This commit
- Reverts changes previously done to psa_crypto_helpers.[c,h]
- Implements a new check for open key slots in
mbedtls_test_helper_is_psa_leaking():
- when CTR_DRBG does not use AES_C or PSA does not have an external
RNG, then we allow 1 key slot (it's the one holding the AES key)
- when the above conditions are not met, then we fallback to the
usual check for "no open key slots remaining"
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
When AES_C is not defined CTR_DRBG relies on PSA to get AES-ECB. This
means that, when AES-ECB is accelerated, each random operation goes through
driver access as well. This might result in unexpectedly increased
counters for driver's access.
We add extra counters in test_driver_[cipher/key_management].c to be
more specific on which driver functions are accessed and ignore
extra accesses due to CTR_DRBG.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
When AES_C is not defined, CTR_DRBG relies on PSA to get AES-ECB. This means
that PSA holds an open AES key since psa_crypto_init() is called, which
- reduces the maximum number of available key slots
- shifts the 1st available index
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit also adds AES_PSA_[INIT/DONE] in "psa_crypto_helpers.h". Its
scope is to call PSA_[INIT/DONE] only when AES_C is not defined (which is
when PSA is effectively required for CTR_DRBG).
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Same test cases as in the previous commit.
Remove the redundant symmetric crypto dependency.
The dependency is ensured by the fact that:
1) the test case forces a cipher suite
2) ssl-opt.sh enforces automatically that the
forced ciphersuite is available.
3) The fact that the forced ciphersuite is
available implies that the symmetric
cipher algorithm it uses is available as
well.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Fix some dependencies on symmetric crypto that
were not correct in case of driver but not
builtin support. Revealed by "Analyze driver
test_psa_crypto_config_accel_cipher_aead vs reference
test_psa_crypto_config_reference_cipher_aead" in
analyze_outcomes.py.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This test case is incompatible with sanitizers (e.g. ASan), and thus
skipped. If the driver component uses a sanitizer but the reference
component doesn't, we have a PASS vs SKIP mismatch. Since this test case is
unrelated to drivers, we don't mind ignoring it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
By default, 'sort' sorts characters with system default locale,
which causes unexpected sorting order. To sort characters in ASCII
from computer perspective, export LC_COLLATE=C to specify character
collation for regular expressions and sorting with C locale.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Add new function to build_tree.py to return the crypto
name for the project; either tfpsacrypto or mbedcrypto.
Deploy this function where needed.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
This test case exercises an integer overflow in calloc. Under Asan, with
a modern Clang, this triggers an Asan complaint. The complaint can be
avoided with ASAN_OPTIONS=allocator_may_return_null=1, but this has to
be set in the environment before the program starts, and could hide
other errors.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Also initialize PSA in builds where hashes are PSA-only, for the sake of
encrypted keys (otherwise PBKDF fails).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The idea is to show that there is no more any dependency between
the two symbols:
- component_test_full_no_ccm() keeps ALG_CCM_STAR_NO_TAG enabled,
disables ALG_CCM and ensures that the latter does not get
re-enabled accidentally
- test_full_no_ccm_star_no_tag() keeps ALG_CCM enabled and disables
ALG_CCM_STAR_NO_TAG and ensures that the latter does not get
re-enabled accidentally
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
The original pattern would catch any extension, which could include
things like editor backup files etc, that we'd rather ignore.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Extra features that depend on CIPHER_C are disabled also in the
reference component in order to get test parity.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
For time being, pre_check_tools check armcc and armclang together.
Therefore, we can resue support_build_armcc even if the test only
needs armclang.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
It used to be the case that when an algorithm that uses a hash inside was
accelerated through a PSA driver, it might end up calling a hash algorithm
that is not available from the driver. Since we introduced MBEDTLS_MD_LIGHT,
this no longer happens: PSA accelerated hashes are available to callers of
the MD module, so the test driver can use all available hash algorithms.
Hence the workaround to skip testing certain accelerated cases is no longer
needed.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
RSA will auto-enable MD_LIGHT, we don't need to list MD_C as a
dependency here.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Some are about raw or AES keys where PK seems really unrelated.
The others are about RSA where PK may be relevant, but the necessary
bits of PK are auto-enabled when RSA key types are requested, so we
shouldn't need to list them as dependencies in tests.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Since _DERIVE can't be accelerated now, in
config_adjust_legacy_from_psa.h we will notice and auto-enable ECP_LIGHT
as well as the built-in version of each curve that's supported in this
build. So, we don't need to list those as dependencies here - and they
would cause issues when we add support for _DERIVE drivers.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
There's no reason the tests would depend specifically on our built-in
implementation and not work with drivers, so replace the RSA_C
dependency with the correct PSA_WANT dependencies.
Those 6 cases use two different test functions, but both of those
functions only do `psa_import()`, so all that's needed is PUBLIC_KEY or
KEYPAIR_IMPORT (which implies KEYPAIR_BASIC) depending on the kind of
key being tested.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Most of them were removed in 7162, not sure how these ones slipped in.
