Commit graph

28664 commits

Author SHA1 Message Date
Valerio Setti
f9362b7324 pk_internal: small renaming for mbedtls_pk_get_group_id()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-29 08:42:27 +01:00
Jerry Yu
d33f7a8c72 improve document
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-29 15:09:21 +08:00
Jerry Yu
71fada10e5 Guards neon path
Old GCC(<7.3) reports warning in NEON path

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-29 10:38:07 +08:00
Jerry Yu
5b96b81980 Revert "fix build warning with arm64 gcc 5.4"
This reverts commit da3c206ebd.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-29 10:25:00 +08:00
Pengyu Lv
550cd6f9b2 Use boolean hit instead of int hits
Also fix a typo in the comments.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-29 09:17:59 +08:00
Ronald Cron
60f76663c0 Align forced ciphersuite with test description
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-11-28 17:52:42 +01:00
Dave Rodgman
c3cd410acf
Merge pull request #8286 from gilles-peskine-arm/check_mbedtls_calloc_overallocation-disable_with_asan
Fix test_suite_platform failure with Asan on modern Clang
2023-11-28 16:48:31 +00:00
Ronald Cron
29ad2d7609 ssl-opt.sh: Remove unnecessary symmetric crypto dependencies
Same test cases as in the previous commit.
Remove the redundant symmetric crypto dependency.
The dependency is ensured by the fact that:
1) the test case forces a cipher suite
2) ssl-opt.sh enforces automatically that the
   forced ciphersuite is available.
3) The fact that the forced ciphersuite is
   available implies that the symmetric
   cipher algorithm it uses is available as
   well.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-11-28 17:44:39 +01:00
Dave Rodgman
c89f7817e1 Use common license header
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-28 16:10:44 +00:00
Dave Rodgman
82d7a875ff Update tests to refer to our tf-m config wrapper
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-28 16:10:37 +00:00
Valerio Setti
bcd305913f pk: move functions to verify RFC8410 group ID to pk_internal
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 16:27:55 +01:00
Ronald Cron
41bc42ac1b ssl-opt.sh: Fix some symmetric crypto dependencies
Fix some dependencies on symmetric crypto that
were not correct in case of driver but not
builtin support. Revealed by "Analyze driver
test_psa_crypto_config_accel_cipher_aead vs reference
test_psa_crypto_config_reference_cipher_aead" in
analyze_outcomes.py.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-11-28 15:59:40 +01:00
Ronald Cron
5b73de8ddb ssl-opt.sh: Add a check of the list of supported ciphersuites
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-11-28 15:59:03 +01:00
Dave Rodgman
410ad44725 Disable hw AES on Arm for IAR
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-28 13:42:17 +00:00
Tom Cosgrove
9e1d2e5727
Merge pull request #8029 from gilles-peskine-arm/fix-MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA
Update old dependency to MBEDTLS_MD_CAN
2023-11-28 13:12:10 +00:00
Valerio Setti
d5604bacc4 pkwrite: add internal defines for proper key buffer sizes
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 14:10:43 +01:00
Valerio Setti
605f03cb76 pkwrite: reorganize code
This commits just moves code around. The goal is to group together
functions by guards and functionality:
- RSA, EC, Opaque
- internal VS public

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 12:46:39 +01:00
Valerio Setti
919e3fa729 check_config: fix guards for PSA builtin implementation of cipher/AEAD
While the PSA builtin implementation of cipher still depends on
CIPHER_C, the same is no more true for AEADs. When CIPHER_C is not
defined, BLOCK_CIPHER_C is used instead, thus making it possible
to support AEADs without CIPHER_C.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 11:45:38 +01:00
Valerio Setti
b1cf8aeda4 adjust_psa_from_legacy: add required CIPHER_C dependencies
Some PSA_WANT symbols do not have a 1:1 matching with legacy ones.
For example, previous to this commit:

- CCM_C enabled both PSA_WANT_ALG_CCM and PSA_WANT_ALG_CCM_STAR_NO_TAG
  even thought the two are not equivalent (authenticated VS
  non-authenticated).
- there was no legacy equivalent for ECB_NO_PADDING

What it is common to both PSA_WANT_ALG_CCM_STAR_NO_TAG and
PSA_WANT_ALG_ECB_NO_PADDING is the fact that the builtin implementation
depends on CIPHER_C. Therefore this commits adds this guards to
select whether or not to enable the above mentioned PSA_WANT symbols.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 11:45:38 +01:00
Valerio Setti
6632a12fa3 all.sh: re-enable CCM/GCM in test_full_no_cipher_with_crypto[_config]()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 11:45:38 +01:00
Dave Rodgman
4edcf693e7 Use latest TF-M config with bare-minimum changes
Move all changes local to Mbed TLS into config-tfm.h (except for commenting
out a couple of #include's).

