Commit graph

5897 commits

Author SHA1 Message Date
Paul Elliott
65064265c2 Protect test info access with mutex
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-01-09 18:01:58 +00:00
Paul Elliott
c7a1e9936a Move bignum flag for negative zero into test_info
Add accessors ready for protection with test_info mutex.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-01-09 18:01:58 +00:00
Paul Elliott
4580d4d829 Add accessor helpers for mbedtls_test_info
Step one of being able to control access to mbedtls_test_info with
a mutex.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-01-05 19:13:43 +00:00
Manuel Pégourié-Gonnard
5bad043c06
Merge pull request #8641 from valeriosetti/issue8358
G3-G4 wrap-up
2024-01-04 10:48:00 +00:00
Valerio Setti
e581e140cc oid/pkparse: add missing guards for PKCS[5/12] functions when !CIPHER_C
This commit also updates test_suite_pkparse.data file adding
MBEDTLS_CIPHER_C dependencies whenever PKCS[5/12] is used.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 16:35:58 +01:00
Valerio Setti
a69e872001 pkcs[5/12]: add CIPHER_C for [en/de]crypting functions
This commit also updates corresponding test suites.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-21 16:39:04 +01:00
Gilles Peskine
0e6fdc4f1d
Merge pull request #8342 from yanesca/threading_test_pc
Threading test proof of concept and plan
2023-12-21 12:08:41 +00:00
Tomi Fontanilles
9c69348c24 pk test suite: rename the parameter named parameter
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
2023-12-20 12:59:57 +02:00
Tomi Fontanilles
8174662b64 pk: implement non-PSA mbedtls_pk_sign_ext()
This makes the function always available with its
its implementation depending on MBEDTLS_USE_PSA_CRYPTO.

Related dependencies and tests are updated as well.

Fixes #7583.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
2023-12-20 12:59:57 +02:00
Paul Elliott
22dbaf05b6 Add AES_PSA_INIT() to thread test case
Tests were failing when PSA was being used in ctr_drbg_seed() as PSA was
not initialised.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 18:18:04 +00:00
Paul Elliott
445af3c25a Move test dependancies to function file
Dependancies are determined by code in this case.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
40f0ec246e Remove requirement for SHA512 from ctr_drbg test
Set the entropy len prior to doing the test to ensure the outcome is the
same regardless of whether SHA512 or SHA256 is used.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
bb0e48f94f Make number of threads a test argument
Remove hard coded number of threads.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
fed410f58e Increase entropy buffer sizes
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
811c600d88 Guard tests correctly
All guarded options change output, thus failing the test.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
6a997c9994 Fix code style
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
bda25dd29c Add re-seeding option to test
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Paul Elliott
20b2efa293 Fix missing include
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:33 +00:00
Janos Follath
178bf3ee8a Fix failing multi-threaded unit test
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-12-18 14:49:33 +00:00
Janos Follath
a16ee6b7d4 Add multi-threaded unit test
The unit test we add is designed to fail. The goal is to test the tests
and show that they catch the problem. A later commit will fix the unit
test and will make it pass.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-12-18 14:49:33 +00:00
Dave Rodgman
543d275c68
Merge pull request #8635 from daverodgman/asan-opt
CI perf - prefer clang for Asan
2023-12-15 13:25:02 +00:00
Dave Rodgman
c1f0f5b8af Fix a typo
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-14 23:34:48 +00:00
Dave Rodgman
815b240d72 Fix unused function/variable warnings from clang
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-14 23:20:48 +00:00
Manuel Pégourié-Gonnard
1f67363d6a
Merge pull request #8616 from lpy4105/issue/8553/test-driver-only-rsa
Add test for driver-only RSA (crypto only)
2023-12-14 11:05:55 +00:00
Dave Rodgman
bdba26c8d7
Merge pull request #8626 from davidhorstmann-arm/fix-uninit-mpi-test
Fix possible free of uninitialized MPI
2023-12-13 11:19:00 +00:00
Manuel Pégourié-Gonnard
7404af6ec3
Merge pull request #8599 from valeriosetti/issue8357
G2 wrap-up
2023-12-13 08:17:27 +00:00
David Horstmann
e04a97a1eb Move MPI initialization to start of function
This prevents a call to mbedtls_mpi_free() on uninitialized data when
USE_PSA_INIT() fails.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-12-08 18:34:15 +00:00
Pengyu Lv
d90fbf7769 Adjuest checks in generate_key_rsa suite
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 17:30:33 +08:00
Pengyu Lv
9e976f3649 Conditionally check the attribute of generated RSA key
`psa_get_key_attributes` depends on some built-in
implementation of RSA. Guard the check with coresponding
macros.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 10:22:35 +08:00
Valerio Setti
58d0206f39 test_suite_block_cipher: fix depends_on for Camellia tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 15:24:25 +01:00
Valerio Setti
302a487499 test_driver_key_management: rename counter for export_public_key() hits
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
829ce0facf test_driver_cipher: add forced return status for encrypt and set_iv
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
7ef35a9b3c test_suite_psa_crypto_driver_wrappers: add counter for failing psa_cipher_update()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
83e0de8481 crypto_extra: revert changes to mbedtls_psa_random_free()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
0ca1868fcd test_suite_psa_crypto_driver_wrappers: fix missing hit counter reset before test
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
7448367f68 test_suite_psa_crypto_slot_management: modify check on open key slots
This commit
- Reverts changes previously done to psa_crypto_helpers.[c,h]
- Implements a new check for open key slots in
  mbedtls_test_helper_is_psa_leaking():
   - when CTR_DRBG does not use AES_C or PSA does not have an external
     RNG, then we allow 1 key slot (it's the one holding the AES key)
   - when the above conditions are not met, then we fallback to the
     usual check for "no open key slots remaining"

