Commit graph

6913 commits

Author SHA1 Message Date
Przemek Stekiel
cc59c998d8 test_suite_ssl: make PSA build independent on MD module
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-01 14:29:56 +02:00
Manuel Pégourié-Gonnard
1e48445aa0
Merge pull request #6104 from superna9999/6097-remove-useless-md-in-test
Remove useless use of MD in test functions
2022-07-28 11:35:56 +02:00
Dave Rodgman
aba26d0099
Merge pull request #5963 from tom-daubney-arm/remove_ssl_compression_new
Remove use of SSL session compression
2022-07-28 10:28:23 +01:00
Manuel Pégourié-Gonnard
f6b8c3297a
Merge pull request #6065 from mpg/explore2
Driver-only hashes: RSA 1.5 and PK + strategy doc
2022-07-28 10:43:38 +02:00
Thomas Daubney
20f89a9605 Remove uses of SSL compression
Remove or modify current uses of session compression.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-07-26 16:13:03 +01:00
Ronald Cron
e579ece305
Merge pull request #6087 from yuhaoth/pr/add-tls13-serialize_session_save_load
TLS 1.3: Add serialize session save load
I can see that https://github.com/Mbed-TLS/mbedtls/pull/6087#discussion_r927935696 and https://github.com/Mbed-TLS/mbedtls/pull/6087#discussion_r924252403 are addressed in  #6123. Thus I am ok to merge it as it is.
2022-07-23 08:57:11 +02:00
Ronald Cron
340c559cb3
Merge pull request #6079 from yuhaoth/pr/add-tls13-parse-pre_shared_key_offered_psks
TLS 1.3: PSK: Add parser/writer of pre_shared_key extension on server side.
2022-07-23 08:50:45 +02:00
Jerry Yu
6ac7c0349a TLS 1.3: Add session test checks
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:09:40 +08:00
Jerry Yu
bc7c1a4260 fix typo/format/name issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:09:40 +08:00
Jerry Yu
24e385519e Add reconnect test
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:09:37 +08:00
Jerry Yu
f092629997 Add save load test for tls13
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
a180f99a55 Add load-save tests for tls13
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
1ac476cc1e Add save buf size test for tls13
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
6e8fec2908 add session serialization load buf
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
534ff400d4 Add serialize_version_check for tls13
Add population session also

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Ronald Cron
4beb870fa8
Merge pull request #6064 from xkqian/tls13_add_psk
Add psk code to tls13 client side
2022-07-22 11:35:05 +02:00
Manuel Pégourié-Gonnard
0aabb6d8b9 Fix dependency in test_suite_pk
When USE_PSA is disabled and ECDSA_DETERMINISTIC is enabled, generating
ECDSA signatures via PK requires use of the hash via the MD layer (in
HMAC-DRBG, used by deterministic ECDSA).

When USE_PSA is enabled, ECDSA signatures via PK go through PSA which
always uses non-deterministic ECDSA, so does not rely on HMAC-DRBG/MD.