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-28 10:15:52 +00:00
Dave Rodgman
a326eb990d We no longer need to undef ALT defines
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-28 10:15:52 +00:00
Dave Rodgman
be5489ae98 Simplify test for building P256-M
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-28 10:15:37 +00:00
Dave Rodgman
897bb77c0c Update tf-m tests in all.sh for P256-M
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-28 10:15:11 +00:00
Pengyu Lv
451ec8a4bc Add comment to read_outcome_file in analyze_outcomes.py
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 17:59:05 +08:00
Pengyu Lv
c2e8f3a080 Add type annotations to analyze_outcomes.py
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 17:22:04 +08:00
Manuel Pégourié-Gonnard
11c3fd1f73
Merge pull request #8568 from yanrayw/issue/8356/block_cipher_no_decrypt_cleanup
Driver-only: G1: clean up for BLOCK_CIPHER_NO_DECRYPT
2023-11-28 08:49:48 +00:00
Manuel Pégourié-Gonnard
294f5d7ea9
Merge pull request #8540 from valeriosetti/issue8060
[G2] Make CCM and GCM work with the new block_cipher module
2023-11-28 08:18:45 +00:00
Valerio Setti
854c737db1 pk: use common header/footer macros for pkwrite and pkparse
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 08:37:57 +01:00
Valerio Setti
180915018d pem: auto add newlines to header/footer in mbedtls_pem_write_buffer()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 08:37:06 +01:00
Pengyu Lv
20e3ca391e Run tests for ref_vs_driver outside task function
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 15:30:03 +08:00
Jerry Yu
da3c206ebd fix build warning with arm64 gcc 5.4
GCC 5.4 reports below warning on Arm64
```
warning: 'vst1q_u8' is static but used in inline function 'mbedtls_xor' which is not static
```
This inline function miss `static`, others have the keyword

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-28 14:28:03 +08:00
Pengyu Lv
18908ec276 Define named tuple for component outcomes
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 13:04:11 +08:00
Pengyu Lv
28ae4648a6 Use mutable set all the time
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 11:35:19 +08:00
Pengyu Lv
59b9efc6dd Check if driver_component is missing
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 11:15:00 +08:00
Pengyu Lv
f28cf594b1 Break the loop when case hits
We don't care about the number of hits of the test cases,
so break the iteration when the case hits.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 10:56:29 +08:00
Pengyu Lv
dd1d6a7cca Improve readability of the script
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 10:52:25 +08:00
Pengyu Lv
a1ddcfaef8 Extend the pattern of pkparse test on encrypted keys
These test cases are ignored when analyzing outcomes on
analyze_driver_vs_reference_cipher_aead task.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-28 09:46:01 +08:00
Pengyu Lv
6c927c0795 Merge branch 'development' into review/gilles/update-old-dep-MD_CAN 2023-11-28 09:31:44 +08:00
Gilles Peskine
150002c9f9 Skip calloc overallocation test case
This test case is incompatible with sanitizers (e.g. ASan), and thus
skipped. If the driver component uses a sanitizer but the reference
component doesn't, we have a PASS vs SKIP mismatch. Since this test case is
unrelated to drivers, we don't mind ignoring it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-27 18:24:45 +01:00
Tom Cosgrove
12d8b8eaba
Merge pull request #8539 from tom-daubney-arm/add_test_script_psa_hash
Add Demo Script for PSA Hash Program
2023-11-27 12:13:18 +00:00
Dave Rodgman
4e9d5aa2ba
Merge pull request #8515 from mschulz-at-hilscher/fixes/pragma-error-gcc452
Fix compiler error on gcc 4.5.2.
2023-11-27 11:28:30 +00:00
Dave Rodgman
9fbac381e6
Merge pull request #8326 from daverodgman/aesce-thumb2
Support hw-accelerated AES on Thumb and Arm
2023-11-27 09:58:58 +00:00
Yanray Wang
6f6090d19b tf-m config: update and enable BLOCK_CIPHER_NO_DECRYPT
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-27 15:55:04 +08:00
Yanray Wang
16b00f9522 mbedtls_config: improve documentation for BLOCK_CIPHER_NO_DECRYPT
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-27 15:52:28 +08:00
Paul Elliott
392ed3fe7f Add better documentation for mbedtls_test_mutex_mutex
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-11-24 15:48:28 +00:00
Dave Rodgman
c94f8f1163
Merge pull request #8551 from daverodgman/sign-conversion-part1
Sign conversion part 1
2023-11-24 15:12:00 +00:00
Thomas Daubney
e8f3789312 Revert change that removed in_tf_psa_crypto_repo variable
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-24 11:41:23 +00:00
Dave Rodgman
a3b80386d9 Merge remote-tracking branch 'origin/development' into sign-conversion-part1
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-24 11:27:18 +00:00
Thomas Daubney
6130a619f8 Remove unused variable
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-11-24 10:58:07 +00:00