There's no reason deterministic ECDSA verification would need PK parse
more than the other tests. The following finds no match:
grep -i pk_parse library/ecdsa.c library/psa_crypto_ecp.c
Even if PK parse was actually needed for this, the right way would be to
auto-enable it based on PSA_WANT symbols, and then only depend on
PSA_WANT symbols here.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Run metatests in some components, covering both GCC and Clang, with ASan,
MSan or neither.
Note that this commit does not cover constant-flow testing builds or Valgrind.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Enforce a specific copyright statement and a specific SPDX license
identifier where they are present.
Binary files, third-party modules and a few other exceptions are not
checked.
There is currently no check that copyright statements and license
identifiers are present.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
If MBEDTLS_BLOCK_CIPHER_NO_DECRYPT, we can't test decrypt for
AES-ECB, so adding this dependency for some test cases
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
tls13 server now does not parse pre-shared key extension unless
there are some psk key exchange modes really available.
For `ephemeral_all/psk_or_ephemeral` configuration pairs, there
wouldn't be any psk key exchange mode available, so the check
of "Pre shared key found" should be inverse.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Some test cases are using encrypted key file, thus have
dependency on low-level block cipher modules (e.g. AES).
This commit adds unencrypted key file so that we could
get rid of those dependencies.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
A new internal function is added to get cipher's info (mode, key bits and
iv len) without relying on CIPHER_C. This function is basically a lookup
table used only for test purposes.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
The previous check also warned when on tests that were already skipped
in the reference config, which are not really a problem. The purpose of
this "uselessly ignored" check is to make sure that the ignore list
(together with the config common to driver and reference in all.sh)
always correct reflects what works or doesn't in driver-only builds. For
this it's enough to warn when a test is ignored but passing.
The previous, stricter check, was causing issues like:
Error: uselessly ignored: test_suite_pkcs12;PBE Encrypt, pad = 8 (PKCS7 padding disabled)
Error: uselessly ignored: test_suite_pkcs12;PBE Decrypt, (Invalid padding & PKCS7 padding disabled)
Error: uselessly ignored: test_suite_pkcs5;PBES2 Decrypt (Invalid padding & PKCS7 padding disabled)
These are skipped in the reference config because is has PKCS7 padding
enabled, and that's OK.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
* Make an iteration comment generic to every file it may affect
instead of making it specific a particular file.
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
Ignore the test suite name as file from opt-testcases cannot
actually be called separately.
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
The -l option mentioned in previous commits for both ssl-opt.sh and
compat.sh scripts should only be a --list-test-cases option.
Remove -l option from the help list.
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
One of the jobs of check_test_cases is to check for duplicate test
descriptions and to have them ordered:
* Stop using a set to collect the different test cases from the
test scripts.
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
walk_compat_sh and walk_opt_sh are basically the same now, so:
* Merge them into one function.
* Use the --list-test-cases option for both of them.
* Rename this merged function as collect_from_script which seems
more appropriate as since it isn't iterating the script but
calling it.
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
When adding the LIST_TESTS option, print_name can be called
before checking if the test case should be excluded or not.
Change this back to its previous state while still taking into
account the LIST_TESTS option.
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
Instead of verifying if the LIST_TESTS variable has been set in
every function to avoid using the P_QUERY variable and avoid
calling a program that has not necessarily been compiled yet:
* Define P_QUERY=":" when LIST_TESTS has been set.
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
ssl-opt.sh now takes care of looking at the files in the
opt-testcases subdirectory, so use ssl-opt.sh directly
in walk_ssl_opt_sh().
* Revert commit f17a60f147.
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
* Use the newly added ssl-opt.sh -l option to list all the tests
cases and their used parameters instead of having to parse the
file to discover them. This avoids having to add further parsing
complexity in the future as discussed in
https://github.com/Mbed-TLS/mbedtls/pull/8080#issuecomment-1681064743
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
* Add an option in ssl-opt test case to list all the run_test calls
and their names. This allows to show the parameters used and can
make us avoid having to parse ssl-opt to look for extra
parameters in the future.
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
This may come in handy when ignoring patterns in test_suite_cipher for
example which is split in several .data files where we'll want to ignore
the same patterns.
Currently none of the entries had a '.' in the test suite name, so this
doesn't change anything for existing entries.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Change from iterating on all available tests to iterating on tests with
an outcome: initially we were iterating on available tests but
immediately ignoring those that were always skipped. That last part
played poorly with the new error (we want to know if the test ignored
due to a pattern was skipped in the reference component), but when
removing it, we were left with iterating on all available tests then
skipping those that don't have outcomes entries: this is equivalent to
iterating on tests with an outcome entry, which is more readable.
Also, give an error if the outcome file contains no passing test from
the reference component: probably means we're using the wrong outcome
file.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
- remove unnecessary disabled items (most of them were already
disabled automatically once MBEDTLS_SSL_TLS_C was disabled)
- improve dependencies' comments, especially the last one which
list items depending on PSA_CRYPTO_C
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Conflicts:
* tests/suites/test_suite_pkparse.data: the dependencies of
"Parse EC Key #3 (SEC1 PEM encrypted)" were updated on both branches
(development: ECP curve; this branch: MD5 hash).
