Commit graph

28133 commits

Author SHA1 Message Date
Valerio Setti
d531dab4f6 check_config: let SSL_TLS depend on either CIPHER_C or USE_PSA_CRYPTO
TLS code already implements proper dispatching to either
builtin or PSA implementations based on USE_PSA guards, so we can
improve the check_config guards to reflect this.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:36:32 +01:00
Valerio Setti
852d26c70d all.sh: enable SSL_TLS and SSL_TICKET in full_no_cipher with PSA_CRYPTO
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:36:32 +01:00
Valerio Setti
3fe105b042 all.sh: fix test components using accelerated curves
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:08:12 +01:00
Valerio Setti
05c25cbaf9 test_driver_extension: manage curves' acceleration the same as other PSA_WANT symbols
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:07:18 +01:00
Manuel Pégourié-Gonnard
c51c411cc1 analyze_outcome: only warn on ignored tests that pass
The previous check also warned when on tests that were already skipped
in the reference config, which are not really a problem. The purpose of
this "uselessly ignored" check is to make sure that the ignore list
(together with the config common to driver and reference in all.sh)
always correct reflects what works or doesn't in driver-only builds. For
this it's enough to warn when a test is ignored but passing.

The previous, stricter check, was causing issues like:

Error: uselessly ignored: test_suite_pkcs12;PBE Encrypt, pad = 8 (PKCS7 padding disabled)
Error: uselessly ignored: test_suite_pkcs12;PBE Decrypt, (Invalid padding & PKCS7 padding disabled)
Error: uselessly ignored: test_suite_pkcs5;PBES2 Decrypt (Invalid padding & PKCS7 padding disabled)

These are skipped in the reference config because is has PKCS7 padding
enabled, and that's OK.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-30 10:21:22 +01:00
Manuel Pégourié-Gonnard
cd84a290a9 analyze_outcomes: use regexes for cipher/aead
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-30 10:21:15 +01:00
Manuel Pégourié-Gonnard
f1c09a389e
Merge pull request #8119 from valeriosetti/issue8048
PSA crypto should not depend on the cipher module
2023-10-30 08:10:06 +00:00
Pengyu Lv
cfb23b8090 tls13: server: parse pre_shared_key only when some psk is selectable
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-30 15:26:26 +08:00
Beniamin Sandu
3bca7817e5 tests/scripts/all.sh: add test for 32-bit AES-NI intrinsics with clang
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
2023-10-27 17:02:22 +01:00
Beniamin Sandu
800f2b7c02 AES-NI: use target attributes for x86 32-bit intrinsics
This way we build with 32-bit gcc/clang out of the box.
We also fallback to assembly for 64-bit clang-cl if needed cpu
flags are not provided, instead of throwing an error.

Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
2023-10-27 17:02:22 +01:00
Tomás González
7f2cddb1ae check_test_cases: Minor documentation change
* Make an iteration comment generic to every file it may affect
   instead of making it specific a particular file.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:46:23 +01:00
Tomás González
4fc582461b compat.sh: Rename list_test_case to list_test_cases
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
cfe68a0cb6 ssl-opt.sh: Make record_outcome record the ssl-opt.sh file only
Ignore the test suite name as file from opt-testcases cannot
actually be called separately.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
51cb704342 Avoid using print_name when --list-test-cases is used
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
378e364c3c ssl-opt.sh: Correct print format for test cases' names
Avoid printing an extra space when using the --list-test-cases
option.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
12787c9ba5 Remove invalid -l option from test scripts
The -l option mentioned in previous commits for both ssl-opt.sh and
compat.sh scripts should only be a --list-test-cases option.

Remove -l option from the help list.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
38ecf9fa1e check_test_cases: Avoid removing duplicated test cases
One of the jobs of check_test_cases is to check for duplicate test
descriptions and to have them ordered:

 * Stop using a set to collect the different test cases from the
   test scripts.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
4a86da2460 check_test_cases: Unify walk_compat_sh and walk_opt_sh into one
walk_compat_sh and walk_opt_sh are basically the same now, so:

 * Merge them into one function.
 * Use the --list-test-cases option for both of them.
 * Rename this merged function as collect_from_script which seems
   more appropriate as since it isn't iterating the script but
   calling it.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
37a8739e4d ssl-opt.sh: Don't affect the order at which functions are printed
When adding the LIST_TESTS option, print_name can be called
before checking if the test case should be excluded or not.
Change this back to its previous state while still taking into
account the LIST_TESTS option.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
be2c66e548 ssl-opt.sh: Simplify the implementation of the -l option
Instead of verifying if the LIST_TESTS variable has been set in
every function to avoid using the P_QUERY variable and avoid
calling a program that has not necessarily been compiled yet:

 * Define P_QUERY=":" when LIST_TESTS has been set.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:15 +01:00
Tomás González
06956a12aa Skip unnecessary logic when -l option is used
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:43:14 +01:00
Tomás González
f162b4f497 Only use CONFIGS_ENABLED when not listing tests
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
0e8a08a1f7 Get options at beginning of program
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
787428a08c Avoid skipping test when printing
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
3a65d6368a Remove formatted string to make pylint happy
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
970b39fb38 tests/check_test_cases: Use subprocess.check_output instead of run
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
079eaee8ca Use file_name parameter in walk_ssl_opt_sh()
Remove hardcoded file_name and use the parameter provided in the
function.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
546fc9ce9e Revert "Add opt-testcases into check list"
ssl-opt.sh now takes care of looking at the files in the
opt-testcases subdirectory, so use ssl-opt.sh directly
in walk_ssl_opt_sh().