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
45337a8895 test_suite_psa_crypto_driver_wrappers: add counter for cipher_update()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
6ef82ae39d test_suite_psa_crypto_driver_wrappers: improving driver access counters
When AES_C is not defined CTR_DRBG relies on PSA to get AES-ECB. This
means that, when AES-ECB is accelerated, each random operation goes through
driver access as well. This might result in unexpectedly increased
counters for driver's access.
We add extra counters in test_driver_[cipher/key_management].c to be
more specific on which driver functions are accessed and ignore
extra accesses due to CTR_DRBG.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
0a903db804 test_suite_psa_crypto_slot_management: some fix for available key slots
When AES_C is not defined, CTR_DRBG relies on PSA to get AES-ECB. This means
that PSA holds an open AES key since psa_crypto_init() is called, which
- reduces the maximum number of available key slots
- shifts the 1st available index

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:41 +01:00
Valerio Setti
dc32ac20fd test_suite_[ctr_drbg/random]: initialize/close PSA in tests
This commit also adds AES_PSA_[INIT/DONE] in "psa_crypto_helpers.h". Its
scope is to call PSA_[INIT/DONE] only when AES_C is not defined (which is
when PSA is effectively required for CTR_DRBG).

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:41 +01:00
Janos Follath
c6f1637f8c
Merge pull request #8534 from paul-elliott-arm/fix_mutex_abstraction
Make mutex abstraction and tests thread safe
2023-11-29 13:26:23 +00:00
Dave Rodgman
c3cd410acf
Merge pull request #8286 from gilles-peskine-arm/check_mbedtls_calloc_overallocation-disable_with_asan
Fix test_suite_platform failure with Asan on modern Clang
2023-11-28 16:48:31 +00:00
Pengyu Lv
6c927c0795 Merge branch 'development' into review/gilles/update-old-dep-MD_CAN 2023-11-28 09:31:44 +08:00
Paul Elliott
f25d831123 Ensure mutex test mutex gets free'd
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-11-23 18:49:43 +00:00
Dave Rodgman
8cd4bc4ac2
Merge pull request #8124 from yanrayw/support_cipher_encrypt_only
Support the negative option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
2023-11-23 17:43:00 +00:00
Dave Rodgman
c44042ddbc
Merge pull request #7905 from lpy4105/issue/misc-improvement
misc improvements
2023-11-23 16:20:58 +00:00
Yanray Wang
690ee81533 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-11-23 10:31:26 +08:00
Gilles Peskine
3b2b7f8acf MSan and TSan complain as well, not just ASan
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-22 18:08:17 +01:00
Gilles Peskine
05ebe967be Disable check_mbedtls_calloc overallocation under ASan
This test case exercises an integer overflow in calloc. Under Asan, with
a modern Clang, this triggers an Asan complaint. The complaint can be
avoided with ASAN_OPTIONS=allocator_may_return_null=1, but this has to
be set in the environment before the program starts, and could hide
other errors.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-22 17:56:26 +01:00
Jerry Yu
aa5dc24df9 Change if to switch case
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:25 +08:00