié-Gonnard
881ce01db3 analyze_outcomes: add regex match for ignored tests
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:17:35 +02:00
Manuel Pégourié-Gonnard
4da369f741 analyze_outcomes: minor code cleanup
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:17:35 +02:00
Valerio Setti
287f6d1f5c all.sh: unset MBEDTLS symbols for modes/keys only when !PSA_CRYPTO_CONFIG
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
862021a118 all.sh: improve comments in common_test_full_no_cipher_with_psa_crypto
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
5b4039f36d all.sh: rename common config/test function
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
4529d65e30 all.sh: improve test_full_no_cipher()
- remove unnecessary disabled items (most of them were already
  disabled automatically once MBEDTLS_SSL_TLS_C was disabled)
- improve dependencies' comments, especially the last one which
  list items depending on PSA_CRYPTO_C

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
fb0b0ffaa4 all.sh: keep symbols that don't depend on CIPHER_C (directly or indirectly)
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
c84d940704 all.sh: fix comments in common_test_full_no_cipher_with_crypto()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
df17a102e5 all.sh: replace minus sign in text messages with "no"
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
36fe8b9f4b psa_crypto_cipher: add guard for unused variable
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
1e21f26d88 psa_crypto_cipher: add helper to validate PSA cipher values
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
7e710e8272 all.sh: add components as full_no_cipher with CRYPTO_C and CRYPTO_CONFIG
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00
Valerio Setti
4a249828a8 psa_crypto_cipher: add mbedtls_cipher_values_from_psa()
This commit splits mbedtls_cipher_info_from_psa() in 2 parts:

- mbedtls_cipher_values_from_psa() that performs parameters' validation and
  return cipher's values

- mbedtls_cipher_info_from_psa() which then use those values to return
  the proper cipher_info pointer. Of course this depends on CIPHER_C.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00
Valerio Setti
2c2adedd82 psa_crypto_aead: add guard for CIPHER_C dependency
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00
Valerio Setti
c5d9dd262b adjust_psa_from_legacy: enable ALG_STREAM_CIPHER on when CIPHER_C is defined
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00
Valerio Setti
c1d50b6314 check_config: fix dependency of PSA_CRYPTO_C on CIPHER_C
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00
Bence Szépkúti
51328162e6
Merge pull request #8374 from sergio-nsk/sergio-nsk/8372/2
Fix compiling AESNI in Mbed-TLS with clang on Windows
2023-10-26 21:21:01 +00:00
Dave Rodgman
2db1e354e3
Merge pull request #8408 from daverodgman/iar-fix-aes
Fix MBEDTLS_MAYBE_UNUSED for IAR
2023-10-26 15:53:11 +00:00
Gilles Peskine
b3d0ed2e6e
Merge pull request #8303 from valeriosetti/issue6316
Add test component with all ciphers and AEADs accelerated only
2023-10-26 15:53:10 +00:00
Gilles Peskine
e960ddd3df
Merge pull request #8306 from yanesca/psa_threads_design
Add the PSA threading design to the documentation
2023-10-26 15:53:10 +00:00
Gilles Peskine
4f144093ba
Merge pull request #8294 from gilles-peskine-arm/test-datax-chdir
Support running unit tests from another directory
2023-10-26 15:53:10 +00:00
Tom Cosgrove
257f6dd57d Fix builds in conda-forge, which doesn't have CLOCK_BOOTTIME
Fixes #8422

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-10-26 14:04:34 +01:00
Janos Follath
a365efc6f1 Threading design: fix internal links
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-10-26 10:22:55 +01:00
Ronald Cron
95b735530c
Merge pull request #6719 from yuhaoth/pr/tls13-early-data-add-early-data-of-client-hello
TLS 1.3: EarlyData SRV: Add early data extension parser.
2023-10-26 08:31:53 +00:00
Gilles Peskine
5d055f8206
Merge pull request #7844 from mpg/ssl-progs-usage
Fix usage & error reporting in SSL programs
2023-10-26 08:19:25 +00:00
Valerio Setti
507e08f9af analyze_outcomes: update cipher/aead data
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-26 10:05:01 +02:00
Valerio Setti
bbc46b4cc2 cipher: improve code readibility in mbedtls_cipher_setup()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-26 09:00:21 +02:00
Gilles Peskine
cc2bbfe905 Fix invocation with explicit .datax file
Don't chdir when invoking a test suite executable with an explicit .datax
file. The point of the chdir is to automatically find the .datax file (and
the relative location of the data_files directory) in typical cases. This
conflicts with the expectation that passing a relative path to a .datax file
will work.

(This is what I had originally intended, and what is documented in the
comment, but I forgot to add the argc check in the initial commit.)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-25 17:45:50 +02:00
Gilles Peskine
bf3c3fa122 Define try_chdir everywhere
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-25 17:43:10 +02:00
Dave Rodgman
d1c4fb07ee Support older IAR versions
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 15:07:35 +01:00
Valerio Setti
ad8b7f0306 all.sh: accelerate ALG_[STREAM_CIPHER/ECB_NO_PADDING] in accel_cipher_aead()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-25 12:39:50 +02:00
Valerio Setti
97454fde54 all.sh: accelerate CMAC in test_psa_crypto_config_accel_cipher_aead()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-25 12:27:12 +02:00
Valerio Setti
3b1559060a test_suite_psa_crypto: replace builtin dependencies with PSA_WANT
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-25 12:03:36 +02:00
Valerio Setti
9d9b4b547f test_suite_cipher: use TEST_ASSUME() to evaluate supported ciphers
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-25 12:03:36 +02:00
Valerio Setti
5cd18f9150 analyze_oucomes.py: ignore line-too-long error for skipped tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-25 12:03:36 +02:00