 * Revert commit f17a60f147.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
754f8cd959 tests/check_test_cases: Use ssl-opt.sh -l option instead of parsing
* Use the newly added ssl-opt.sh -l option to list all the tests
   cases and their used parameters instead of having to parse the
   file to discover them. This avoids having to add further parsing
   complexity in the future as discussed in
   https://github.com/Mbed-TLS/mbedtls/pull/8080#issuecomment-1681064743

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Tomás González
24552ff84e ssl-opt/run_test: Introduce -l option to list test case names
* Add an option in ssl-opt test case to list all the run_test calls
   and their names. This allows to show the parameters used and can
   make us avoid having to parse ssl-opt to look for extra
   parameters in the future.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-10-27 11:29:28 +01:00
Manuel Pégourié-Gonnard
d36a37f0de analyze_outcomes: ignore patterns apply to whole suite
This may come in handy when ignoring patterns in test_suite_cipher for
example which is split in several .data files where we'll want to ignore
the same patterns.

Currently none of the entries had a '.' in the test suite name, so this
doesn't change anything for existing entries.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:19:36 +02:00
Manuel Pégourié-Gonnard
9d9c2344ea analyze_outcome: Simplify some code
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:19:00 +02:00
Manuel Pégourié-Gonnard
b26954375f analyze_outcome: work around old Python in CI
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:18:52 +02:00
Manuel Pégourié-Gonnard
62d6131e5e analyze_outcomes: minor output fix
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:18:52 +02:00
Manuel Pégourié-Gonnard
4fd5a6ac9e analyze_outcomes: use regexes with ECC components
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:18:51 +02:00
Manuel Pégourié-Gonnard
b4558bd6e4 analyze_outcomes: remove useless ignore entries
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:17:35 +02:00
Manuel Pégourié-Gonnard
371165aec0 analyze_outcomes: useless ignores are now errors
Change from iterating on all available tests to iterating on tests with
an outcome: initially we were iterating on available tests but
immediately ignoring those that were always skipped. That last part
played poorly with the new error (we want to know if the test ignored
due to a pattern was skipped in the reference component), but when
removing it, we were left with iterating on all available tests then
skipping those that don't have outcomes entries: this is equivalent to
iterating on tests with an outcome entry, which is more readable.

Also, give an error if the outcome file contains no passing test from
the reference component: probably means we're using the wrong outcome
file.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:17:35 +02:00
Manuel Pégourié-Gonnard
881ce01db3 analyze_outcomes: add regex match for ignored tests
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:17:35 +02:00
Manuel Pégourié-Gonnard
4da369f741 analyze_outcomes: minor code cleanup
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-27 09:17:35 +02:00
Valerio Setti
287f6d1f5c all.sh: unset MBEDTLS symbols for modes/keys only when !PSA_CRYPTO_CONFIG
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
862021a118 all.sh: improve comments in common_test_full_no_cipher_with_psa_crypto
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
5b4039f36d all.sh: rename common config/test function
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
4529d65e30 all.sh: improve test_full_no_cipher()
- remove unnecessary disabled items (most of them were already
  disabled automatically once MBEDTLS_SSL_TLS_C was disabled)
- improve dependencies' comments, especially the last one which
  list items depending on PSA_CRYPTO_C

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
fb0b0ffaa4 all.sh: keep symbols that don't depend on CIPHER_C (directly or indirectly)
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
c84d940704 all.sh: fix comments in common_test_full_no_cipher_with_crypto()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
df17a102e5 all.sh: replace minus sign in text messages with "no"
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
36fe8b9f4b psa_crypto_cipher: add guard for unused variable
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
1e21f26d88 psa_crypto_cipher: add helper to validate PSA cipher values
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
7e710e8272 all.sh: add components as full_no_cipher with CRYPTO_C and CRYPTO_CONFIG
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00
Valerio Setti
4a249828a8 psa_crypto_cipher: add mbedtls_cipher_values_from_psa()
This commit splits mbedtls_cipher_info_from_psa() in 2 parts:

- mbedtls_cipher_values_from_psa() that performs parameters' validation and
  return cipher's values

- mbedtls_cipher_info_from_psa() which then use those values to return
  the proper cipher_info pointer. Of course this depends on CIPHER_C.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00