The condition used here is slightly too strong, but expressing exactly
the optimal condition seems more effort than it's worth for just 3 test
cases.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-22 10:55:06 +02:00
Dave Rodgman
87276a326f
Merge pull request #5952 from tuvshinzayaArm/add-missing-break
Add missing break
2022-07-21 15:25:40 +01:00
Ronald Cron
32578b3bd0
Merge pull request #6069 from yuhaoth/pr/add-tls13-write-new-session-ticket
TLS 1.3:add tls13 write new session ticket
Validated by the internal CI and Travis.
2022-07-21 16:17:35 +02:00
Ronald Cron
34e90fac27 TLS 1.3: tests: Allow PSK exchange mode on GnuTLS server
Allow PSK exchange mode on GnuTLS server for
NewSessionTicket message test as otherwise
the GnuTLS server does not send tickets.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-07-21 15:31:14 +02:00
XiaokangQian
3ad67bf4e3 Rename functions and add test messages
Change-Id: Iab51b031ae82d7b2d384de708858be64be75f9ed
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-07-21 15:30:04 +02:00
XiaokangQian
088c92977e Remove useless force cipher suite
Change-Id: Ib217806b4d44dea11515dd3ee1463d29431d70bb
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-07-21 15:30:04 +02:00
XiaokangQian
adab9a6440 Fix transcript issues and add cases against openssl
Change-Id: I496674bdb79f074368f11beaa604ce17a3062bc3
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-07-21 15:30:04 +02:00
XiaokangQian
eb69aee6af Add psk code to tls13 client side
Change-Id: I222b2c9d393889448e5e6ad06638536b54edb703
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-07-21 15:30:04 +02:00
Manuel Pégourié-Gonnard
db2c80402a Fix dependencies in test_suite_pk
Using VIA_MD_OR_PSA_BASED_ON_USE_PSA was justified by the fact that
until a few commits ago, the test functions here computed hashes using
either MD or PSA, depending on whether USE_PSA was defined (which itself
was justified by the loose reasoning that "PK is USE_PSA territory").

A few commits ago, test code stopped computing hashes because the hash
values became part of the test data. PK itself does not compute hashes.
As a result, VIA_MD_OR_PSA_BASED_ON_USE_PSA is no longer justified.

There are now two kinds of tests:
- those that only rely on hash data (ECDSA, RSA PKCS#1 v1.5) should
depend on VIA_LOWLEVEL_OR_PSA as that is the minimal dependency, hence
the one used for data
- those that were the layer below PK will internally compute a hash (RSA
PKCS#1 v2.1): currently this hash is always computed using MD (on which
MBEDTLS_PKCS1_V21 depends), so legacy dependencies like MBEDTLS_SHA256_C
should be used for now. The previous dependency was morally wrong, it
didn't show in the driver-only tests only because PKCS#1 v2.1 is
disabled in this test for now.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-21 13:34:46 +02:00
Manuel Pégourié-Gonnard
73692b7537 Rework macros expressing dependencies
Fix usage with sed:

s/MBEDTLS_OR_PSA_WANT_\([A-Z_0-9]*\)/MBEDTLS_HAS_\1_VIA_LOWLEVEL_OR_PSA/
s/MBEDTLS_USE_PSA_WANT_\([A-Z_0-9]*\)/MBEDTLS_HAS_\1_VIA_MD_OR_PSA_BASED_ON_USE_PSA/

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-21 12:11:53 +02:00
Jerry Yu
96a2e368dc TLS 1.3: Add pre-shared-key multiple psk parser
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-21 18:00:13 +08:00
Jerry Yu
4a2ea16aed remove forcecipher for psk test
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-21 16:19:50 +08:00
Jerry Yu
36847820fa add tests for offered psk parser
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-21 16:19:50 +08:00
Jerry Yu
f7b5b59a92 Add tests for write new session ticket
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 22:41:00 +08:00
Dave Rodgman
7085aa42ee
Merge pull request #5896 from wernerlewis/aes_shallow_copy
Refactor AES context to be shallow-copyable
2022-07-20 15:16:37 +01:00
Neil Armstrong
0270b9f5a4 Rm useless use of MD in PKCS#1v2.1 test functions
We had a message in the data file, and were computing its hash in the
test function. It is more efficient (and simpler when it comes to
dependencies) to directly have the message hash in the data file.

It was probably this way because some test vectors provide the message
for the sake of all-in-one implementation that hash-and-sign at once.
But our API gets a hash as the input and signs it. In unit tests, this
should be reflected in the signature of the test function, which should
take a hash as input.

The changes to the .data file were done using the following python
script:

import hashlib

suite = 'pkcs1_v21'

functions = {
        'pkcs1_rsassa_pss_sign': (6, 8),
        'pkcs1_rsassa_pss_verify': (4, 6),
        'pkcs1_rsassa_pss_verify_ext': (4, 8),
}

def hash_ctx(s):
    if s == 'MBEDTLS_MD_MD5':
        return hashlib.md5()
    if s == 'MBEDTLS_MD_SHA1':
        return hashlib.sha1()
    if s == 'MBEDTLS_MD_SHA224':
        return hashlib.sha224()
    if s == 'MBEDTLS_MD_SHA256':
        return hashlib.sha256()
    if s == 'MBEDTLS_MD_SHA384':
        return hashlib.sha384()
    if s == 'MBEDTLS_MD_SHA512':
        return hashlib.sha512()

def fix(l):
    parts = l.rstrip().split(":")

    fun = parts[0]
    if fun not in functions:
        return l

    (digest_idx, msg_idx) = functions[fun]

    alg_str = parts[digest_idx]
    if alg_str == "MBEDTLS_MD_NONE":
        return l
    h = hash_ctx(alg_str)

    msg_str = parts[msg_idx]
    msg_hex = msg_str[1:-1]
    msg = bytes.fromhex(msg_hex)
    h.update(msg)
    msg_hash = h.hexdigest()
    msg_hash_str = '"' + msg_hash + '"'

    parts[msg_idx] = msg_hash_str
    return ":".join(parts) + '\n'

filename = 'tests/suites/test_suite_' + suite + '.data'
with open(filename) as f:
    lines = f.readlines()

lines = [fix(l) for l in lines]

with open(filename, 'w') as f:
    f.writelines(lines)

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-07-20 09:34:20 +02:00
Jerry Yu
a357cf4d4c Rename new_session_ticket state
Both client and server side use
`MBEDTLS_SSL_NEW_SESSION_TICKET` now

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 11:07:29 +08:00
Jerry Yu
29ab32d0e5 Add client side tests
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 11:07:29 +08:00
Neil Armstrong
5ea65173fb Rm useless use of MD in ECDSA test functions
We had a message in the data file, and were computing its hash in the
test function. It is more efficient (and simpler when it comes to
dependencies) to directly have the message hash in the data file.

It was probably this way because some test vectors provide the message
for the sake of all-in-one implementation that hash-and-sign at once.
But our API gets a hash as the input and signs it. In unit tests, this
should be reflected in the signature of the test function, which should
take a hash as input.

The changes to the .data file were done using the following python
script:

import hashlib

suite = 'ecdsa'

functions = {
        'ecdsa_det_test_vectors': (3, 4),
        'ecdsa_write_restart': (3, 4),
}

def hash_ctx(s):
    if s == 'MBEDTLS_MD_MD5':
        return hashlib.md5()
    if s == 'MBEDTLS_MD_SHA1':
        return hashlib.sha1()
    if s == 'MBEDTLS_MD_SHA224':
        return hashlib.sha224()
    if s == 'MBEDTLS_MD_SHA256':
        return hashlib.sha256()
    if s == 'MBEDTLS_MD_SHA384':
        return hashlib.sha384()
    if s == 'MBEDTLS_MD_SHA512':
        return hashlib.sha512()

def fix(l):
    parts = l.rstrip().split(":")

    fun = parts[0]
    if fun not in functions:
        return l

    (alg_idx, msg_idx) = functions[fun]

    alg_str = parts[alg_idx]
    if alg_str == "MBEDTLS_MD_NONE":
        return l
    h = hash_ctx(alg_str)

    msg_str = parts[msg_idx][1:-1]
    h.update(msg_str.encode('ascii'))
    msg_hash = h.hexdigest()
    msg_hash_str = '"' + msg_hash.upper() + '"'

    parts[msg_idx] = msg_hash_str
    return ":".join(parts) + '\n'

filename = 'tests/suites/test_suite_' + suite + '.data'
with open(filename) as f:
    lines = f.readlines()

lines = [fix(l) for l in lines]

with open(filename, 'w') as f:
    f.writelines(lines)

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-07-19 21:03:29 +02:00
Manuel Pégourié-Gonnard
abac037a7b Migrate from old inline to new actual function.
This is mostly:

    sed -i 's/mbedtls_psa_translate_md/mbedtls_hash_info_psa_from_md/' \
    library/*.c tests/suites/*.function

This should be good for code size as the old inline function was used
from 10 translation units inside the library, so we have 10 copies at
least.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-18 21:28:38 +02:00
Manuel Pégourié-Gonnard
4772884133 New internal module for managing hash information
Using static inline functions is bad for code size; the function from
md_internal.h was already used from 3 different C files, so already was
copied at least 3 times in the library, and this would only get worse
over time.

Use actual functions, and also share the actual data between them.

Provide a consistent set of operations. Conversion to/from
human-readable string was omitted for now but could be added later if
needed.

In the future, this can be used to replace other similar (inline)
functions that are currently scattered, including (but perhaps not
limited to):
- mbedtls_psa_translate_md() from psa_util.h
- mbedtls_md_info_from_psa() (indirectly) from psa_crypto_hash.h
- get_md_alg_from_psa() from psa_crypto_rsa.c

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-18 21:28:38 +02:00
Ronald Cron
d5b1eb51db
Merge pull request #6078 from yuhaoth/pr/add-tls13-paser-psk-kex-mode-ext
TLS 1.3: PSK: Add parser of psk kex mode ext on server side
2022-07-18 11:34:24 +02:00
Manuel Pégourié-Gonnard
4608c48b0c Rm useless use of MD in PK test functions
Same rationale as previous "Rm useless use of MD" commits.

Here the first two test functions were already not depending on MD_C,
but the new version is much simpler, as it avoids having two versions of
the code depending on the value of USE_PSA.

Changes to the data file generated with the following Python script:

import hashlib

suite = 'pk'
functions = {
        'pk_rsa_verify_test_vec': (2, 1, True),
        'pk_rsa_verify_ext_test_vec': (2, 1, True),
        'pk_sign_verify_restart': (6, 7, False),
}

def hash_ctx(s):
    if s == 'MBEDTLS_MD_MD5':
        return hashlib.md5()
    if s == 'MBEDTLS_MD_SHA1':
        return hashlib.sha1()
    if s == 'MBEDTLS_MD_SHA224':
        return hashlib.sha224()
    if s == 'MBEDTLS_MD_SHA256':
        return hashlib.sha256()
    if s == 'MBEDTLS_MD_SHA384':
        return hashlib.sha384()
    if s == 'MBEDTLS_MD_SHA512':
        return hashlib.sha512()
    if s == 'MBEDTLS_MD_RIPEMD160':
        return hashlib.new("ripemd160")

def fix(l):
    parts = l.rstrip().split(":")

    fun = parts[0]
    if fun not in functions:
        return l

    (alg_idx, msg_idx, is_hex) = functions[fun]

    alg_str = parts[alg_idx]
    if alg_str == "MBEDTLS_MD_NONE" or alg_str == "255":
        return l
    h = hash_ctx(alg_str)

    msg_str = parts[msg_idx][1:-1]
    msg = bytes.fromhex(msg_str) if is_hex else bytes(msg_str, 'ascii')
    h.update(msg)
    msg_hash = h.hexdigest()
    msg_hash_str = '"' + msg_hash + '"'

    parts[msg_idx] = msg_hash_str
    return ":".join(parts) + '\n'

filename = 'tests/suites/test_suite_' + suite + '.data'
with open(filename) as f:
    lines = f.readlines()

lines = [fix(l) for l in lines]

with open(filename, 'w') as f:
    f.writelines(lines)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-18 10:55:56 +02:00
Manuel Pégourié-Gonnard
5ef4e8d9b9 Don't depend on strong entropy for RSA tests
Tests are not here to demonstrate best practice, but to test a specific
part of the code. Using an RNG provided by the test framework also makes
the test code more focused on what we actually mean to test.

This brings the number of tests skipped in test_suite_rsa in
test_psa_crypto_config_accel_hash_use_psa down to 0 (from 50).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-16 08:57:19 +02:00
Manuel Pégourié-Gonnard
1d1174a5c3 Rm spurious declared dependency in test_suite_rsa
Probably the result of copy-pasting: the test functions actually don't
use those modules at all.

This brings the number of tests skipped in test_suite_rsa in
test_psa_crypto_config_accel_hash_use_psa down to 50 (from 61).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-16 08:41:34 +02:00
Manuel Pégourié-Gonnard
236c4e22f7 Adjust test dependencies after last commit
This brings the number of tests skipped in test_suite_rsa in
test_psa_crypto_config_accel_hash_use_psa down to 61 (from 117).

The changes to the test data file were generated with:

    sed -i -f or_psa_hash.sed tests/suites/test_suite_rsa.data

with or_psa_hash.sed containing:

    s/MBEDTLS_MD5_C/MBEDTLS_OR_PSA_WANT_ALG_MD5/g
    s/MBEDTLS_RIPEMD160_C/MBEDTLS_OR_PSA_WANT_ALG_RIPEMD160/g
    s/MBEDTLS_SHA1_C/MBEDTLS_OR_PSA_WANT_ALG_SHA_1/g
    s/MBEDTLS_SHA224_C/MBEDTLS_OR_PSA_WANT_ALG_SHA_224/g
    s/MBEDTLS_SHA256_C/MBEDTLS_OR_PSA_WANT_ALG_SHA_256/g
    s/MBEDTLS_SHA384_C/MBEDTLS_OR_PSA_WANT_ALG_SHA_384/g
    s/MBEDTLS_SHA512_C/MBEDTLS_OR_PSA_WANT_ALG_SHA_512/g

Here the MBEDTLS_OR_PSA_xxx macros are the right choice as we just need
data about the hashes to be available.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-16 08:38:35 +02:00
Manuel Pégourié-Gonnard
a4aa12f0a1 Rm useless use of MD in RSA test functions
Same rationale as two commits ago.

Changes to the data file generated with the following script:

import hashlib

suite = 'rsa'
functions = {
        'mbedtls_rsa_pkcs1_sign': (3, 1),
        'mbedtls_rsa_pkcs1_verify': (3, 1),
}

def hash_ctx(s):
    if s == 'MBEDTLS_MD_MD5':
        return hashlib.md5()
    if s == 'MBEDTLS_MD_SHA1':
        return hashlib.sha1()
    if s == 'MBEDTLS_MD_SHA224':
        return hashlib.sha224()
    if s == 'MBEDTLS_MD_SHA256':
        return hashlib.sha256()
    if s == 'MBEDTLS_MD_SHA384':
        return hashlib.sha384()
    if s == 'MBEDTLS_MD_SHA512':
        return hashlib.sha512()
    if s == 'MBEDTLS_MD_RIPEMD160':
        return hashlib.new("ripemd160")

def fix(l):
    parts = l.rstrip().split(":")

    fun = parts[0]
    if fun not in functions:
        return l

    (alg_idx, msg_idx) = functions[fun]

    alg_str = parts[alg_idx]
    if alg_str == "MBEDTLS_MD_NONE" or alg_str == "255":
        return l
    h = hash_ctx(alg_str)

    msg_str = parts[msg_idx]
    msg_hex = msg_str[1:-1]
    msg = bytes.fromhex(msg_hex)
    h.update(msg)
    msg_hash = h.hexdigest()
    msg_hash_str = '"' + msg_hash + '"'

    parts[msg_idx] = msg_hash_str
    return ":".join(parts) + '\n'

filename = 'tests/suites/test_suite_' + suite + '.data'
with open(filename) as f:
    lines = f.readlines()

lines = [fix(l) for l in lines]

with open(filename, 'w') as f:
    f.writelines(lines)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-16 08:20:26 +02:00
Manuel Pégourié-Gonnard
5ce9959185 Adjust test dependencies after last commit
This brings the number of tests skipped in test_suite_pkcs1_v15 in
test_psa_crypto_config_accel_hash_use_psa to 0.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-16 08:07:51 +02:00
Manuel Pégourié-Gonnard
a9e1d9953e Rm useless use of MD in PKCS#1v1.5 test functions
We had a message in the data file, and were computing its hash in the
test function. It is more efficient (and simpler when it comes to
dependencies) to directly have the message hash in the data file.

It was probably this way because some test vectors provide the message
for the sake of all-in-one implementation that hash-and-sign at once.
But our API gets a hash as the input and signs it. In unit tests, this
should be reflected in the signature of the test function, which should
take a hash as input.

The changes to the .data file were done using the following python
script:

import hashlib

suite = 'pkcs1_v15'

functions = {
        'pkcs1_rsassa_v15_sign': (10, 12),
        'pkcs1_rsassa_v15_verify': (6, 8),
}

def hash_ctx(s):
    if s == 'MBEDTLS_MD_MD5':
        return hashlib.md5()
    if s == 'MBEDTLS_MD_SHA1':
        return hashlib.sha1()
    if s == 'MBEDTLS_MD_SHA224':
        return hashlib.sha224()
    if s == 'MBEDTLS_MD_SHA256':
        return hashlib.sha256()
    if s == 'MBEDTLS_MD_SHA384':
        return hashlib.sha384()
    if s == 'MBEDTLS_MD_SHA512':
        return hashlib.sha512()

def fix(l):
    parts = l.rstrip().split(":")

    fun = parts[0]
    if fun not in functions:
        return l

    (alg_idx, msg_idx) = functions[fun]

    alg_str = parts[alg_idx]
    if alg_str == "MBEDTLS_MD_NONE":
        return l
    h = hash_ctx(alg_str)

    msg_str = parts[msg_idx]
    msg_hex = msg_str[1:-1]
    msg = bytes.fromhex(msg_hex)
    h.update(msg)
    msg_hash = h.hexdigest()
    msg_hash_str = '"' + msg_hash + '"'

    parts[msg_idx] = msg_hash_str
    return ":".join(parts) + '\n'

filename = 'tests/suites/test_suite_' + suite + '.data'
with open(filename) as f:
    lines = f.readlines()

lines = [fix(l) for l in lines]

with open(filename, 'w') as f:
    f.writelines(lines)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-16 08:07:02 +02:00
Manuel Pégourié-Gonnard
4c1087f474 Use MBEDTLS_OR_PSA_WANT_xxx in test_suite_rsa
The encrypt/decrypt cases don't depend on actually computing a hash,
just on information about it being available, and this information is
guarded by MBEDTLS_OR_PSA_WANT_xxx.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-15 12:08:14 +02:00
Jerry Yu
c52e3bd93b Improve comment
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-14 10:49:47 +08:00
Jerry Yu
299e31f10e fix various issue
- remove unused test case
- add alert message
- improve readabitlity

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-13 23:06:36 +08:00
Manuel Pégourié-Gonnard
3637c516a4 Refine dependencies in test_suite_pkcs1_v15
Having the whole .function file depend on SHA-1 was wrong: dependencies
in .function files are for compile-time dependencies all functions in
this file build just fine without SHA-1. It's just some tests cases that
do need SHA-1 at runtime, use dependencies on those specific tests in
the .data file then.

This reduces the number of cases skipped in this test suite in
test_psa_crypto_config_accel_hash_use_psa from 28 (all of them) down to
12 (those that actually use SHA-1 as opposed to no hash).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-13 12:41:36 +02:00
Paul Elliott
81c69b547a Revert "Revert "Revert "Add generated files for 3.2.0 release"""
This reverts commit 185d24ba0e.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-07-12 11:29:34 +01:00